Commit 363c00ff by Czémán Arnold Committed by cloud

fwdriver: disable os firewall

parent 45795a3a
...@@ -3,6 +3,16 @@ include: ...@@ -3,6 +3,16 @@ include:
- fwdriver.virtualenv - fwdriver.virtualenv
- fwdriver.configuration - fwdriver.configuration
disable_os_firewall:
cmd.run:
{% if grains['os_family'] == 'RedHat' %}
- name: >
systemctl disable firewalld ;
systemctl stop firewalld
{% else %}
- name: ufw disable
{% endif %}
firewall: firewall:
pkg.installed: pkg.installed:
- pkgs: - pkgs:
......
...@@ -131,17 +131,17 @@ apparmor: ...@@ -131,17 +131,17 @@ apparmor:
{% if pillar["deployment_mode"] == "multinode" %} {% if pillar["deployment_mode"] == "multinode" %}
open_libvirt_ports: open_libvirt_ports:
cmd.run: cmd.run:
{% if grains['os_family'] == 'RedHat' %} {% if grains['os_family'] == 'RedHat' %}
- name: > - name: >
firewall-cmd --complete-reload ; firewall-cmd --complete-reload ;
firewall-cmd --permanent --zone=public --add-port=49152-49215/tcp ; firewall-cmd --permanent --zone=public --add-port=49152-49215/tcp ;
firewall-cmd --permanent --zone=public --add-port=16509/tcp ; firewall-cmd --permanent --zone=public --add-port=16509/tcp ;
firewall-cmd --reload firewall-cmd --reload
{% else %} {% else %}
- name: > - name: >
ufw allow 49152:49215/tcp ; ufw allow 49152:49215/tcp ;
ufw allow 16509/tcp ufw allow 16509/tcp
{% endif %} {% endif %}
{% endif %} {% endif %}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment