ansible-role-mastodon/tasks/bare/firewall-cmd.yml

---
- name: "Start and enable FirewallD service"
  become: true
  #Workaround for "Interactive authentication required" issue
  become_user: root
  service: "name={{ item }} state=started enabled=yes"
  with_items:
  - firewalld

- name: Allow SSH, HTTP and HTTPS through the firewall
  firewalld:
    permanent: true
    immediate: true
    service: "{{ item }}"
    state: enabled
  with_items:
  - http
  - https
  - ssh

- name: Add localhost lo interface to the trusted zone
  firewalld:
    permanent: true
    immediate: true
    interface: "{{ item }}"
    zone: trusted
    state: enabled
  with_items:
  - lo
adapt code from mastodon-ansible 2022-11-19 10:10:57 +01:00			`---`
			`- name: "Start and enable FirewallD service"`
			`become: true`
			`#Workaround for "Interactive authentication required" issue`
			`become_user: root`
			`service: "name={{ item }} state=started enabled=yes"`
			`with_items:`
			`- firewalld`

			`- name: Allow SSH, HTTP and HTTPS through the firewall`
			`firewalld:`
			`permanent: true`
			`immediate: true`
			`service: "{{ item }}"`
			`state: enabled`
			`with_items:`
			`- http`
			`- https`
			`- ssh`

			`- name: Add localhost lo interface to the trusted zone`
			`firewalld:`
			`permanent: true`
			`immediate: true`
			`interface: "{{ item }}"`
			`zone: trusted`
			`state: enabled`
			`with_items:`
			`- lo`