From 35688eddaf3384eb19e581c6c5f81ed98cbbbaba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Fra=C3=9F?= Date: Sat, 1 Jun 2024 17:23:42 +0200 Subject: [PATCH] [fix] roles with ufw incocation --- roles/lighttpd/tasks/main.json | 9 ++++++--- roles/murmur/tasks/main.json | 6 ++++-- roles/nginx/tasks/main.json | 6 +++--- roles/proftpd/tasks/main.json | 9 ++++++--- roles/synapse/tasks/main.json | 6 ++++-- 5 files changed, 23 insertions(+), 13 deletions(-) diff --git a/roles/lighttpd/tasks/main.json b/roles/lighttpd/tasks/main.json index 57ec279..d29fcdf 100644 --- a/roles/lighttpd/tasks/main.json +++ b/roles/lighttpd/tasks/main.json @@ -28,16 +28,18 @@ } }, { - "name": "check whether enabling UFW would be considered a change", + "name": "ufw | check", "check_mode": true, + "become": true, "community.general.ufw": { "state": "enabled" }, "register": "ufw_enable_check" }, { - "name": "allow port 80 in ufw", + "name": "ufw | allow port 80", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "80", @@ -45,8 +47,9 @@ } }, { - "name": "allow port 443 in ufw", + "name": "ufw | allow port 443", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "443", diff --git a/roles/murmur/tasks/main.json b/roles/murmur/tasks/main.json index 196e044..1b9ed12 100644 --- a/roles/murmur/tasks/main.json +++ b/roles/murmur/tasks/main.json @@ -26,16 +26,18 @@ } }, { - "name": "check whether enabling UFW would be considered a change", + "name": "ufw | check", "check_mode": true, + "become": true, "community.general.ufw": { "state": "enabled" }, "register": "ufw_enable_check" }, { - "name": "allow port in ufw", + "name": "ufw | allow port", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "{{var_murmur_port | string}}", diff --git a/roles/nginx/tasks/main.json b/roles/nginx/tasks/main.json index 8093955..b468c45 100644 --- a/roles/nginx/tasks/main.json +++ b/roles/nginx/tasks/main.json @@ -29,7 +29,7 @@ } }, { - "name": "check whether enabling UFW would be considered a change", + "name": "ufw | check", "become": true, "check_mode": true, "community.general.ufw": { @@ -38,7 +38,7 @@ "register": "ufw_enable_check" }, { - "name": "Allow port 80 in ufw", + "name": "ufw | allow port 80", "when": "not ufw_enable_check.changed", "become": true, "community.general.ufw": { @@ -48,7 +48,7 @@ } }, { - "name": "Allow port 443 in ufw", + "name": "ufw | allow port 443", "when": "not ufw_enable_check.changed", "become": true, "community.general.ufw": { diff --git a/roles/proftpd/tasks/main.json b/roles/proftpd/tasks/main.json index 6662604..e5bf9a0 100644 --- a/roles/proftpd/tasks/main.json +++ b/roles/proftpd/tasks/main.json @@ -10,16 +10,18 @@ } }, { - "name": "check whether enabling UFW would be considered a change", + "name": "ufw | check", "check_mode": true, + "become": true, "community.general.ufw": { "state": "enabled" }, "register": "ufw_enable_check" }, { - "name": "allow FTP port 20 in ufw", + "name": "ufw | allow port 20", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "20", @@ -27,8 +29,9 @@ } }, { - "name": "allow FTP port 21 in ufw", + "name": "ufw | allow port 21", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "21", diff --git a/roles/synapse/tasks/main.json b/roles/synapse/tasks/main.json index 06fd96f..63e0e78 100644 --- a/roles/synapse/tasks/main.json +++ b/roles/synapse/tasks/main.json @@ -59,7 +59,8 @@ } }, { - "name": "check whether enabling UFW would be considered a change", + "name": "ufw | check", + "become": true, "check_mode": true, "community.general.ufw": { "state": "enabled" @@ -67,8 +68,9 @@ "register": "ufw_enable_check" }, { - "name": "allow matrix federation port in ufw", + "name": "ufw | allow port", "when": "not ufw_enable_check.changed", + "become": true, "community.general.ufw": { "rule": "allow", "port": "8448",