forked from evolix/ansible-roles
minifirewall-tail: simplify template selection
This commit is contained in:
parent
fd5324db84
commit
02019e82e3
|
@ -3,8 +3,8 @@
|
||||||
Compiles a `minifirewall.tail` file based on templates and source it at the end of minifirewall configuration.
|
Compiles a `minifirewall.tail` file based on templates and source it at the end of minifirewall configuration.
|
||||||
|
|
||||||
Templates are looked up in that order :
|
Templates are looked up in that order :
|
||||||
1. `{{ playbook_dir}}/templates/minifirewall-tail/{{ inventory_hostname}}`
|
1. `{{ playbook_dir}}/templates/minifirewall-tail/minifirewall.{{ inventory_hostname}}.tail.j2`
|
||||||
2. `{{ playbook_dir}}/templates/minifirewall-tail/{{ host_group}}` (NB : `host_group` is not a core variable, it must be defined in `group_vars` files.)
|
2. `{{ playbook_dir}}/templates/minifirewall-tail/minifirewall.{{ host_group}}.tail.j2` (NB : `host_group` is not a core variable, it must be defined in `group_vars` files.)
|
||||||
3. `{{ playbook_dir}}/templates/minifirewall-tail/default`
|
3. `{{ playbook_dir}}/templates/minifirewall-tail/minifirewall.default.tail.j2`
|
||||||
|
|
||||||
If nothing is found, the role falls back to the temlate embedded in the role : `templates/default`
|
If nothing is found, the role falls back to the template embedded in the role : `templates/minifirewall.default.tail.j2`
|
||||||
|
|
|
@ -5,17 +5,14 @@
|
||||||
dest: /etc/default/minifirewall.tail
|
dest: /etc/default/minifirewall.tail
|
||||||
force: yes
|
force: yes
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- files:
|
- "templates/minifirewall-tail/minifirewall.{{ inventory_hostname }}.tail.j2"
|
||||||
- "{{ inventory_hostname }}"
|
- "templates/minifirewall-tail/minifirewall.{{ host_group }}.tail.j2"
|
||||||
- "{{ host_group }}"
|
- "templates/minifirewall-tail/minifirewall.default.tail.j2"
|
||||||
- general
|
- "minifirewall.default.tail.j2"
|
||||||
paths:
|
register: minifirewall_tail_template
|
||||||
- templates/minifirewall-tail
|
|
||||||
- default
|
|
||||||
register: minifirewall_tail_file
|
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
var: minifirewall_tail_file
|
var: minifirewall_tail_template
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
|
|
||||||
- name: source minifirewall.tail at the end of the main file
|
- name: source minifirewall.tail at the end of the main file
|
||||||
|
@ -49,7 +46,7 @@
|
||||||
register: minifirewall_init_restart
|
register: minifirewall_init_restart
|
||||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||||
when: minifirewall_is_running.rc == 0 and (minifirewall_tail_file | changed or minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
when: minifirewall_is_running.rc == 0 and (minifirewall_tail_template | changed or minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
var: minifirewall_init_restart
|
var: minifirewall_init_restart
|
||||||
|
|
Loading…
Reference in a new issue