ansible-roles/evobackup-client/tasks/open_ssh_ports.yml

---

- name: Is there a Minifirewall ?
  ansible.builtin.stat:
    path: /etc/default/minifirewall
  register: evobackup_client__minifirewall
  tags:
    - evobackup_client
    - evobackup_client_backup_firewall

- name: Add backup SSH port in /etc/default/minifirewall
  ansible.builtin.blockinfile:
    dest: /etc/default/minifirewall
    marker: "# {mark} {{ item.name }}"
    block: |
      /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
  loop: "{{ evobackup_client__hosts }}"
  notify: restart minifirewall
  when: evobackup_client__minifirewall.stat.exists
  tags:
    - evobackup_client
    - evobackup_client_backup_firewall
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`---`

			`- name: Is there a Minifirewall ?`
Use FQCN Fully Qualified Collection Name 2023-03-20 23:33:19 +01:00			`ansible.builtin.stat:`
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`path: /etc/default/minifirewall`
Changed variables to all lower snake case for evobackup-client Not just esthetic, for some reason ansible refused to run with '-' somewhere and I just could not find where, changing variables and tags to use '_' fixed it. It's more consistent anyway. 2019-09-06 23:49:40 +02:00			`register: evobackup_client__minifirewall`
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`tags:`
Changed variables to all lower snake case for evobackup-client Not just esthetic, for some reason ansible refused to run with '-' somewhere and I just could not find where, changing variables and tags to use '_' fixed it. It's more consistent anyway. 2019-09-06 23:49:40 +02:00			`- evobackup_client`
			`- evobackup_client_backup_firewall`
Added evobackup-client role 2019-08-30 20:43:52 +02:00
			`- name: Add backup SSH port in /etc/default/minifirewall`
Use FQCN Fully Qualified Collection Name 2023-03-20 23:33:19 +01:00			`ansible.builtin.blockinfile:`
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`dest: /etc/default/minifirewall`
Handle backup jail creation Does not handle sync step yet 2019-10-07 18:28:25 +02:00			`marker: "# {mark} {{ item.name }}"`
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`block: \|`
Allow heterogeneous ports This makes it a bit more annoying to define default hosts for multiple machines, but it's not that bad and it's better than not being able to define heterogeous ports. 2019-09-03 16:29:05 +02:00			`/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT`
Use 'loop' syntax instead of 'with_items' 2021-05-04 14:18:40 +02:00			`loop: "{{ evobackup_client__hosts }}"`
fixed typo in evobackup-cilent Not sure how this slipped in 2019-09-23 21:26:30 +02:00			`notify: restart minifirewall`
Changed variables to all lower snake case for evobackup-client Not just esthetic, for some reason ansible refused to run with '-' somewhere and I just could not find where, changing variables and tags to use '_' fixed it. It's more consistent anyway. 2019-09-06 23:49:40 +02:00			`when: evobackup_client__minifirewall.stat.exists`
Added evobackup-client role 2019-08-30 20:43:52 +02:00			`tags:`
Changed variables to all lower snake case for evobackup-client Not just esthetic, for some reason ansible refused to run with '-' somewhere and I just could not find where, changing variables and tags to use '_' fixed it. It's more consistent anyway. 2019-09-06 23:49:40 +02:00			`- evobackup_client`
			`- evobackup_client_backup_firewall`