From 685282bf93edabaf6a1162b1afcc9848f91c366b Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 14 Sep 2017 14:26:44 +0200
Subject: [PATCH] minifirewall: fallback when no trusted ip is provided

---
 minifirewall/defaults/main.yml | 2 +-
 minifirewall/tasks/config.yml  | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/minifirewall/defaults/main.yml b/minifirewall/defaults/main.yml
index 94bd3cb4..69e1e8fe 100644
--- a/minifirewall/defaults/main.yml
+++ b/minifirewall/defaults/main.yml
@@ -6,7 +6,7 @@ minifirewall_checkout_path: "/tmp/minifirewall"
 minifirewall_int: "{{ ansible_default_ipv4.interface }}"
 minifirewall_ipv6: "on"
 minifirewall_intlan: "{{ ansible_default_ipv4.address }}/32"
-minifirewall_trusted_ips: []
+minifirewall_trusted_ips: ["0.0.0.0/0"]
 minifirewall_privilegied_ips: []
 
 minifirewall_protected_ports_tcp: [22]
diff --git a/minifirewall/tasks/config.yml b/minifirewall/tasks/config.yml
index 0d91945f..80acf5d0 100644
--- a/minifirewall/tasks/config.yml
+++ b/minifirewall/tasks/config.yml
@@ -28,6 +28,9 @@
 - fail:
     msg: You must provide at least 1 trusted IP
   when: minifirewall_trusted_ips == []
+- debug:
+    msg: "Warning: minifirewall_trusted_ips='0.0.0.0/0', the firewall is useless!"
+  when: minifirewall_trusted_ips == ["0.0.0.0/0"]
 
 - name: Configure IP addresses
   blockinfile: