squid: minifirewall main file is configurable

2018-12-04 14:24:38 +01:00 · 2018-12-04 14:24:38 +01:00 · c96e8130ff
parent c3e4a78442
commit c96e8130ff
2 changed files with 7 additions and 5 deletions
--- a/squid/defaults/main.yml
+++ b/squid/defaults/main.yml
@ -6,3 +6,5 @@ squid_address: "{{ ansible_default_ipv4.address }}"
 squid_whitelist_items: []
 squid_localproxy_enable: False
 minifirewall_main_file: /etc/default/minifirewall
--- a/squid/tasks/minifirewall.yml
+++ b/squid/tasks/minifirewall.yml
@ -1,28 +1,28 @@
 ---
 - name: Check if Minifirewall is present
  stat:
-    path: /etc/default/minifirewall
+    path: "{{ minifirewall_main_file }}"
  check_mode: no
  register: minifirewall_test
 - block:
  - name: HTTPSITES list is commented in minifirewall
    replace:
-      dest: /etc/default/minifirewall
+      dest: "{{ minifirewall_main_file }}"
      regexp: "^(HTTPSITES='[^0-9])"
      replace: '#\1'
    notify: restart minifirewall
  - name: all HTTPSITES are authorized in minifirewall
    lineinfile:
-      dest: /etc/default/minifirewall
+      dest: "{{ minifirewall_main_file }}"
      line: "HTTPSITES='0.0.0.0/0'"
      insertafter: "^#HTTPSITES="
    notify: restart minifirewall
  - name: add iptables rules for the proxy
    lineinfile:
-      dest: /etc/default/minifirewall
+      dest: "{{ minifirewall_main_file }}"
      regexp: "^#? *{{ item }}"
      line: "{{ item }}"
      insertafter: "^# Proxy"
@ -35,7 +35,7 @@
  - name: remove minifirewall example rule for the proxy
    lineinfile:
-      dest: /etc/default/minifirewall
+      dest: "{{ minifirewall_main_file }}"
      regexp: '^#.*(-t nat).*(-d X\.X\.X\.X)'
      state: absent
    notify: restart minifirewall