forked from evolix/ansible-roles
d226ce594a
Not just esthetic, for some reason ansible refused to run with '-' somewhere and I just could not find where, changing variables and tags to use '_' fixed it. It's more consistent anyway.
22 lines
661 B
YAML
22 lines
661 B
YAML
---
|
|
|
|
- name: Is there a Minifirewall ?
|
|
stat:
|
|
path: /etc/default/minifirewall
|
|
register: evobackup_client__minifirewall
|
|
tags:
|
|
- evobackup_client
|
|
- evobackup_client_backup_firewall
|
|
|
|
- name: Add backup SSH port in /etc/default/minifirewall
|
|
blockinfile:
|
|
dest: /etc/default/minifirewall
|
|
marker: "# {{ item.name }}"
|
|
block: |
|
|
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
with_items: "{{ evobackup_client__hosts }}"
|
|
when: evobackup_client__minifirewall.stat.exists
|
|
tags:
|
|
- evobackup_client
|
|
- evobackup_client_backup_firewall
|