added switch to firewalld install for Debian/Rhel switch between apt/yum for Debian vs Rhel; this could be handled a variety of ways, but thought to keep this file straightforward for now. Also added comment on iptables, for which firewalld is just a frontend.
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/6512efc7 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/6512efc7 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/6512efc7 Branch: refs/heads/ansible-testing-0.17 Commit: 6512efc7ff9625d35cb6a3d6aefc36c08dda3a63 Parents: 899781d Author: jecoulte <[email protected]> Authored: Fri Jan 27 10:11:25 2017 -0500 Committer: jecoulte <[email protected]> Committed: Fri Jan 27 10:11:25 2017 -0500 ---------------------------------------------------------------------- dev-tools/ansible/roles/env_setup/tasks/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/6512efc7/dev-tools/ansible/roles/env_setup/tasks/main.yml ---------------------------------------------------------------------- diff --git a/dev-tools/ansible/roles/env_setup/tasks/main.yml b/dev-tools/ansible/roles/env_setup/tasks/main.yml index a3ecb8c..9bf484b 100644 --- a/dev-tools/ansible/roles/env_setup/tasks/main.yml +++ b/dev-tools/ansible/roles/env_setup/tasks/main.yml @@ -9,11 +9,19 @@ user: name={{ user }} group={{ group }} become: yes -- name: Install Firewalld +- name: Install Firewalld (RedHat) yum: name=firewalld state=latest update_cache=yes become: yes + when: ansible_os_family == "RedHat" + +- name: Install Firewalld (Debian) + apt: name=firewalld state=latest update_cache=yes + become: yes + when: ansible_os_family == "Debian" + # TODO: stop iptables service, can't have both iptables and firewalld on same host +# firewalld is just a frontend for iptables - so we can't remove it # if we try to stop non existing service ansible fails. # - name: Stop iptables, ip6tables services # service: name="{{ item }}" state=stopped
