From 42c4cea760a6974ae9fff189720c624bc1213da1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Thu, 23 Jun 2022 16:56:40 +0200 Subject: [PATCH] firewalld: Support setting a backend --- roles/firewalld/defaults/main.yml | 2 ++ roles/firewalld/tasks/main.yml | 4 ++-- .../{files/firewalld.conf => templates/firewalld.conf.j2} | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 roles/firewalld/defaults/main.yml rename roles/firewalld/{files/firewalld.conf => templates/firewalld.conf.j2} (98%) diff --git a/roles/firewalld/defaults/main.yml b/roles/firewalld/defaults/main.yml new file mode 100644 index 0000000..1fd96cb --- /dev/null +++ b/roles/firewalld/defaults/main.yml @@ -0,0 +1,2 @@ +--- +firewalld_backend: nftables diff --git a/roles/firewalld/tasks/main.yml b/roles/firewalld/tasks/main.yml index 61833b4..65a92c3 100644 --- a/roles/firewalld/tasks/main.yml +++ b/roles/firewalld/tasks/main.yml @@ -5,8 +5,8 @@ state: present - name: configure firewalld - ansible.builtin.copy: - src: firewalld.conf + ansible.builtin.template: + src: firewalld.conf.j2 dest: /etc/firewalld/firewalld.conf owner: root group: root diff --git a/roles/firewalld/files/firewalld.conf b/roles/firewalld/templates/firewalld.conf.j2 similarity index 98% rename from roles/firewalld/files/firewalld.conf rename to roles/firewalld/templates/firewalld.conf.j2 index f8caf11..f8d24cb 100644 --- a/roles/firewalld/files/firewalld.conf +++ b/roles/firewalld/templates/firewalld.conf.j2 @@ -56,7 +56,7 @@ LogDenied=off # - iptables (iptables, ip6tables, ebtables and ipset) # Note: The iptables backend is deprecated. It will be removed in a future # release. -FirewallBackend=nftables +FirewallBackend={{ firewalld_backend }} # FlushAllOnReload # Flush all runtime rules on a reload. In previous releases some runtime -- 2.44.0