From 9a09ed2fc2231c005d5c1c99a6ef5176c6d47ee7 Mon Sep 17 00:00:00 2001 From: Daniel Matthews Date: Fri, 5 Jan 2024 14:27:36 +0000 Subject: [PATCH] Fix firewalld role vars (#20) Changes: Fix a number of incorrectly named firewalld role variables. --- playbooks/group_vars/db.yml | 2 +- playbooks/group_vars/web.yml | 6 +++--- .../inventory/group_vars/container_service_host.yml | 4 ++-- tests/molecule/resources/inventory/group_vars/web.yml | 10 +++++----- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/playbooks/group_vars/db.yml b/playbooks/group_vars/db.yml index 4a45fa4..e8f705a 100644 --- a/playbooks/group_vars/db.yml +++ b/playbooks/group_vars/db.yml @@ -37,6 +37,6 @@ postgresql_ssl_certificate: provider: "selfsigned" cache_filename: "{{ database_server_certificate_cache_filename }}" # where to store the server certificate in cache -rich_rules: +firewalld_rich_rules: - zone: "internal" rule: "family=ipv4 source address={{ xnat_web_server.subnet | default(xnat_web_server.ip + '/32') }} port protocol=tcp port={{ xnat_db.port }} accept" diff --git a/playbooks/group_vars/web.yml b/playbooks/group_vars/web.yml index 787d1f4..61d14b9 100644 --- a/playbooks/group_vars/web.yml +++ b/playbooks/group_vars/web.yml @@ -66,13 +66,13 @@ java: ldap_ca_cert_file_on_client: "{{ xnat.install_downloads }}/certs/ldap-ca.cert" # mirsg.infrastructure.firewalld -internal_zone_open_services: +firewalld_internal_zone_open_services: - http - https - ssh -public_zone_open_services: +firewalld_public_zone_open_services: - http - https -work_zone_open_services: +firewalld_work_zone_open_services: - http - https diff --git a/tests/molecule/resources/inventory/group_vars/container_service_host.yml b/tests/molecule/resources/inventory/group_vars/container_service_host.yml index 68ba41f..cc0fb68 100644 --- a/tests/molecule/resources/inventory/group_vars/container_service_host.yml +++ b/tests/molecule/resources/inventory/group_vars/container_service_host.yml @@ -6,8 +6,8 @@ docker_client_hostnames: docker_tls_verify: false # mirsg.infrastructure.firewalld -internal_zone_sources: +firewalld_internal_zone_sources: - "{{ xnat_web_server.subnet | default(xnat_web_server.ip + '/32') }}" -internal_zone_ports: +firewalld_internal_zone_ports: - "{{ docker_server_port }}" diff --git a/tests/molecule/resources/inventory/group_vars/web.yml b/tests/molecule/resources/inventory/group_vars/web.yml index dbba664..acd1426 100644 --- a/tests/molecule/resources/inventory/group_vars/web.yml +++ b/tests/molecule/resources/inventory/group_vars/web.yml @@ -1,19 +1,19 @@ --- # mirsg.infrastructure.firewalld -allow_public_access: true +firewalld_allow_public_access: true -public_zone_sources: +firewalld_public_zone_sources: - "0.0.0.0/0" -internal_zone_ports: +firewalld_internal_zone_ports: - "{{ dicom_port }}" - "{{ tomcat_port }}" -work_zone_ports: +firewalld_work_zone_ports: - "{{ dicom_port }}" - "{{ tomcat_port }}" -public_zone_ports: +firewalld_public_zone_ports: - "{{ dicom_port }}" - "{{ tomcat_port }}"