Remove ferm dependency and put rules in envvar. See debops/debops-pla…

…ybooks#192 for details

defaults/main.yml

@@ -246,3 +246,29 @@ samba__default_shares:
     guest_ok: 'yes'
 
 # .. )))
+
+# .. envvar:: samba__ferm__dependent_rules: (((
+#
+# Configuration for :command:`iptables` firewall managed by :program:`ferm`.
+samba__ferm__dependent_rules:
+
+  - type: 'dport_accept'
+    protocol: [ 'udp' ]
+    dport: [ 'netbios-ns', 'netbios-dgm' ]
+    saddr: '{{ samba__allow }}'
+    accept_any: True
+    filename: 'samba__dependency_accept_udp'
+    delete: '{{ "samba" not in samba__base_packages }}'
+    weight: '50'
+
+  - type: 'dport_accept'
+    protocol: [ 'tcp' ]
+    dport: [ 'netbios-ssn', 'microsoft-ds' ]
+    saddr: '{{ samba__allow }}'
+    accept_any: True
+    filename: 'samba__dependency_accept_tcp'
+    delete: '{{ "samba" not in samba__base_packages }}'
+    weight: '50'
+
+
+# .. )))

meta/main.yml

@@ -1,30 +1,5 @@
 ---
 
-dependencies:
-
-  - role: debops.ferm
-    tags: [ 'depend::ferm', 'depend::ferm:samba',
-            'depend-of::samba', 'type::dependency' ]
-    ferm_input_list:
-
-      - type: 'dport_accept'
-        protocol: [ 'udp' ]
-        dport: [ 'netbios-ns', 'netbios-dgm' ]
-        saddr: '{{ samba__allow }}'
-        accept_any: True
-        filename: 'samba__dependency_accept_udp'
-        delete: '{{ "samba" not in samba__base_packages }}'
-        weight: '50'
-
-      - type: 'dport_accept'
-        protocol: [ 'tcp' ]
-        dport: [ 'netbios-ssn', 'microsoft-ds' ]
-        saddr: '{{ samba__allow }}'
-        accept_any: True
-        filename: 'samba__dependency_accept_tcp'
-        delete: '{{ "samba" not in samba__base_packages }}'
-        weight: '50'
-
 galaxy_info:
 
   company: 'DebOps'