hacer de firewall un rol Ansible

2025-10-23 11:10:13 -03:00
parent 0d48f04f15
commit e1b4fb8ba1
5 changed files with 17 additions and 16 deletions
--- a/deploy.yml
+++ b/deploy.yml
@ -3,13 +3,14 @@
 ---
 - hosts: "{{ host }}"
  tasks:
-    - include_tasks: "tasks/firewall.yml"
-      tags: firewall
    - name: import matrix
      local_action: "include_vars dir=./ files_matching={{ alt }}.yml"

    - include_role: name=althost

+    - include_role: name=firewall
+      tags: firewall
+    
    - include_role: name=proxy
      tags: proxy

--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@ -0,0 +1,14 @@
+    - name: "Paquetes"
+      apt:
+        name:
+        - "iptables-persistent"
+        - "ipset-persistent"
+        state: "present"
+
+    - name: "Rules"
+      with_items:
+      - "rules.v4"
+      - "rules.v6"
+      template:
+        src: "{{ item }}.j2"
+        dest: "/etc/iptables/{{ item }}"
--- a/roles/firewall/templates/rules.v4.j2
+++ b/roles/firewall/templates/rules.v4.j2
--- a/roles/firewall/templates/rules.v6.j2
+++ b/roles/firewall/templates/rules.v6.j2
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@ -1,14 +0,0 @@
---
- name: "Paquetes"
-  apt:
-    name:
-    - "iptables-persistent"
-    - "ipset-persistent"
-    state: "present"
- name: "Rules"
-  with_items:
-  - "rules.v4"
-  - "rules.v6"
-  template:
-    src: "templates/{{ item }}.j2"
-    dest: "/etc/iptables/{{ item }}"