From 591eda90e173b65c287b8cbc424c11e2b79201da Mon Sep 17 00:00:00 2001 From: Nemo Date: Sat, 11 Jul 2020 16:10:53 +0200 Subject: [PATCH] Add condition to iptables role --- group_vars/os_debian.yml | 1 - roles/client_iptables/README.md | 3 +++ roles/client_iptables/defaults/main.yml | 3 +++ roles/client_iptables/tasks/main.yml | 2 ++ 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/group_vars/os_debian.yml b/group_vars/os_debian.yml index e967176..31895e5 100644 --- a/group_vars/os_debian.yml +++ b/group_vars/os_debian.yml @@ -22,4 +22,3 @@ tools_package: - sed - grep - net-tools - diff --git a/roles/client_iptables/README.md b/roles/client_iptables/README.md index 4627776..c2eec00 100644 --- a/roles/client_iptables/README.md +++ b/roles/client_iptables/README.md @@ -24,6 +24,9 @@ All variables and default values are defined in `defaults/main.yml` : # All incoming authorized IP ip_authorized: [] + + # Set to false to avoid iptables configure with this role + configure_iptables: true Dependencies ------------ diff --git a/roles/client_iptables/defaults/main.yml b/roles/client_iptables/defaults/main.yml index c46847c..1221999 100644 --- a/roles/client_iptables/defaults/main.yml +++ b/roles/client_iptables/defaults/main.yml @@ -10,3 +10,6 @@ udp_authorized_ports: [] # All incoming authorized IP (all ports and all protocols) ip_authorized: [] + +# Set to false to avoid iptables configure with this role +configure_iptables: true diff --git a/roles/client_iptables/tasks/main.yml b/roles/client_iptables/tasks/main.yml index d8f044e..6f16280 100644 --- a/roles/client_iptables/tasks/main.yml +++ b/roles/client_iptables/tasks/main.yml @@ -2,4 +2,6 @@ # Main tasks file for client_iptables - import_tasks: package.yml + when: configure_iptables - import_tasks: iptables.yml + when: configure_iptables