54 lines
1.1 KiB
YAML
54 lines
1.1 KiB
YAML
- name: Set the hostname per inventory
|
|
hostname:
|
|
name: "{{ inventory_hostname }}"
|
|
use: systemd
|
|
|
|
- name: Set root password
|
|
user:
|
|
name: root
|
|
password: "{{ root_pw | password_hash('sha512') }}"
|
|
when: root_pw | default(false)
|
|
|
|
- name: Install firewalld on RedHat family
|
|
package:
|
|
name: firewalld
|
|
state: latest
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Install firewalld on Arch
|
|
community.general.pacman:
|
|
name: firewalld
|
|
state: present
|
|
when: ansible_os_family == "Archlinux"
|
|
|
|
- name: Start and enable firewalld
|
|
service:
|
|
name: firewalld
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Add ssh to firewalld
|
|
ansible.posix.firewalld:
|
|
service: ssh
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Add dhcpv6-client to firewalld
|
|
ansible.posix.firewalld:
|
|
service: dhcpv6-client
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Disallow cockpit firewalld
|
|
ansible.posix.firewalld:
|
|
service: cockpit
|
|
state: disabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|