commit 7451b34e68b5164cec6f29b6660881e1afef6ab8
parent f6c8265044df304827f20e13922bd0c5a4f8ceaa
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 21 Feb 2021 16:51:34 +0100
parent f6c8265044df304827f20e13922bd0c5a4f8ceaa
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 21 Feb 2021 16:51:34 +0100
roles/syncthing: move firewall config to extra file
3 files changed, 25 insertions(+), 23 deletions(-)
diff --git a/roles/syncthing/tasks/configure.yml b/roles/syncthing/tasks/configure.yml @@ -7,26 +7,3 @@ mode: 0755 when: - ansible_service_mgr == "openrc" - -- name: "[nftables] Create rule for: syncthing" - copy: - src: nftables-rule.nft - dest: /etc/nftables.d/syncthing.nft - when: - - network.nftables.enable is true - -- name: "[OpenRC] Restart service: nftables" - service: - name: nftables - state: restarted - when: - - ansible_service_mgr == "openrc" - - network.nftables.enable is true - -- name: "[systemd] Restart service: nftables" - systemd: - name: nftables - state: restarted - when: - - ansible_service_mgr == "systemd" - - network.nftables.enable is true
diff --git a/roles/syncthing/tasks/firewall.yml b/roles/syncthing/tasks/firewall.yml @@ -0,0 +1,20 @@ +--- + +- name: "[nftables] Create rule for: syncthing" + copy: + src: nftables-rule.nft + dest: /etc/nftables.d/syncthing.nft + +- name: "[OpenRC] Restart service: nftables" + service: + name: nftables + state: restarted + when: + - ansible_service_mgr == "openrc" + +- name: "[systemd] Restart service: nftables" + systemd: + name: nftables + state: restarted + when: + - ansible_service_mgr == "systemd"
diff --git a/roles/syncthing/tasks/main.yml b/roles/syncthing/tasks/main.yml @@ -15,6 +15,11 @@ - services.syncthing.enable is defined - services.syncthing.enable is true +- import_tasks: firewall.yml + when: + - services.syncthing.enable is defined + - services.syncthing.enable is true + - network.nftables.enable is true - import_tasks: start.yml when: