Dell-Omnia-Clusters-HPC-AI/control_plane/roles/control_plane_security/tasks/firewall_settings.yml

#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

- name: Install firewalld
  package:
    name: firewalld
    state: present

- name: Start and enable firewalld
  service:
    name: firewalld
    state: started
    enabled: yes

- name: Firewall ports addition - tcp/udp ports
  firewalld:
    zone: public
    port: "{{ item }}"
    permanent: true
    state: enabled
  with_items:
    - "{{ https_port1 }}"
    - "{{ https_port2 }}"
    - "{{ ldap_port1 }}"
    - "{{ ldap_port2 }}"
    - "{{ kerberos_port1 }}"
    - "{{ kerberos_port2 }}"
    - "{{ kerberos_port3 }}"
    - "{{ kerberos_port4 }}"
    - "{{ dns_port1 }}"
    - "{{ dns_port2 }}"
    - "{{ ntp_port1 }}"
    - "{{ dt_port1 }}"

- name: Reload firewalld
  command: firewall-cmd --reload
  changed_when: true

- name: Stop and disable firewalld
  service:
    name: firewalld
    state: stopped
    enabled: no