saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity

traefik: Add option to disable firewalld tasks

Browse source 
This allows installing this setup on systems without firewalld
This commit is contained in:
saibotk 2021-09-21 05:04:38 +02:00
parent 8b6d3bdb7f
commit eb5ae6a7a2
Signed by: saibotk
GPG key ID: 67585F0065E261D5
2 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
roles/traefik/defaults/main.yml
View file

@ -127,3 +127,6 @@ traefik_selinux_enabled: true
# The SELinux levels for tor/traefiks folders/container # The SELinux levels for tor/traefiks folders/container
traefik_selinux_level: "{{ omit }}" traefik_selinux_level: "{{ omit }}"
traefik_tor_selinux_level: "{{ omit }}" traefik_tor_selinux_level: "{{ omit }}"
# Enable or disable firewalld handling (Allowing HTTP/HTTPS and trusting the docker network if necessary)
traefik_firewalld_enabled: true

5
roles/traefik/tasks/main.yml
View file

@ -99,6 +99,7 @@
tags: tags:
- firewall - firewall
when: when:
- traefik_firewalld_enabled
- docker_package in ansible_facts.packages - docker_package in ansible_facts.packages
- ansible_facts.packages[docker_package][0].version is version('20.10', '<') - ansible_facts.packages[docker_package][0].version is version('20.10', '<')
@ -151,6 +152,8 @@
- http - http
- https - https
become: true become: true
when:
- traefik_firewalld_enabled
tags: tags:
- firewall - firewall
@ -181,6 +184,7 @@
- 80 - 80
- 443 - 443
when: when:
- traefik_firewalld_enabled
- traefik_ipv6 is defined - traefik_ipv6 is defined
- traefik_ipv6.enabled - traefik_ipv6.enabled
- traefik_ipv6.ip_addr is defined - traefik_ipv6.ip_addr is defined
@ -213,6 +217,7 @@
- 80 - 80
- 443 - 443
when: when:
- traefik_firewalld_enabled
- traefik_ipv6 is defined - traefik_ipv6 is defined
- traefik_ipv6.enabled - traefik_ipv6.enabled
- traefik_ipv6.ip_addr is defined - traefik_ipv6.ip_addr is defined