Add default NIC to public zone in firewalld.

2020-02-25 19:56:14 +01:00 · 2020-02-25 19:56:14 +01:00 · df0afe3b71
commit df0afe3b71
parent 849045bfae
2 changed files with 16 additions and 1 deletions
--- a/cloudbox.yml
+++ b/cloudbox.yml
@ -15,7 +15,7 @@
    ## 'nc_download' and 'nc_checksum' are only
    ## used for ansible-pull during installation:
    nc_download: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
-    nc_checksum: "sha256:194095a5586d84040bc455f77b8aa6c80f9a6a6dd713c9aebdad046713d4267b"
+    nc_checksum: "sha256:770faf34b8f0d81273623daed4d64ec7919c38dfeb07328b613058addbed19c0"
    nc_apps:
      - calendar
      - notes
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -257,8 +257,23 @@
  failed_when:  cmd_result.stdout is not search('already installed') and cmd_result.rc != 0
  when: allow_download

+
+- name: add default NIC to public zone
+  firewalld:
+    interface: "{{ ansible_default_ipv4.interface }}"
+    zone: public
+    permanent: Yes
+    immediate: Yes
+    state: enabled
+  when: not run_in_installer|default(false)|bool
+
+- name: add default NIC to public zone, offline
+  command: "firewall-offline-cmd --add-interface={{ ansible_default_ipv4.interface }} --zone=public"
+  when: run_in_installer|default(false)|bool
+
 - name: allow https in firewalld
  firewalld:
+    zone: public
    service: https
    permanent: Yes
    immediate: Yes