Adding variable for managing firewall ports

2021-09-25 08:41:14 -06:00 · 2021-09-25 08:41:14 -06:00 · d038403979
commit d038403979
parent c5283b1487
3 changed files with 24 additions and 26 deletions
--- a/roles/haproxy/defaults/main.yml
+++ b/roles/haproxy/defaults/main.yml
@ -9,6 +9,15 @@ haproxy_shared_ip: ""
 haproxy_shared_ip_subnet: "/24"
 haproxy_shared_virtual_router_id: 25
 haproxy_keepalived_process_weight: 10
+haproxy_listen_ports: 
+  - port : 22
+    protocol: tcp
+  - port : 80
+    protocol: tcp
+  - port : 443
+    protocol: tcp
+  - port : 9999
+    protocol: tcp

 # Set per host

--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@ -110,19 +110,7 @@
    permanent: yes
    immediate: yes
    state: enabled
-  with_items:
-    - {port: "22", protocol: "tcp"}
-    - {port: "80", protocol: "tcp"}
-    - {port: "443", protocol: "tcp"}
-  notify: reload firewalld
-  become: yes
-
- name: Enable firewall ports for haproxy stats
-  firewalld:
-    port: "9999/tcp"
-    permanent: yes
-    immediate: yes
-    state: enabled
+  loop: "{{ haproxy_listen_ports }}"
  notify: reload firewalld
  become: yes