From e0ecbe4eabfb4d3bc4b371d544314bdcb900551e Mon Sep 17 00:00:00 2001
From: Tyler Hale <tyler@haletek.com>
Date: Tue, 23 Aug 2022 08:16:12 -0600
Subject: [PATCH] Adding option for not configuring firewall

---
 README.md                    | 2 +-
 roles/base/defaults/main.yml | 7 ++++++-
 roles/base/tasks/debian.yml  | 1 +
 roles/base/tasks/redhat.yml  | 1 +
 4 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index f4665fb..4a07ca7 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ If the "base_core_hostname" variable is defined, it is recommended to set the an
 | base_core_ssh_permit_root_login              | Yes      | False         | True, False | Permits the use of root logins for ssh                                     |
 | base_core_timezone                           | No       | America/Boise |             | Defines the timezone to apply to the client                                |
 | base_core_web_management                     | Yes      | False         | True, False | Enables installation of the Cockpit web management package(s)              |
-
+| base_core_firewall_configure                 | No       | True          | True, False | Allows the firewall to be configured                                       |
 
 ## Example
 
diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml
index 3359a38..dd91ca0 100644
--- a/roles/base/defaults/main.yml
+++ b/roles/base/defaults/main.yml
@@ -17,6 +17,12 @@ base_core_management_user_disable_password: false
 # Install all available updates at runtime
 base_core_install_updates: true
 
+# Firewall
+# ========
+
+# Allows the firewall to be configured
+base_core_firewall_configure: true
+
 # Hostname
 # ========
 
@@ -65,7 +71,6 @@ base_core_cert_common_name: "{{ ansible_facts['nodename'] }}"
 # Defines the timezone to apply to the client
 base_core_timezone: "America/Boise"
 
-
 # Web Management
 # ==============
 
diff --git a/roles/base/tasks/debian.yml b/roles/base/tasks/debian.yml
index ac4100c..557198b 100644
--- a/roles/base/tasks/debian.yml
+++ b/roles/base/tasks/debian.yml
@@ -36,5 +36,6 @@
     file: debian_firewall.yml
     apply:
       tags: firewall
+  when: base_core_firewall_configure == true
   tags:
   - firewall
diff --git a/roles/base/tasks/redhat.yml b/roles/base/tasks/redhat.yml
index 41277f8..bd6c2c3 100644
--- a/roles/base/tasks/redhat.yml
+++ b/roles/base/tasks/redhat.yml
@@ -37,5 +37,6 @@
     file: redhat_firewall.yml
     apply:
       tags: firewall
+  when: base_core_firewall_configure == true
   tags:
   - firewall