---
# file: roles/mariadb_cluster/tasks/setup-server.yml 

- name: "{{ hostvars[item]['ansible_hostname'] }} - Enable firewall rule for Galera cluster replication traffic (TCP)"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ hostvars[item]["ansible_host"] }}" port port="4567" protocol="tcp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld

- name: "{{ hostvars[item]['ansible_hostname'] }} - Enable firewall rule for Galera cluster replication traffic (UDP)"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ hostvars[item]["ansible_host"] }}" port port="4567" protocol="udp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld

- name: "{{ hostvars[item]['ansible_hostname'] }} - Enable firewall rule for Incremental State Transfer"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ hostvars[item]["ansible_host"] }}" port port="4568" protocol="tcp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld

- name: "{{ hostvars[item]['ansible_hostname'] }} - Enable firewall rule for State Snapshot Transfer"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ hostvars[item]["ansible_host"] }}" port port="4444" protocol="tcp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld