|
|
|
@ -5,6 +5,8 @@ |
|
|
|
state: present |
|
|
|
state: present |
|
|
|
update_cache: yes |
|
|
|
update_cache: yes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Nejdriv bych zacal vypnutim stavajici service |
|
|
|
|
|
|
|
|
|
|
|
- name: sw-node-exporter | PRE - 2. Stop, disable and mask ufw service |
|
|
|
- name: sw-node-exporter | PRE - 2. Stop, disable and mask ufw service |
|
|
|
ansible.builtin.systemd: |
|
|
|
ansible.builtin.systemd: |
|
|
|
state: stopped |
|
|
|
state: stopped |
|
|
|
@ -20,12 +22,17 @@ |
|
|
|
enabled: yes |
|
|
|
enabled: yes |
|
|
|
daemon_reload: yes |
|
|
|
daemon_reload: yes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Tady uz musis mit nejaky default set rules, at si neodrezes ssh |
|
|
|
|
|
|
|
|
|
|
|
- name: sw-node-exporter | PRE - 4. Allow traffic in default zone on port 9100/tcp |
|
|
|
- name: sw-node-exporter | PRE - 4. Allow traffic in default zone on port 9100/tcp |
|
|
|
ansible.posix.firewalld: |
|
|
|
ansible.posix.firewalld: |
|
|
|
port: 9100/tcp |
|
|
|
port: 9100/tcp |
|
|
|
permanent: yes |
|
|
|
permanent: yes |
|
|
|
state: enabled |
|
|
|
state: enabled |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#restart resis handlerem, tedy k tasku allow traffic napis notify: restart firewalld |
|
|
|
|
|
|
|
# handler https://docs.ansible.com/ansible/latest/user_guide/playbooks_handlers.html |
|
|
|
|
|
|
|
|
|
|
|
- name: sw-node-exporter | PRE - 5. Reload firewalld service |
|
|
|
- name: sw-node-exporter | PRE - 5. Reload firewalld service |
|
|
|
ansible.builtin.systemd: |
|
|
|
ansible.builtin.systemd: |
|
|
|
state: restarted |
|
|
|
state: restarted |
|
|
|
|
Radim Lipovčan
3 years ago
committed by
GitHub