Playbook #7

/home/zuul/src/opendev.org/opendev/system-config/playbooks/service-gitea.yaml

Report Status CLI Date Duration Controller User Versions Hosts Plays Tasks Results Files Records
18 Jul 2025 20:49:11 +0000 00:02:01.40 bridge99.opendev.org root Ansible 2.15.13 ara 1.7.2 (client), 1.7.2 (server) Python 3.10.12 1 1 94 92 21 0
check:False tags:all

File: /home/zuul/src/opendev.org/opendev/system-config/playbooks/roles/iptables/tasks/main.yaml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
- name: Include OS-specific variables
  include_vars: "{{ lookup('first_found', params) }}"
  vars:
    params:
      files: "{{ distro_lookup_path }}"
      paths:
        - 'vars'

- name: Install iptables
  package:
    name: '{{ package_name }}'
    state: present

- name: Ensure iptables rules directory
  file:
    state: directory
    path: '{{ rules_dir }}'

- name: Install IPv4 rules files
  template:
    src: rules.v4.j2
    dest: '{{ ipv4_rules }}'
    owner: root
    group: root
    mode: 0640
    setype: '{{ setype | default(omit) }}'
  notify:
    - Reload iptables

- name: Install IPv6 rules files
  template:
    src: rules.v6.j2
    dest: '{{ ipv6_rules }}'
    owner: root
    group: root
    mode: 0640
    setype: '{{ setype | default(omit) }}'
  notify:
    - Reload iptables

- name: Include OS specific tasks
  include_tasks: "{{ item }}"
  vars:
    params:
      files: "{{ distro_lookup_path }}"
  loop: "{{ query('first_found', params, errors='ignore') }}"

- name: Enable iptables service
  service:
    name: '{{ service_name }}'
    enabled: true