nameserver: Configure firewalld to allow DNS traffic

author David Galloway <dgallowa@redhat.com>

Thu, 21 Apr 2016 02:25:57 +0000 (22:25 -0400)

committer David Galloway <dgallowa@redhat.com>

Fri, 22 Apr 2016 16:37:47 +0000 (12:37 -0400)
author David Galloway <dgallowa@redhat.com>
Thu, 21 Apr 2016 02:25:57 +0000 (22:25 -0400)
committer David Galloway <dgallowa@redhat.com>
Fri, 22 Apr 2016 16:37:47 +0000 (12:37 -0400)
diff --git a/roles/nameserver/tasks/firewall.yml b/roles/nameserver/tasks/firewall.yml

new file mode 100644 (file)

index 0000000..6ed628a
--- /dev/null
+++ b/roles/nameserver/tasks/firewall.yml
@@ -0,0 +1,13 @@
+---
+- name: Enable firewalld
+  service:
+    name: firewalld
+    enabled: yes
+    state: started
+
+- name: Allow incoming DNS traffic
+  firewalld:
+    service: dns
+    permanent: true
+    immediate: yes
+    state: enabled
diff --git a/roles/nameserver/tasks/main.yml b/roles/nameserver/tasks/main.yml

index f487ee37437fb1efdd56ed51d97e1dc6a0a17320..5a59d54b3dbfc9c1b17617f178258cbf9f0cbf0c 100644 (file)
--- a/roles/nameserver/tasks/main.yml
+++ b/roles/nameserver/tasks/main.yml
@@ -4,6 +4,11 @@
    tags:
      - packages
  
+# Configure firewalld
+- include: firewall.yml
+  tags:
+    - firewall
+
  # Configure BIND
  - include: config.yml
    tags:
author	David Galloway <dgallowa@redhat.com>
	Thu, 21 Apr 2016 02:25:57 +0000 (22:25 -0400)
committer	David Galloway <dgallowa@redhat.com>
	Fri, 22 Apr 2016 16:37:47 +0000 (12:37 -0400)
roles/nameserver/tasks/firewall.yml	[new file with mode: 0644]	patch \| blob
roles/nameserver/tasks/main.yml		patch \| blob \| history