From 531db2c1ee9b3e4f937c1c3311ed34d72de5ddb8 Mon Sep 17 00:00:00 2001
From: David Galloway <dgallowa@redhat.com>
Date: Wed, 27 May 2020 12:08:02 -0400
Subject: [PATCH] dhcp-server: Skip configuring firewalld if not installed

Signed-off-by: David Galloway <dgallowa@redhat.com>
---
 roles/dhcp-server/README.rst     | 2 +-
 roles/dhcp-server/tasks/main.yml | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/roles/dhcp-server/README.rst b/roles/dhcp-server/README.rst
index 4335502b..6cd3fc83 100644
--- a/roles/dhcp-server/README.rst
+++ b/roles/dhcp-server/README.rst
@@ -8,7 +8,7 @@ Notes
 
 This role is heavily modified to be primarily useful for our test labs that only have two or three subnets.  See https://wiki.sepia.ceph.com/doku.php?id=services:networking.
 
-This role checks for firewalld and iptables.  It will configure firewalld unless iptables is running.  It **does not** configure iptables.  At the time the role was created, our DHCP server was running other services and its iptables was already heavily modified and configured.  This reason, along with firewalld being the default in CentOS 7, is why iptables configuration is skipped.
+This role checks for firewalld and iptables.  It will configure firewalld unless iptables is running.  It **does not** configure iptables and will not install or configure firewalld if it's not installed.   At the time the role was created, our DHCP server was running other services and its iptables was already heavily modified and configured.  This reason, along with firewalld being the default in CentOS 7, is why iptables configuration is skipped.
 
 Variables
 +++++++++
diff --git a/roles/dhcp-server/tasks/main.yml b/roles/dhcp-server/tasks/main.yml
index 38e0c6e9..2c9f9f46 100644
--- a/roles/dhcp-server/tasks/main.yml
+++ b/roles/dhcp-server/tasks/main.yml
@@ -20,7 +20,9 @@
     name: firewalld
     state: started
     enabled: yes
-  when: iptables_state.rc != 0
+  when:
+    - iptables_state.rc != 0
+    - "'No such file or directory' not in firewalld_state.msg"
 
 - name: Configure firewalld
   firewalld:
@@ -28,7 +30,9 @@
     state: enabled
     permanent: true
     immediate: yes
-  when: iptables_state.rc != 0
+  when:
+    - iptables_state.rc != 0
+    - "'No such file or directory' not in firewalld_state.msg"
 
 - name: Write global dhcpd.conf
   template:
-- 
2.47.3