Split firewall tasks in task files

12 files changed, 43 insertions, 35 deletions

diff --git a/roles/bittorrent/tasks/config.yml b/roles/bittorrent/tasks/config.yml
index a299619..0fd37a7 100644
--- a/roles/bittorrent/tasks/config.yml
+++ b/roles/bittorrent/tasks/config.yml
@@ -30,10 +30,3 @@
 
 - name: Désactivation UPnP
   command: transmission-remote --no-portmap
-
-- name: Ouverture des ports Firewalld
-  firewalld: port=51413/tcp permanent={{ item }} state=enabled
-  with_items:
-    - true
-    - false
-  when: ansible_distribution == "Fedora"
diff --git a/roles/bittorrent/tasks/fw.yml b/roles/bittorrent/tasks/fw.yml
new file mode 100644
index 0000000..3749a01
--- /dev/null
+++ b/roles/bittorrent/tasks/fw.yml
@@ -0,0 +1,6 @@
+- name: Ouverture des ports Firewalld
+  firewalld: port=51413/tcp permanent={{ item }} state=enabled
+  with_items:
+    - true
+    - false
+  when: ansible_distribution == "Fedora"
diff --git a/roles/bittorrent/tasks/main.yml b/roles/bittorrent/tasks/main.yml
index 908318f..9382a23 100644
--- a/roles/bittorrent/tasks/main.yml
+++ b/roles/bittorrent/tasks/main.yml
@@ -1,6 +1,9 @@
 - name: Installation des paquets
   import_tasks: pkgs.yml
 
+- name: Ouverture des ports Firewalld
+  import_tasks: fw.yml
+
 - name: Démarrage du service pour accèder à la configuration
   import_tasks: services.yml
 
diff --git a/roles/dnsserver/tasks/config.yml b/roles/dnsserver/tasks/config.yml
index 0618031..73445e1 100644
--- a/roles/dnsserver/tasks/config.yml
+++ b/roles/dnsserver/tasks/config.yml
@@ -15,10 +15,3 @@
   when: is_dnsmaster is defined
   notify: reload named
   with_items: "{{ zonelist }}"
-
-- name: Ouverture des ports Firewalld
-  firewalld: service=dns permanent={{ item }} state=enabled
-  with_items:
-    - true
-    - false
-  when: ansible_distribution == "Fedora"
diff --git a/roles/dnsserver/tasks/fw.yml b/roles/dnsserver/tasks/fw.yml
new file mode 100644
index 0000000..fb5e6b6
--- /dev/null
+++ b/roles/dnsserver/tasks/fw.yml
@@ -0,0 +1,6 @@
+- name: Ouverture des ports Firewalld
+  firewalld: service=dns permanent={{ item }} state=enabled
+  with_items:
+    - true
+    - false
+  when: ansible_distribution == "Fedora"
diff --git a/roles/dnsserver/tasks/main.yml b/roles/dnsserver/tasks/main.yml
index 0951a8e..7fe27b9 100644
--- a/roles/dnsserver/tasks/main.yml
+++ b/roles/dnsserver/tasks/main.yml
@@ -7,6 +7,9 @@
 - name: Configuration du service
   import_tasks: config.yml
 
+- name: Ouverture des ports Firewalld
+  import_tasks: fw.yml
+
 - name: Gestion du service
   import_tasks: services.yml
 
diff --git a/roles/mtaserver/tasks/config.yml b/roles/mtaserver/tasks/config.yml
index af8ae87..9210934 100644
--- a/roles/mtaserver/tasks/config.yml
+++ b/roles/mtaserver/tasks/config.yml
@@ -68,17 +68,3 @@
 - name: Restauration des contextes SELinux des fichiers de conf
   command: /sbin/restorecon -R /etc/postfix/ /etc/aliases
   when: ansible_selinux.status != "disabled"
-
-- name: Ouverture du port SMTP
-  firewalld: service=smtp permanent={{ item }} state=enabled
-  with_items:
-    - true
-    - false
-  when: ansible_distribution == "Fedora" and is_mtamaster is defined
-
-- name: Ouverture du port Submission
-  firewalld: service=smtp-submission permanent={{ item }} state=enabled
-  with_items:
-    - true
-    - false
-  when: ansible_distribution == "Fedora" and is_mtamaster is defined
diff --git a/roles/mtaserver/tasks/fw.yml b/roles/mtaserver/tasks/fw.yml
new file mode 100644
index 0000000..3129a4d
--- /dev/null
+++ b/roles/mtaserver/tasks/fw.yml
@@ -0,0 +1,13 @@
+- name: Ouverture du port SMTP
+  firewalld: service=smtp permanent={{ item }} state=enabled
+  with_items:
+    - true
+    - false
+  when: ansible_distribution == "Fedora" and is_mtamaster is defined
+
+- name: Ouverture du port Submission
+  firewalld: service=smtp-submission permanent={{ item }} state=enabled
+  with_items:
+    - true
+    - false
+  when: ansible_distribution == "Fedora" and is_mtamaster is defined
diff --git a/roles/mtaserver/tasks/main.yml b/roles/mtaserver/tasks/main.yml
index 977ec12..eb3efa7 100644
--- a/roles/mtaserver/tasks/main.yml
+++ b/roles/mtaserver/tasks/main.yml
@@ -4,6 +4,9 @@
 - name: Configuration du service
   import_tasks: config.yml
 
+- name: Ouverture des ports Firewalld
+  import_tasks: fw.yml
+
 - name: Gestion du service
   import_tasks: services.yml
 
diff --git a/roles/ntpserver/tasks/config.yml b/roles/ntpserver/tasks/config.yml
index 2992990..6dd888e 100644
--- a/roles/ntpserver/tasks/config.yml
+++ b/roles/ntpserver/tasks/config.yml
@@ -7,10 +7,3 @@
   template: src=chrony.conf.j2 dest=/etc/chrony.conf mode=644
   notify: restart chrony
   when: ansible_distribution == "Fedora"
-
-- name: Ouverture des ports Firewalld
-  firewalld: service=ntp permanent={{ item }} state=enabled
-  with_items:
-    - true
-    - false
-  when: ansible_distribution == "Fedora"
diff --git a/roles/ntpserver/tasks/fw.yml b/roles/ntpserver/tasks/fw.yml
new file mode 100644
index 0000000..f57ca7d
--- /dev/null
+++ b/roles/ntpserver/tasks/fw.yml
@@ -0,0 +1,6 @@
+- name: Ouverture des ports Firewalld
+  firewalld: service=ntp permanent={{ item }} state=enabled
+  with_items:
+    - true
+    - false
+  when: ansible_distribution == "Fedora"
diff --git a/roles/ntpserver/tasks/main.yml b/roles/ntpserver/tasks/main.yml
index d7c85a7..874a6cc 100644
--- a/roles/ntpserver/tasks/main.yml
+++ b/roles/ntpserver/tasks/main.yml
@@ -4,5 +4,8 @@
 - name: Configuration des services
   import_tasks: config.yml
 
+- name: Ouverture des ports Firewalld
+  import_tasks: fw.yml
+
 - name: État des services
   import_tasks: services.yml