Remove is_ host variable in torrelay role

author: Matthieu Saulnier <fantom@fedoraproject.org> 2018-12-02 21:46:22 +0100
committer: Matthieu Saulnier <fantom@fedoraproject.org> 2018-12-02 21:46:22 +0100
commit: dfcfdfcd85a483caeb786a80dee46dc2157c3967 (patch)
tree: 04daef7b139d03da1e44970ae6d8fda08f424820 /roles
parent: 2c5927e9692f771eda8ba29e2a310fc2974485b0 (diff)
download: playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.gz
playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.xz
playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.zip
3 files changed, 41 insertions, 28 deletions
diff --git a/roles/torrelay/tasks/fw.yml b/roles/torrelay/tasks/fw.yml
index 590f0bd..66b16b5 100644
--- a/roles/torrelay/tasks/fw.yml
+++ b/roles/torrelay/tasks/fw.yml
@@ -1,19 +1,43 @@
-- name: Ouverture des ports Firewalld standards
+- name: Ouverture du port ORPort
   firewalld:
-    port: "{{ item[0] }}"
-    permanent: "{{ item[1] }}"
+    port: "{{ orport }}"
+    permanent: "{{ item }}"
     state: enabled
-  with_nested:
-    - [ '9001/tcp', '9030/tcp' ]
-    - [ 'true', 'false' ]
-  when: is_public is defined
+  with_items:
+    - "true"
+    - "false"
+  when: orport is defined and orport != httpsport
+        and orport != pop3sport
 
-- name: Ouverture des ports Firewalld spéciaux
+- name: Ouverture du port ORPort
+  firewalld: 
+    service: "pop3s"
+    permanent: "{{ item }}"
+    state: enabled
+  with_items:
+    - "true"
+    - "false"
+  when: orport is defined and orport != httpsport
+        and orport == pop3sport
+
+- name: Ouverture du port DIRPort
+  firewalld:
+    port: "{{ dirport }}"
+    permanent: "{{ item }}"
+    state: enabled
+  with_items:
+    - "true"
+    - "false"
+  when: dirport is defined and dirport != httpport
+        and dirport != pop3port
+
+- name: Ouverture du port DIRPort
   firewalld:
-    service: "{{ item[0] }}"
-    permanent: "{{ item[1] }}"
+    service: "pop3"
+    permanent: "{{ item }}"
     state: enabled
-  with_nested:
-    - [ 'pop3', 'pop3s' ]
-    - [ 'true', 'false' ]
-  when: is_gardian is defined
+  with_items:
+    - "true"
+    - "false"
+  when: dirport is defined and dirport != httpport
+        and dirport == pop3port
diff --git a/roles/torrelay/templates/torrc.j2 b/roles/torrelay/templates/torrc.j2
index 482ee1f..e32760c 100644
--- a/roles/torrelay/templates/torrc.j2
+++ b/roles/torrelay/templates/torrc.j2
@@ -27,20 +27,11 @@ HiddenServicePort {{ service.port }} {{ service.host }}
 {% endif %}
 
 
-{% if is_public is defined %}
+{% if orport is defined and dirport is defined %}
 ORPort {{ orport }}
 DirPort {{ dirport }}
-{% endif %}
-
-
-{% if is_gardian is defined %}
-ORPort {{ pop3sport }}
-DirPort {{ pop3port }}
-{% endif %}
-
-
-{% if is_bridge is defined %}
-ORPort {{ pop3sport }}
+{% elif orport is defined and dirport is not defined %}
+ORPort {{ orport }}
 BridgeRelay 1
 {% endif %}
 
diff --git a/roles/torrelay/vars/main.yml b/roles/torrelay/vars/main.yml
index 9f5db23..e378dfd 100644
--- a/roles/torrelay/vars/main.yml
+++ b/roles/torrelay/vars/main.yml
@@ -1,5 +1,3 @@
-orport: 9001
-dirport: 9030
 fingerprints:
   - 7350AB9ED7568F22745198359373C04AC783C37C
   - 7520892E3DD133D0B0464D01A158B54B8E2A8B75
author	Matthieu Saulnier <fantom@fedoraproject.org>	2018-12-02 21:46:22 +0100
committer	Matthieu Saulnier <fantom@fedoraproject.org>	2018-12-02 21:46:22 +0100
commit	dfcfdfcd85a483caeb786a80dee46dc2157c3967 (patch)
tree	04daef7b139d03da1e44970ae6d8fda08f424820 /roles
parent	2c5927e9692f771eda8ba29e2a310fc2974485b0 (diff)
download	playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.gz playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.xz playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.zip