From 829ca8310d00435a3c715f8fe7dc71637d9086dd Mon Sep 17 00:00:00 2001 From: Aaron Guise Date: Thu, 15 Oct 2020 14:23:17 +1300 Subject: [PATCH] Add firewall allow functionality RHEL --- Centos7-Dockerfile | 3 ++- Centos8-Dockerfile | 6 ++++++ handlers/main.yml | 13 ++++++++++++- tasks/RedHat.yml | 2 ++ 4 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 Centos8-Dockerfile diff --git a/Centos7-Dockerfile b/Centos7-Dockerfile index dfbd115..d566e41 100644 --- a/Centos7-Dockerfile +++ b/Centos7-Dockerfile @@ -1,2 +1,3 @@ FROM docker.io/pycontribs/centos:7 -RUN yum install -y iproute \ No newline at end of file +RUN yum install -y iproute firewalld python-firewall net-tools && \ + systemctl enable firewalld diff --git a/Centos8-Dockerfile b/Centos8-Dockerfile new file mode 100644 index 0000000..1cc77c5 --- /dev/null +++ b/Centos8-Dockerfile @@ -0,0 +1,6 @@ +# Centos8-Dockerfile +FROM docker.io/pycontribs/centos:8 +RUN yum install -y iproute firewalld net-tools && \ + systemctl disable nftables && \ + systemctl enable firewalld && \ + diff --git a/handlers/main.yml b/handlers/main.yml index c06eae5..6ad9bc6 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -8,4 +8,15 @@ - name: cmk fresh install set_fact: - cmk_fresh_install: True \ No newline at end of file + cmk_fresh_install: True + +- name: ensure firewall open + firewalld: + port: 6556/tcp + state: enabled + permanent: yes + immediate: yes + +- name: ensure firewall reloaded + command: firewall-cmd --reload + changed_when: false diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml index 7cc2742..f6a4cb5 100644 --- a/tasks/RedHat.yml +++ b/tasks/RedHat.yml @@ -24,6 +24,8 @@ notify: - restart xinetd - cmk fresh install + - ensure firewall open + - ensure firewall reloaded - name: Remove agent Download file: