|
@@ -55,3 +55,28 @@
|
|
|
with_items: ca_certificates
|
|
|
notify:
|
|
|
- Update CA certificate cache
|
|
|
|
|
|
- name: Install ferm (for firewall management)
|
|
|
apt: name=ferm state=installed
|
|
|
|
|
|
- name: Configure ferm init script coniguration file
|
|
|
copy: src=ferm dest=/etc/default/ferm owner=root group=root mode=644
|
|
|
notify:
|
|
|
- Restart ferm
|
|
|
|
|
|
- name: Create directory for storing ferm configuration files
|
|
|
file: dest="/etc/ferm/conf.d/" mode=750 state=directory owner=root group=root
|
|
|
|
|
|
- name: Deploy main ferm configuration file
|
|
|
copy: src=ferm.conf dest=/etc/ferm/ferm.conf
|
|
|
notify:
|
|
|
- Restart ferm
|
|
|
|
|
|
- name: Deploy ferm base rules
|
|
|
template: src=00-base.conf.j2 dest=/etc/ferm/conf.d/00-base.conf
|
|
|
owner=root group=root mode=640
|
|
|
notify:
|
|
|
- Restart ferm
|
|
|
|
|
|
- name: Enable ferm service
|
|
|
service: name=ferm state=started
|