eae-am-deutschen-platz/playbook_provision_eae-adp-...

33 lines
747 B
YAML

---
- name: provision eap-adp-jump01
hosts: eae-adp-jump01
tasks:
- name: create /etc/pf.include.conf
file:
path: /etc/pf.include.conf
state: touch
mode: 0600
access_time: preserve
- name: basic firewall configuration
copy:
src: files/pf.conf
dest: /etc/pf.conf
validate: "/sbin/pfctl -vnf %s"
notify:
- reload firewall
# TODO: only activates after reboot :(
- name: activate routing
blockinfile:
content: |
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
path: /etc/sysctl.conf
mode: 0600
create: yes
handlers:
- name: reload firewall
command: pfctl -vf /etc/pf.conf