aboutsummaryrefslogtreecommitdiffstats
path: root/roles/pf/tasks
diff options
context:
space:
mode:
authorRomain Gonçalves <me@rgoncalves.se>2021-12-11 18:50:33 +0000
committerRomain Gonçalves <me@rgoncalves.se>2021-12-11 18:50:33 +0000
commitde3373e97d133e0ac76fb44deb5dea27c18d8815 (patch)
tree5b63b301ff180ef837ca6fb6a676e31cb87d326c /roles/pf/tasks
parente60e99796111ee6d43080b4e48971c08886c0570 (diff)
downloadrules-de3373e97d133e0ac76fb44deb5dea27c18d8815.tar.gz
roles: Add pf and relayd roles for domain controller
Diffstat (limited to 'roles/pf/tasks')
-rw-r--r--roles/pf/tasks/main.yml25
1 files changed, 25 insertions, 0 deletions
diff --git a/roles/pf/tasks/main.yml b/roles/pf/tasks/main.yml
new file mode 100644
index 0000000..4fafb77
--- /dev/null
+++ b/roles/pf/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: generate pf configuration
+ template:
+ src: pf.conf.j2
+ dest: "{{ pf_configuration_file }}"
+ owner: 0
+ group: 0
+ mode: 0600
+ notify:
+ - lint pf configuration
+
+- name: enable pf
+ command: pfctl -e
+ register: result
+ failed_when:
+ - result.rc != 0
+ - "'already enabled' not in result.stderr"
+
+- name: restart pf
+ command: pfctl -f "{{ pf_configuration_file }}"
+
+- name: test ssh connection on new pf rule
+ wait_for:
+ port: 22
+ delay: 2
+ state: started
remember that computers suck.