jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2026-03-13 05:42:46 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

klal
Some checks failed
Gitea Actions Demo / Explore-Gitea-Actions (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ladislav Dusa
2026-03-04 18:30:08 +01:00
parent 17d73b8fe5
commit bd0034cc2e
1 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
roles/kubernetes/tasks/Rocky.yml
View File

@@ -262,3 +262,41 @@
create: yes create: yes
loop: "{{ aliases | dict2items }}" loop: "{{ aliases | dict2items }}"
when: inventory_hostname.endswith('-vm01.home.lan') when: inventory_hostname.endswith('-vm01.home.lan')
- name: Allow TCP 10250 from 192.168.77.0/24
firewalld:
source: 192.168.77.0/24
port: 10250/tcp
permanent: yes
state: enabled
immediate: yes
rich_rule: 'rule family="ipv4" source address="192.168.77.0/24" port port="10250" protocol="tcp" accept'
- name: Allow UDP 8472 from 192.168.77.0/24
firewalld:
source: 192.168.77.0/24
port: 8472/udp
permanent: yes
state: enabled
immediate: yes
rich_rule: 'rule family="ipv4" source address="192.168.77.0/24" port port="8472" protocol="udp" accept'
- name: Add flannel.1 interface to trusted zone
firewalld:
interface: flannel.1
zone: trusted
permanent: yes
state: enabled
immediate: yes
- name: Add cni0 interface to trusted zone
firewalld:
interface: cni0
zone: trusted
permanent: yes
state: enabled
immediate: yes
- name: Reload firewalld
firewalld:
state: reloaded