mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-11-24 22:21:26 +00:00
Create openqa-vnc service to prevent conflict (#14999)
Create a firewalld service to open the ports for VNC traffic. This prevents ansible from creating an invalid firewalld configuration and bringing down networking on Fedora 34 workstation due to overlapping ports.
This commit is contained in:
parent
ed95b07b82
commit
483e910628
@ -62,6 +62,19 @@
|
|||||||
enabled: true
|
enabled: true
|
||||||
loop: "{{ openqa_services }}"
|
loop: "{{ openqa_services }}"
|
||||||
|
|
||||||
|
- name: Create openqa-vnc firewalld service
|
||||||
|
template:
|
||||||
|
src: etc/firewalld/services/openqa-vnc.xml.j2
|
||||||
|
dest: /etc/firewalld/services/openqa-vnc.xml
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: "0644"
|
||||||
|
|
||||||
|
- name: Load openqa-vnc firewalld service
|
||||||
|
systemd:
|
||||||
|
name: firewalld
|
||||||
|
state: reloaded
|
||||||
|
|
||||||
- name: Permit traffic for {{ item }} service
|
- name: Permit traffic for {{ item }} service
|
||||||
ansible.posix.firewalld:
|
ansible.posix.firewalld:
|
||||||
service: "{{ item }}"
|
service: "{{ item }}"
|
||||||
@ -69,12 +82,7 @@
|
|||||||
state: enabled
|
state: enabled
|
||||||
loop:
|
loop:
|
||||||
- http
|
- http
|
||||||
|
- openqa-vnc
|
||||||
- name: Permit VNC traffic for local workers
|
|
||||||
ansible.posix.firewalld:
|
|
||||||
port: "{{ openqa_min_vnc_port }}-{{ openqa_max_vnc_port }}/tcp"
|
|
||||||
permanent: true
|
|
||||||
state: enabled
|
|
||||||
|
|
||||||
- name: Reload FirewallD
|
- name: Reload FirewallD
|
||||||
systemd:
|
systemd:
|
||||||
|
@ -0,0 +1,4 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<service>
|
||||||
|
<port port="{{ openqa_min_vnc_port }}-{{ openqa_max_vnc_port }}" protocol="tcp"/>
|
||||||
|
</service>
|
Loading…
Reference in New Issue
Block a user