From 1382b3d6ffc936e765f9aa3eccdede4884b63fc6 Mon Sep 17 00:00:00 2001
From: yohan <783b8c87@scimetis.net>
Date: Sun, 3 Nov 2024 20:20:44 +0100
Subject: [PATCH] Open reverse-proxy ports in firewalld configuration.

---
 roles/role_deploy_reverse-proxy/tasks/main.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/roles/role_deploy_reverse-proxy/tasks/main.yml b/roles/role_deploy_reverse-proxy/tasks/main.yml
index 2ae9a98..ae3548c 100644
--- a/roles/role_deploy_reverse-proxy/tasks/main.yml
+++ b/roles/role_deploy_reverse-proxy/tasks/main.yml
@@ -124,9 +124,6 @@
     state: present
     network:
       - host
-    ports:
-      - 80:80/tcp
-      - 443:443/tcp
     volume:
       - /mnt/volumes/reverse-proxy_conf/data:/etc/apache2/sites-available:Z
       - /mnt/volumes/reverse-proxy_conf_enabled/data:/etc/apache2/sites-enabled:Z
@@ -142,3 +139,15 @@
     state: started
     enabled: true
   become: true
+
+- name: Allow HTTP and HTTPS ports
+  ansible.posix.firewalld:
+    zone: public
+    port: "{{ item }}"
+    permanent: true
+    immediate: true
+    state: enabled
+  become: true
+  with_items:
+    - 80/tcp
+    - 443/tcp