From d7ed0142775e7974039f5f1c7433e531be8b75c1 Mon Sep 17 00:00:00 2001
From: prameswar <engg.pram1@gmail.com>
Date: Thu, 3 Nov 2016 11:47:44 +0530
Subject: [PATCH] disable firewall in bootstrap-server

Closes-Bug: #1638762

Change-Id: I23565f72166088444a49269ff9e406a3ab7a40d4
---
 ansible/roles/baremetal/tasks/install.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/ansible/roles/baremetal/tasks/install.yml b/ansible/roles/baremetal/tasks/install.yml
index f6ee106b14..7538ee1002 100644
--- a/ansible/roles/baremetal/tasks/install.yml
+++ b/ansible/roles/baremetal/tasks/install.yml
@@ -4,6 +4,28 @@
   become: True
   when: ansible_os_family == 'Debian'
 
+- name: Set firewall default policy
+  ufw: state=disabled policy=allow
+  when: ansible_os_family == 'Debian'
+
+- name: Check if firewalld is installed
+  command: rpm -q firewalld
+  register: firewalld_check
+  failed_when: firewalld_check.rc > 1
+  when: ansible_os_family == 'RedHat'
+
+- name: Disable firewalld
+  become: True
+  service:
+    name: "{{ item }}"
+    enabled: false
+    state: stopped
+  with_items:
+    - firewalld
+  when:
+   - ansible_os_family == 'RedHat'
+   - firewalld_check.rc == 0
+
 - name: Install apt packages
   package: name={{item}} state=present
   become: True