6

How to enable multiple services at once with firewalld module? I'm using this code which enables one service (https) after running ansible-playbook.It work just fine. However, I can't figure out how to enable multiple services in this code instead of just one (https).

- name: firewalld configuration
  firewalld:
    zone: public
    service: https
    permanent: yes
    state: enabled
  notify: reload firewalld

I tried the same method (see below) that is used for installing multiple packages but with no luck. It answers with errors (see below)

- name: firewalld configuration
  firewalld:
    zone: public
    service:
      name:
        - https
        - http
    permanent: yes
    state: enabled
  notify: reload firewalld

Error:

fatal: [192.168.0.101]: FAILED! => {"changed": false, "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: '{'name': ['https', 'http']}' not among existing services Permanent operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"}
JohnyFailLab
  • 133
  • 3
  • 9
  • 1
    @Vladimir Botka has provided the correct answer. The official documentation for the [YUM](https://docs.ansible.com/ansible/latest/modules/yum_module.html#yum-module) module (and [APT](https://docs.ansible.com/ansible/latest/modules/apt_module.html) module) indicate that `name` will accept a list of package names. While not well addressed in the documentation, these two cases are EXCEPTIONS to the rule. Unless the documentation specifically indicates a parameter accepts multiple values, it typically does not. – 0xSheepdog Jan 22 '20 at 23:00

1 Answers1

9

firewalld parameter service is a string. Use loop to iterate a list of services. For example

- name: firewalld configuration
  firewalld:
    zone: public
    service: "{{ item }}"
    permanent: yes
    state: enable
  notify: reload firewalld
  loop:
    - https
    - http
Vladimir Botka
  • 2,108
  • 10
  • 14