Add finer firewall control

1 files changed, 2 insertions, 2 deletions

diff --git a/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml b/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml
index 4df4cc03..38cacab5 100644
--- a/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml
+++ b/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml
@@ -33,10 +33,10 @@
     state: restarted
 - name: open firewall
   command: firewall-cmd --permanent --add-port=21488/tcp
-  when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc"
+  when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc" and not network.disable_firewall
 - name: reload firewall
   command: firewall-cmd --reload
-  when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc"
+  when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc" and not network.disable_firewall
 - name: force check
   community.general.nagios:
     action: forced_check