Can we add the ability for ansible.posix.firewalld to use a list of services to enable?

[tdcam]

SUMMARY

For many functions, if you pass a list, the function will process all the list entries. Like for ansible.builtin.dnf, if you do a list of packages, all will get installed. But for ansible.posix.firewalld, if you try to add a list of services to enable, it fails. Under the hood, it appears that the service you list gets added to firewall-cmd --add-service, which only processes one service.

Does it make sense to add the ability to list services and have the function add it in separate firewall-cmd --add-service calls?

So a playbook would be something like:

---

• name: Open ports in the firewall
  hosts: web-servers
  tasks:
  • name: add http and https to the firewall
    ansible.posix.firewalld:
    service:
    • http
    • https
      permanent: true
      immediate: true
      state: enabled

Then the function would run firewall-cmd --add-service=X for every service in the list.

ISSUE TYPE

• Feature Idea

COMPONENT NAME

ansible.posix.firewalld

ADDITIONAL INFORMATION

Instead of having to write a single play for every port you want opened, write one play with all the services you want open and the function would loop through the services and run firewall-cmd --add-service for each one.

---
- name: Open ports in the firewall
  hosts: web-servers
  tasks:
    - name: add http and https to the firewall
    ansible.posix.firewalld:
      service:
        - http
        - https
      permanent: true
      immediate: true
      state: enabled