feat(podman_link): hub/spoke elasticsearch network access

Fixes: #9

roles/podman_link/tasks/main.yml

@@ -8,6 +8,23 @@
     mode: "0444"
   become: true
 
+- name: Allow access from hub to spoke to Opensearch using firewalld rich rule
+  ansible.posix.firewalld:
+    rich_rule: >-
+      rule family="ipv4"
+      source address="{{ podman_link_opensearch_hub_ip }}"
+      destination address="{{ podman_link_opensearch_spoke_ip }}"
+      port protocol="tcp" port="{{ item }}" accept
+    permanent: yes
+    state: enabled
+  with_items:
+    - 9200
+    - 9300
+  when:
+    - podman_link_opensearch_hub_ip is defined
+    - podman_link_opensearch_spoke_ip is defined
+  become: true
+
 - name: Podman CDR Link | PATCH | Install podman and verify rootless podman user
   ansible.builtin.include_role:
     role: sr2c.core.podman_host