From b471a034a4e57254cdf14d9d8c5afdedbc751578 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Sat, 8 Nov 2025 20:56:53 +0000
Subject: [PATCH] feat(podman_nginx): configure firewalld

---
 .../tasks/{check_subid.yml => check_users.yml}        |  0
 roles/podman_nginx/defaults/main.yml                  |  1 +
 roles/podman_nginx/tasks/main.yml                     | 11 +++++++++++
 3 files changed, 12 insertions(+)
 rename roles/podman_host/tasks/{check_subid.yml => check_users.yml} (100%)

diff --git a/roles/podman_host/tasks/check_subid.yml b/roles/podman_host/tasks/check_users.yml
similarity index 100%
rename from roles/podman_host/tasks/check_subid.yml
rename to roles/podman_host/tasks/check_users.yml
diff --git a/roles/podman_nginx/defaults/main.yml b/roles/podman_nginx/defaults/main.yml
index d32720b..66a3f98 100644
--- a/roles/podman_nginx/defaults/main.yml
+++ b/roles/podman_nginx/defaults/main.yml
@@ -8,3 +8,4 @@ podman_nginx_podman_rootless_user: nginx
 # podman_nginx_systemd_service_target:
 podman_nginx_systemd_service_requires: []
 podman_nginx_additional_volumes: []
+podman_nginx_firewalld_zone: public
\ No newline at end of file
diff --git a/roles/podman_nginx/tasks/main.yml b/roles/podman_nginx/tasks/main.yml
index b92cf32..7308833 100644
--- a/roles/podman_nginx/tasks/main.yml
+++ b/roles/podman_nginx/tasks/main.yml
@@ -1,4 +1,15 @@
 ---
+- name: Podman Nginx | PATCH | Open firewall for http and https services
+  ansible.posix.firewalld:
+    zone: "{{ podman_nginx_firewalld_zone }}"
+    service: "{{ item }}"
+    permanent: true
+    immediate: true
+    state: enabled
+  with_items:
+    - http
+    - https
+
 - name: Podman Nginx | PATCH | Create service configuration directories
   ansible.builtin.file:
     path: "/home/{{ podman_nginx_podman_rootless_user }}/{{ item }}"