From 4d4d44c9eba8d64eac9080fb10a51425b803a0fa Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Thu, 22 Jul 2021 18:16:06 +0200
Subject: [PATCH] The firewalld rule is optional.

---
 defaults/main.yml | 2 ++
 tasks/main.yml    | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 35a1c49..560cc2c 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,3 +10,5 @@ ntp_define_servers_pool: False
 ntp_servers_pool: []
 # - x.y.z.w
 # - w.y.z.x
+
+ntp_enable_default_firewalld_rule: 'enabled'
diff --git a/tasks/main.yml b/tasks/main.yml
index a62aa62..4c5d066 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -34,8 +34,8 @@
     service: name=ntpd state=stopped enabled=no
     when: not ntp_service_enabled | bool
 
-  - name: Manage the ntp firewalld rules in zone {{ firewalld_default_zone }}
-    firewalld: service=ntp zone={{ firewalld_default_zone }} permanent=True state=enabled immediate=True
+  - name: Manage the ntp firewalld rules in the {{ firewalld_default_zone }} zone
+    firewalld: service=ntp zone={{ firewalld_default_zone }} permanent=True state={{ ntp_enable_default_firewalld_rule }} immediate=True
     when: firewalld_enabled | bool
 
   when: ansible_distribution_file_variety == "RedHat"