friwall: don’t template settings

Let all settings including list of nodes be managed by application. Exception is the list of networks instantiated from NetBox data. Also add README.
2025-11-04 16:28:44 +01:00 · 2025-11-04 16:28:44 +01:00 · 2b3cc0cb31
commit 2b3cc0cb31
parent d1f74d2fb8
5 changed files with 8 additions and 41 deletions
--- a/roles/friwall/tasks/main.yml
+++ b/roles/friwall/tasks/main.yml
@ -38,17 +38,18 @@
    extra_args: --user --break-system-packages --no-warn-script-location
  notify: restart uwsgi

- name: Configure base settings
-  template:
-    dest: "/srv/friwall/{{ item }}"
-    src: "{{ item }}.j2"
+- name: Ensure setting files exist
+  copy:
+    dest: "/srv/friwall/{{ item }}.json"
+    content: |
+      {}
    owner: friwall
    group: friwall
    mode: 0600
    force: no
  loop:
-    - nodes.json
-    - settings.json
+    - nodes
+    - settings
  notify: restart uwsgi

 - name: Configure list of networks