From d428dc73d78cfcfd818f903b240a287757cb20b5 Mon Sep 17 00:00:00 2001
From: willtome <willtome@gmail.com>
Date: Mon, 2 Oct 2023 12:59:49 -0400
Subject: [PATCH] move firewall install tasks

---
 .../patching/roles/report_server/tasks/apache.yml  | 14 ++++++++++++++
 linux/patching.yml                                 | 11 -----------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml
index 0dbae4fab..d707c6e9f 100644
--- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml
+++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml
@@ -2,6 +2,20 @@
 - name: Include system variables
   ansible.builtin.include_vars: "{{ ansible_system }}.yml"
 
+- name: Install firewall dependencies
+  ansible.builtin.dnf:
+    name:
+      - firewalld
+      - python3-firewall
+    state: present
+  check_mode: false
+
+- name: Start firewalld
+  ansible.builtin.service:
+    name: firewalld
+    state: started
+  check_mode: false
+
 - name: Permit traffic in default zone for http service
   ansible.posix.firewalld:
     service: http
diff --git a/linux/patching.yml b/linux/patching.yml
index 17b224b13..38b217084 100644
--- a/linux/patching.yml
+++ b/linux/patching.yml
@@ -32,17 +32,6 @@
       delegate_to: "{{ report_server }}"
       run_once: true  # noqa: run-once[task]
       block:
-        - name: Install firewall dependencies
-          ansible.builtin.dnf:
-            name:
-              - firewalld
-              - python3-firewall
-            state: present
-
-        - name: Start firewalld
-          ansible.builtin.service:
-            name: firewalld
-            state: started
 
         - name: Build report server
           ansible.builtin.include_role: