From 02826eafadd42e90a0e5546c0e245d88f1a89d31 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Mon, 28 Oct 2019 20:06:12 +0100
Subject: [PATCH] remove iptables integration

---
 defaults/main.yml |  7 -------
 tasks/install.yml | 12 ------------
 2 files changed, 19 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index ce9b3ed..d5c0f18 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -85,13 +85,6 @@ matrix_db_password: secure
 matrix_db_ssl_mode: disable
 matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
 
-matrix_iptables_enabled: False
-matrix_open_ports:
-  - name: allow_matrix_web
-    rules: |
-      -A INPUT -m state --state NEW -p tcp --dport {{ matrix_http_bind_port }} -j ACCEPT
-    state: present
-
 matrix_url_preview_enabled: False
 
 # List of IP address CIDR ranges that the URL preview spider is denied
diff --git a/tasks/install.yml b/tasks/install.yml
index 7836304..1a586c3 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -74,17 +74,5 @@
       loop_control:
         label: "{{ item.log }}"
       when: matrix_logrotate_enabled | bool
-
-    - name: Open ports in iptables
-      iptables_raw:
-        name: "{{ item.name }}"
-        rules: "{{ item.rules }}"
-        state: "{{ item.state | default('present') }}"
-        weight: "{{ item.weight | default(omit) }}"
-        table: "{{ item.table | default(omit) }}"
-      loop: "{{ matrix_open_ports }}"
-      loop_control:
-        label: "{{ item.name }}"
-      when: matrix_iptables_enabled | bool
   become: True
   become_user: root