From f078522d973c7447938720e20fda6bdb4ef454ba Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sun, 29 Jul 2018 10:39:36 -0500
Subject: [PATCH] roles/vmhost: Open libvirt migration firewall port

---
 roles/vmhost/handlers/main.yml | 2 ++
 roles/vmhost/tasks/main.yml    | 8 ++++++++
 2 files changed, 10 insertions(+)
 create mode 100644 roles/vmhost/handlers/main.yml

diff --git a/roles/vmhost/handlers/main.yml b/roles/vmhost/handlers/main.yml
new file mode 100644
index 0000000..adf5c93
--- /dev/null
+++ b/roles/vmhost/handlers/main.yml
@@ -0,0 +1,2 @@
+- name: save firewalld configuration
+  command: firewall-cmd --runtime-to-permanent
diff --git a/roles/vmhost/tasks/main.yml b/roles/vmhost/tasks/main.yml
index 1053782..310c052 100644
--- a/roles/vmhost/tasks/main.yml
+++ b/roles/vmhost/tasks/main.yml
@@ -61,3 +61,11 @@
     name: '{{ item.name }}'
     autostart: true
   with_items: '{{ libvirt_networks }}'
+
+- name: ensure libvirtd migration port is allowed in the firewall
+  firewalld:
+    port=49152/tcp
+    permanent=no
+    immediate=yes
+    state=enabled
+  notify: save firewalld configuration