better handling of ports

tasks/main.yml

@@ -17,34 +17,46 @@
   when: cockpit_disable_tls
 
 - name: change default listen port
-  block:
+  blockinfile:
-    - ini_file:
+    dest: "/etc/systemd/system/cockpit.socket.d/listen.conf"
-        dest: "/etc/systemd/system/cockpit.socket.d/listen.conf"
+    create: true
-        create: true
+    backup: true
-        section: "Socket"
+    owner: root
-        value: |
+    group: root
-          ListenStream=
+    mode: 0755
-          ListenStream={{ cockpit_listen_port }}
+    state: present
-  when: cockpit_listen_port is not "9090"
+    block: |
+      [Socket]
+      ListenStream=
+      ListenStream={{ cockpit_listen_port }}
+  when: cockpit_listen_port != "9090"
 
 - name: do selinux change if required
   block:
-    - package:
+    - name: install package
+      package:
         name: policycoreutils-python
         state: present
-    - seport:
+    - name: enable seport
+      seport:
         ports: "{{ cockpit_listen_port }}"
         proto: tcp
         setype: websm_port_t
         state: present
-  when: cockpit_listen_port is not "9090" and cockpit_use_selinux
+  when: cockpit_listen_port != "9090" and cockpit_use_selinux
 
 - name: enable firewall
-  firewalld:
+  block:
-    port: "{{ cockpit_listen_port }}/tcp"
+    - name: install firewalld bindings
-    permanent: true
+      package:
-    immediate: true
+        name: python-firewall
-    state: enabled
+        state: latest
+    - name: enable firewalld
+      firewalld:
+        port: "{{ cockpit_listen_port }}/tcp"
+        permanent: true
+        immediate: true
+        state: enabled
   when: cockpit_use_firewalld
 
 - name: ensure Cockpit is started