From 02bdb7c7bc63c2854564879c4abea072e4a8c957 Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <s.pantaleev@gmail.com>
Date: Tue, 8 Aug 2017 14:29:14 +0300
Subject: [PATCH] Ensure firewalld is installed and Docker launcher after
 firewalld

Some CentOS 7 hosts may not have firewalld installed.
We shouldn't expect it to be, but should ensure by ourselves that it is.

Docker likes to mess around with iptables forwarding rules,
so it ought to start after firewalld.
---
 roles/matrix-server/tasks/setup_base.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/matrix-server/tasks/setup_base.yml b/roles/matrix-server/tasks/setup_base.yml
index fb5dce2e2..598be601c 100644
--- a/roles/matrix-server/tasks/setup_base.yml
+++ b/roles/matrix-server/tasks/setup_base.yml
@@ -23,15 +23,16 @@
     - bash-completion
     - docker-ce
     - docker-python
+    - firewalld
     - ntp
   when: ansible_distribution == 'CentOS'
 
-- name: Ensure Docker is started and autoruns
-  service: name=docker state=started enabled=yes
-
 - name: Ensure firewalld is started and autoruns
   service: name=firewalld state=started enabled=yes
 
+- name: Ensure Docker is started and autoruns
+  service: name=docker state=started enabled=yes
+
 - name: Ensure ntpd is started and autoruns
   service: name=ntpd state=started enabled=yes