From 333fa8fa65557064f36b5fcb390d1a076388473d Mon Sep 17 00:00:00 2001
From: spmfox <spmfox@foxwd.com>
Date: Sat, 2 Sep 2023 22:57:44 -0400
Subject: initial

---
 host.yml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/host.yml b/host.yml
index b15d9e0..db28e96 100644
--- a/host.yml
+++ b/host.yml
@@ -42,3 +42,22 @@
       tags:
         - never
         - unprivileged-ports
+
+    - name: cPanel DNS-only block
+      block:
+        - name: Confirm if cpsrvd is not listening on http ports
+          ansible.builtin.shell: "whmapi1 get_tweaksetting key='disable_cphttpd' |grep 'value: 1' || /bin/true"
+          register: cpsrv_listen
+
+        - name: Turn off cpsrvd listening on http ports (if necessary)
+          ansible.builtin.shell: "whmapi1 set_tweaksetting key='disable_cphttpd' value='1' ; /scripts/restartsrv_cpsrvd"
+          when: cpsrv_listen.stdout | length == 0
+
+        - name: Turn off firewalld
+          ansible.builtin.service:
+            name: "firewalld"
+            state: stopped
+            enabled: false
+      tags:
+        - never
+        - cpanel-dnsonly
-- 
cgit