Do not force firewalld on people

In most cases, there's not really a need to touch the system
firewall, as Docker manages iptables by itself
(see https://docs.docker.com/network/iptables/).

All ports exposed by Docker containers are automatically whitelisted
in iptables and wired to the correct container.

This made installing firewalld and whitelisting ports pointless,
as far as this playbook's services are concerned.

People that wish to install firewalld (for other reasons), can do so
manually from now on.

This is inspired by and fixes #97 (Github Issue).

roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml

@@ -99,17 +99,6 @@
     name: "{{ matrix_nginx_proxy_docker_image }}"
   when: matrix_nginx_proxy_enabled
 
-- name: Allow access to nginx proxy ports in firewalld
-  firewalld:
-    service: "{{ item }}"
-    state: enabled
-    immediate: yes
-    permanent: yes
-  with_items:
-    - "http"
-    - "https"
-  when: "matrix_nginx_proxy_enabled and ansible_os_family == 'RedHat'"
-
 - name: Ensure matrix-nginx-proxy.service installed
   template:
     src: "{{ role_path }}/templates/systemd/matrix-nginx-proxy.service.j2"

roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml

@@ -33,17 +33,6 @@
     - "{{ matrix_ssl_lets_encrypt_support_email }}"
   when: "matrix_ssl_retrieval_method == 'lets-encrypt' and item is none"
 
-- name: Allow access to HTTP/HTTPS in firewalld
-  firewalld:
-    service: "{{ item }}"
-    state: enabled
-    immediate: yes
-    permanent: yes
-  with_items:
-    - http
-    - https
-  when: "matrix_ssl_retrieval_method == 'lets-encrypt' and ansible_os_family == 'RedHat'"
-
 - name: Ensure certbot Docker image is pulled
   docker_image:
     name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"