Feat: Use module `service` instead of `command`

[ansible.git] / playbooks / debian / roles / firewall / tasks / main.yml

diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
index 02d5b206ed69e8195901b0db5b3a703461233deb..0015e8162292b5522cd5ed68ab086b52746d25b4 100644 (file)
--- a/playbooks/debian/roles/firewall/tasks/main.yml
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -5,6 +5,7 @@
     name: fail2ban
     state: latest
     update_cache: yes
+  register: fail2ban
 
 - name: Configure Debian firewall
   become: true
@@ -15,13 +16,18 @@
     group: root
     mode: '0750'
     force: no
+  register: etc
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
+  register: functions
 
 - name: Start Debian firewall
   become: true
-  command: /etc/init.d/iptables.sh start
+  service:
+    name: iptables.sh
+    state: restarted
+  when: fail2ban.changed or etc.changed or functions.changed