]> git.phdru.name Git - ansible.git/commitdiff
projects / ansible.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 81c71e4)
Feat(firewall): Use handler instead of condition
authorOleg Broytman <phd@phdru.name>
Sun, 1 Sep 2019 23:59:40 +0000 (02:59 +0300)
committerOleg Broytman <phd@phdru.name>
Sun, 1 Sep 2019 23:59:40 +0000 (02:59 +0300)
playbooks/debian/roles/firewall/handlers/main.yml [new file with mode: 0644] patch | blob
playbooks/debian/roles/firewall/tasks/main.yml patch | blob | history
playbooks/redhat/roles/firewall/handlers/main.yml [new file with mode: 0644] patch | blob
playbooks/redhat/roles/firewall/tasks/main.yml patch | blob | history

diff --git a/playbooks/debian/roles/firewall/handlers/main.yml b/playbooks/debian/roles/firewall/handlers/main.yml
new file mode 100644 (file)
index 0000000..8610dd8
--- /dev/null
+++ b/playbooks/debian/roles/firewall/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: Restart firewall
+  become: true
+  service:
+    name: iptables.sh
+    state: restarted
diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
index 9716ddab6f34bb88175a00be0729b2b6c8d61ddc..e36bd89f3e71e24a838f638ae3325d664be99434 100644 (file)
--- a/playbooks/debian/roles/firewall/tasks/main.yml
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -6,7 +6,7 @@
     name: fail2ban
     state: latest
     update_cache: yes
-  register: fail2ban
+  notify: Restart firewall
 
 - name: Configure Debian firewall
   become: true
@@ -18,18 +18,11 @@
     directory_mode: '0750'
     mode: '0750'
     force: no
-  register: etc
+  notify: Restart firewall
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
-  register: functions
-
-- name: Start Debian firewall
-  become: true
-  service:
-    name: iptables.sh
-    state: restarted
-  when: fail2ban.changed or etc.changed or functions.changed
+  notify: Restart firewall
diff --git a/playbooks/redhat/roles/firewall/handlers/main.yml b/playbooks/redhat/roles/firewall/handlers/main.yml
new file mode 100644 (file)
index 0000000..8eac456
--- /dev/null
+++ b/playbooks/redhat/roles/firewall/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: Restart firewall
+  become: true
+  command: /etc/rc.d/init.d/iptables.sh start
diff --git a/playbooks/redhat/roles/firewall/tasks/main.yml b/playbooks/redhat/roles/firewall/tasks/main.yml
index c1624fd7a6948e2879629f399a8218fae0f030c6..86c73baaea476bec3f1f82ff19653a782a129f5a 100644 (file)
--- a/playbooks/redhat/roles/firewall/tasks/main.yml
+++ b/playbooks/redhat/roles/firewall/tasks/main.yml
@@ -4,7 +4,7 @@
     name: ['fail2ban', 'iptables-services']
     state: latest
     update_cache: yes
-  register: services
+  notify: Restart firewall
 
 - name: Disable firewalld
   become: true
@@ -37,16 +37,11 @@
     directory_mode: '0750'
     mode: '0750'
     force: no
-  register: etc
+  notify: Restart firewall
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
-  register: functions
-
-- name: Start iptables
-  become: true
-  command: /etc/rc.d/init.d/iptables.sh start
-  when: services.changed or etc.changed or functions.changed
+  notify: Restart firewall
My ansible: inventory, playbooks, roles