Fix: Make idempotent

diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
index 02d5b206ed69e8195901b0db5b3a703461233deb..3afb40cfbd7731edc213befe742641f4b7c630ad 100644 (file)
--- a/playbooks/debian/roles/firewall/tasks/main.yml
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -5,6 +5,7 @@
     name: fail2ban
     state: latest
     update_cache: yes
+  register: fail2ban
 
 - name: Configure Debian firewall
   become: true
@@ -15,13 +16,16 @@
     group: root
     mode: '0750'
     force: no
+  register: etc
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
+  register: functions
 
 - name: Start Debian firewall
   become: true
   command: /etc/init.d/iptables.sh start
+  when: fail2ban.changed or etc.changed or functions.changed

diff --git a/playbooks/debian/roles/root/tasks/root.yml b/playbooks/debian/roles/root/tasks/root.yml
index 5824fda33187bd051304fe52b1508b04be26ecc2..b713f01625c7d622f72bdcfd59c94ab68b096b58 100644 (file)
--- a/playbooks/debian/roles/root/tasks/root.yml
+++ b/playbooks/debian/roles/root/tasks/root.yml
@@ -39,6 +39,12 @@
          '.screenrc', '.shellrc', '.tmux.conf', '.vimrc',
         ]
 
+- name: "Setup ~root - check .sh_history"
+  become: true
+  stat:
+    path: ~root/.sh_history
+  register: sh_history
+
 - name: "Setup ~root - create .sh_history"
   become: true
   file:
@@ -47,6 +53,7 @@
     owner: root
     group: root
     mode: "0600"
+  when: not sh_history.stat.exists
 
 - name: "Setup ~root - link .bash_history"
   become: true