From deca49afab2a15720e6e0e1bfc01c6b13b62bfb7 Mon Sep 17 00:00:00 2001
From: Oleg Broytman <phd@phdru.name>
Date: Sun, 28 Jul 2019 21:28:25 +0300
Subject: [PATCH] Fix: Make idempotent

---
 playbooks/debian/roles/firewall/tasks/main.yml | 4 ++++
 playbooks/debian/roles/root/tasks/root.yml     | 7 +++++++
 2 files changed, 11 insertions(+)

diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
index 02d5b20..3afb40c 100644
--- a/playbooks/debian/roles/firewall/tasks/main.yml
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -5,6 +5,7 @@
     name: fail2ban
     state: latest
     update_cache: yes
+  register: fail2ban
 
 - name: Configure Debian firewall
   become: true
@@ -15,13 +16,16 @@
     group: root
     mode: '0750'
     force: no
+  register: etc
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
+  register: functions
 
 - name: Start Debian firewall
   become: true
   command: /etc/init.d/iptables.sh start
+  when: fail2ban.changed or etc.changed or functions.changed
diff --git a/playbooks/debian/roles/root/tasks/root.yml b/playbooks/debian/roles/root/tasks/root.yml
index 5824fda..b713f01 100644
--- a/playbooks/debian/roles/root/tasks/root.yml
+++ b/playbooks/debian/roles/root/tasks/root.yml
@@ -39,6 +39,12 @@
          '.screenrc', '.shellrc', '.tmux.conf', '.vimrc',
         ]
 
+- name: "Setup ~root - check .sh_history"
+  become: true
+  stat:
+    path: ~root/.sh_history
+  register: sh_history
+
 - name: "Setup ~root - create .sh_history"
   become: true
   file:
@@ -47,6 +53,7 @@
     owner: root
     group: root
     mode: "0600"
+  when: not sh_history.stat.exists
 
 - name: "Setup ~root - link .bash_history"
   become: true
-- 
2.39.2