From b8f10de1474570fe82b311a76fb2d5b51ad8152b Mon Sep 17 00:00:00 2001
From: Oleg Broytman <phd@phdru.name>
Date: Mon, 2 Sep 2019 02:59:40 +0300
Subject: [PATCH] Feat(firewall): Use handler instead of condition

---
 playbooks/debian/roles/firewall/handlers/main.yml |  5 +++++
 playbooks/debian/roles/firewall/tasks/main.yml    | 13 +++----------
 playbooks/redhat/roles/firewall/handlers/main.yml |  3 +++
 playbooks/redhat/roles/firewall/tasks/main.yml    | 11 +++--------
 4 files changed, 14 insertions(+), 18 deletions(-)
 create mode 100644 playbooks/debian/roles/firewall/handlers/main.yml
 create mode 100644 playbooks/redhat/roles/firewall/handlers/main.yml

diff --git a/playbooks/debian/roles/firewall/handlers/main.yml b/playbooks/debian/roles/firewall/handlers/main.yml
new file mode 100644
index 0000000..8610dd8
--- /dev/null
+++ b/playbooks/debian/roles/firewall/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: Restart firewall
+  become: true
+  service:
+    name: iptables.sh
+    state: restarted
diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
index 9716dda..e36bd89 100644
--- a/playbooks/debian/roles/firewall/tasks/main.yml
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -6,7 +6,7 @@
     name: fail2ban
     state: latest
     update_cache: yes
-  register: fail2ban
+  notify: Restart firewall
 
 - name: Configure Debian firewall
   become: true
@@ -18,18 +18,11 @@
     directory_mode: '0750'
     mode: '0750'
     force: no
-  register: etc
+  notify: Restart firewall
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
-  register: functions
-
-- name: Start Debian firewall
-  become: true
-  service:
-    name: iptables.sh
-    state: restarted
-  when: fail2ban.changed or etc.changed or functions.changed
+  notify: Restart firewall
diff --git a/playbooks/redhat/roles/firewall/handlers/main.yml b/playbooks/redhat/roles/firewall/handlers/main.yml
new file mode 100644
index 0000000..8eac456
--- /dev/null
+++ b/playbooks/redhat/roles/firewall/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: Restart firewall
+  become: true
+  command: /etc/rc.d/init.d/iptables.sh start
diff --git a/playbooks/redhat/roles/firewall/tasks/main.yml b/playbooks/redhat/roles/firewall/tasks/main.yml
index c1624fd..86c73ba 100644
--- a/playbooks/redhat/roles/firewall/tasks/main.yml
+++ b/playbooks/redhat/roles/firewall/tasks/main.yml
@@ -4,7 +4,7 @@
     name: ['fail2ban', 'iptables-services']
     state: latest
     update_cache: yes
-  register: services
+  notify: Restart firewall
 
 - name: Disable firewalld
   become: true
@@ -37,16 +37,11 @@
     directory_mode: '0750'
     mode: '0750'
     force: no
-  register: etc
+  notify: Restart firewall
 
 - name: Fix permissions for /etc/network/functions
   become: true
   file:
     path: /etc/network/functions.phd
     mode: '0640'
-  register: functions
-
-- name: Start iptables
-  become: true
-  command: /etc/rc.d/init.d/iptables.sh start
-  when: services.changed or etc.changed or functions.changed
+  notify: Restart firewall
-- 
2.39.2