Skip to content
Snippets Groups Projects
Select Git revision
  • 1fbcbd63b6cdf3e6d748db1f8aef4f94a6a5492c
  • master default protected
2 results

main.yml

Blame
    • main.yml 2.21 KiB 
    ---
# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/systemd_module.html
- name: systemctl daemon-reload
  ansible.builtin.systemd:
    daemon-reload: true

- name: enable systemd-units
#  ansible.builtin.command: "systemctl enable /usr/local/lib/systemd/system/{{ item }}.service"
  ansible.builtin.systemd:
    name: "{{ item }}.service"
    enabled: true
  loop: "{{ vault_service_files.keys() | list }}"

# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/systemd_module.html
- name: restart repairtools
  ansible.builtin.systemd:
    name: "{{ item }}.service"
    state: restarted
  loop: "{{ vault_service_files.keys() | list }}"

- name: save iptables rules (Debian)
  when: ansible_os_family == "Debian"
  block:
    - name: Ordner für iptables-Config erstellen
      ansible.builtin.file:
        path: "/etc/iptables"
        state: directory
        owner: "root"
        group: "root"
        mode: "0755"
      listen: "save iptables rules"
    - name: install netfilter-persistent to be able to save iptables rules
      ansible.builtin.apt:
        name: netfilter-persistent
        state: present
      listen: "save iptables rules"
    # we exclude this task from being linted for "no-changed-when", because handlers only ever run if there's a change triggered by a task
    - name: save iptables rules
      ansible.builtin.command: 'netfilter-persistent save'      # noqa no-changed-when
      listen: "save iptables rules"

- name: save iptables rules (RedHat)
  when: ansible_os_family == "RedHat"
  block:
    - name: make sure iptables config file exists
      ansible.builtin.file:
        path: "/etc/sysconfig/iptables"
        state: touch
        owner: "root"
        group: "root"
        mode: "0600"
      listen: "save iptables rules"
    # we exclude this task from being linted for "no-changed-when", because handlers only ever run if there's a change triggered by a task
    - name: save rules
      ansible.builtin.command: /usr/sbin/iptables-save        # noqa no-changed-when
      listen: "save iptables rules"

- name: Restart Beats.
  ansible.builtin.systemd_service:
    name: "{{ item }}beat.service"
    state: restarted
  loop:
    - "audit"
    - "file"
    # - "journal"

    DE: Impressum · Datenschutzerklärung | EN: Legal Notice · Privacy Policy