minifirewall: restore "force-restart" and fix "restart-if-needed"

minifirewall/tasks/config.yml

@@ -193,24 +193,13 @@
   register: minifirewall_after
 
 - name: restart minifirewall
-  # service:
-  #   name: minifirewall
-  #   state: restarted
   command: /etc/init.d/minifirewall restart
   register: minifirewall_init_restart
   failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
-  changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
   when:
     - minifirewall_restart_if_needed | bool
     - minifirewall_is_running.rc == 0
-    - minifirewall_before.stat.checksum != minifirewall_after.stat.checksum
-
-- name: restart minifirewall (noop)
-  meta: noop
-  register: minifirewall_init_restart
-  failed_when: False
-  changed_when: False
-  when: not (minifirewall_restart_if_needed | bool)
+    - minifirewall_before.stat.checksum != minifirewall_after.stat.checksum or minifirewall_upgrade_script is changed or minifirewall_upgrade_config is changed
 
 - debug:
     var: minifirewall_init_restart

minifirewall/tasks/install.yml

@@ -13,6 +13,7 @@
     mode: "0700"
     owner: root
     group: root
+  register: minifirewall_upgrade_script
 
 - name: configuration is copied
   copy:
@@ -22,6 +23,7 @@
     mode: "0600"
     owner: root
     group: root
+  register: minifirewall_upgrade_config
 
 - name: includes directory is present
   file:

minifirewall/tasks/main.yml

@@ -22,7 +22,7 @@
   when: minifirewall_tail_included | bool
 
 - name: Force restart minifirewall
-  command: /bin/true
-  notify: restart minifirewall
-  changed_when: False
-  when: minifirewall_restart_force | bool
+  command: /etc/init.d/minifirewall restart
+  register: minifirewall_init_restart
+  failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
+  when: minifirewall_restart_force | bool