minifirewall: add a variable to disable the restart handler
This commit is contained in:
parent
944006e63c
commit
96cd04ae40
|
@ -11,6 +11,7 @@ The **patch** part changes incrementally at each release.
|
|||
## [Unreleased]
|
||||
|
||||
### Added
|
||||
* minifirewall: add a variable to disable the restart handler
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
|
@ -16,6 +16,7 @@ Everything is in the `tasks/main.yml` file.
|
|||
* `minifirewall_trusted_ips`: with IP/hosts should be trusted for full access (default: none)
|
||||
* `minifirewall_privilegied_ips`: with IP/hosts should be trusted for restricted access (default: none)
|
||||
* `minifirewall_tail_included` : source a "tail" file at the end of the main config file. (default: `False`)
|
||||
* `minifirewall_restart_if_needed` : should the restart handler be executed (default: `True`)
|
||||
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
||||
|
||||
**Some IP/hosts must be configured or the server will be inaccessible via network.**
|
||||
|
|
|
@ -24,6 +24,7 @@ minifirewall_private_ports_tcp: [5666]
|
|||
minifirewall_private_ports_udp: []
|
||||
|
||||
minifirewall_autostart: "no"
|
||||
minifirewall_restart_if_needed: True
|
||||
|
||||
evomaintenance_hosts: []
|
||||
|
||||
|
|
|
@ -123,7 +123,17 @@
|
|||
register: minifirewall_init_restart
|
||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||
when: minifirewall_is_running.rc == 0 and (minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
||||
when:
|
||||
- minifirewall_restart_if_needed
|
||||
- minifirewall_is_running.rc == 0
|
||||
- (minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
||||
|
||||
- name: restart minifirewall (noop)
|
||||
meta: noop
|
||||
register: minifirewall_init_restart
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
when: not minifirewall_restart_if_needed
|
||||
|
||||
- debug:
|
||||
var: minifirewall_init_restart
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
---
|
||||
|
||||
- set_fact:
|
||||
minifirewall_restart_handler_name: "{{ minifirewall_restart_if_needed | ternary('restart minifirewall', 'restart minifirewall (noop)') }}"
|
||||
|
||||
- include: install.yml
|
||||
|
||||
- include: config.yml
|
||||
|
|
|
@ -35,7 +35,16 @@
|
|||
register: minifirewall_init_restart
|
||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||
when: minifirewall_tail_template | changed
|
||||
when:
|
||||
- minifirewall_tail_template | changed
|
||||
- minifirewall_restart_if_needed
|
||||
|
||||
- name: restart minifirewall (noop)
|
||||
meta: noop
|
||||
register: minifirewall_init_restart
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
when: not minifirewall_restart_if_needed
|
||||
|
||||
- debug:
|
||||
var: minifirewall_init_restart
|
||||
|
|
Loading…
Reference in New Issue