minifirewall: add a variable to disable the restart handler
This commit is contained in:
parent
944006e63c
commit
96cd04ae40
|
@ -11,6 +11,7 @@ The **patch** part changes incrementally at each release.
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
* minifirewall: add a variable to disable the restart handler
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
|
|
|
@ -16,6 +16,7 @@ Everything is in the `tasks/main.yml` file.
|
||||||
* `minifirewall_trusted_ips`: with IP/hosts should be trusted for full access (default: none)
|
* `minifirewall_trusted_ips`: with IP/hosts should be trusted for full access (default: none)
|
||||||
* `minifirewall_privilegied_ips`: with IP/hosts should be trusted for restricted access (default: none)
|
* `minifirewall_privilegied_ips`: with IP/hosts should be trusted for restricted access (default: none)
|
||||||
* `minifirewall_tail_included` : source a "tail" file at the end of the main config file. (default: `False`)
|
* `minifirewall_tail_included` : source a "tail" file at the end of the main config file. (default: `False`)
|
||||||
|
* `minifirewall_restart_if_needed` : should the restart handler be executed (default: `True`)
|
||||||
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
||||||
|
|
||||||
**Some IP/hosts must be configured or the server will be inaccessible via network.**
|
**Some IP/hosts must be configured or the server will be inaccessible via network.**
|
||||||
|
|
|
@ -24,6 +24,7 @@ minifirewall_private_ports_tcp: [5666]
|
||||||
minifirewall_private_ports_udp: []
|
minifirewall_private_ports_udp: []
|
||||||
|
|
||||||
minifirewall_autostart: "no"
|
minifirewall_autostart: "no"
|
||||||
|
minifirewall_restart_if_needed: True
|
||||||
|
|
||||||
evomaintenance_hosts: []
|
evomaintenance_hosts: []
|
||||||
|
|
||||||
|
|
|
@ -123,7 +123,17 @@
|
||||||
register: minifirewall_init_restart
|
register: minifirewall_init_restart
|
||||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||||
when: minifirewall_is_running.rc == 0 and (minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
when:
|
||||||
|
- minifirewall_restart_if_needed
|
||||||
|
- minifirewall_is_running.rc == 0
|
||||||
|
- (minifirewall_config_ips | changed or minifirewall_config_ports | changed)
|
||||||
|
|
||||||
|
- name: restart minifirewall (noop)
|
||||||
|
meta: noop
|
||||||
|
register: minifirewall_init_restart
|
||||||
|
failed_when: False
|
||||||
|
changed_when: False
|
||||||
|
when: not minifirewall_restart_if_needed
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
var: minifirewall_init_restart
|
var: minifirewall_init_restart
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
minifirewall_restart_handler_name: "{{ minifirewall_restart_if_needed | ternary('restart minifirewall', 'restart minifirewall (noop)') }}"
|
||||||
|
|
||||||
- include: install.yml
|
- include: install.yml
|
||||||
|
|
||||||
- include: config.yml
|
- include: config.yml
|
||||||
|
|
|
@ -35,7 +35,16 @@
|
||||||
register: minifirewall_init_restart
|
register: minifirewall_init_restart
|
||||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||||
when: minifirewall_tail_template | changed
|
when:
|
||||||
|
- minifirewall_tail_template | changed
|
||||||
|
- minifirewall_restart_if_needed
|
||||||
|
|
||||||
|
- name: restart minifirewall (noop)
|
||||||
|
meta: noop
|
||||||
|
register: minifirewall_init_restart
|
||||||
|
failed_when: False
|
||||||
|
changed_when: False
|
||||||
|
when: not minifirewall_restart_if_needed
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
var: minifirewall_init_restart
|
var: minifirewall_init_restart
|
||||||
|
|
Loading…
Reference in a new issue