179 lines
4.2 KiB
YAML
179 lines
4.2 KiB
YAML
---
|
|
|
|
# Legacy or modern mode? ##############################################
|
|
|
|
- name: Check minifirewall
|
|
stat:
|
|
path: /etc/init.d/minifirewall
|
|
register: _minifirewall_check
|
|
tags:
|
|
- always
|
|
|
|
# Legacy versions of minifirewall don't define the VERSION variable
|
|
- name: Look for minifirewall version
|
|
shell: "grep -E '^\\s*VERSION=' /etc/init.d/minifirewall"
|
|
failed_when: False
|
|
changed_when: False
|
|
check_mode: False
|
|
register: _minifirewall_version_check
|
|
tags:
|
|
- always
|
|
|
|
- name: Set install mode to legacy if needed
|
|
set_fact:
|
|
minifirewall_install_mode: legacy
|
|
minifirewall_main_file: "{{ minifirewall_legacy_main_file }}"
|
|
minifirewall_tail_file: "{{ minifirewall_legacy_tail_file }}"
|
|
when:
|
|
- minifirewall_install_mode != 'modern'
|
|
- not (minifirewall_force_upgrade_script | bool)
|
|
- _minifirewall_version_check.rc == 1 # grep didn't find but the file exists
|
|
tags:
|
|
- always
|
|
|
|
- name: Set install mode to modern if not legacy
|
|
set_fact:
|
|
minifirewall_install_mode: modern
|
|
when: minifirewall_install_mode != 'legacy'
|
|
tags:
|
|
- always
|
|
|
|
- name: Debug install mode
|
|
debug:
|
|
var: minifirewall_install_mode
|
|
verbosity: 1
|
|
tags:
|
|
- always
|
|
|
|
- name: 'Set minifirewall_restart_handler_name to "noop"'
|
|
set_fact:
|
|
minifirewall_restart_handler_name: "restart minifirewall (noop)"
|
|
when:
|
|
- not (minifirewall_restart_if_needed | bool)
|
|
tags:
|
|
- always
|
|
|
|
- name: 'Set minifirewall_restart_handler_name to "legacy"'
|
|
set_fact:
|
|
minifirewall_restart_handler_name: "restart minifirewall (legacy)"
|
|
when:
|
|
- minifirewall_restart_if_needed | bool
|
|
- minifirewall_install_mode == 'legacy'
|
|
tags:
|
|
- always
|
|
|
|
- name: 'Set minifirewall_restart_handler_name to "modern"'
|
|
set_fact:
|
|
minifirewall_restart_handler_name: "restart minifirewall (modern)"
|
|
when:
|
|
- minifirewall_restart_if_needed | bool
|
|
- minifirewall_install_mode != 'legacy'
|
|
tags:
|
|
- always
|
|
|
|
#######################################################################
|
|
|
|
- name: Fail if minifirewall_main_file is defined (legacy mode)
|
|
fail:
|
|
msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_main_file is defined
|
|
tags:
|
|
- always
|
|
|
|
- name: Install tasks (modern mode)
|
|
import_tasks: install.yml
|
|
when: minifirewall_install_mode != 'legacy'
|
|
|
|
- name: Install tasks (legacy mode)
|
|
import_tasks: install.legacy.yml
|
|
when: minifirewall_install_mode == 'legacy'
|
|
|
|
- name: Debug minifirewall_update_config
|
|
debug:
|
|
var: minifirewall_update_config | bool
|
|
verbosity: 1
|
|
tags:
|
|
- always
|
|
|
|
- name: Config tasks (modern mode)
|
|
include_tasks: config.yml
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_update_config | bool
|
|
tags:
|
|
- manage
|
|
|
|
- name: Config tasks (legacy mode)
|
|
include_tasks: config.legacy.yml
|
|
args:
|
|
apply:
|
|
tags:
|
|
- manage
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_update_config | bool
|
|
|
|
- name: Utils tasks
|
|
include_tasks: utils.yml
|
|
|
|
- name: NRPE tasks
|
|
include_tasks: nrpe.yml
|
|
|
|
- name: Activation tasks
|
|
include_tasks: activate.yml
|
|
|
|
- name: Debug minifirewall_tail_included
|
|
debug:
|
|
var: minifirewall_tail_included | bool
|
|
verbosity: 1
|
|
tags:
|
|
- always
|
|
|
|
- name: Tail tasks (modern mode)
|
|
include_tasks: tail.yml
|
|
args:
|
|
apply:
|
|
tags:
|
|
- manage
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_tail_included | bool
|
|
|
|
- name: Tail tasks (legacy mode)
|
|
include_tasks: tail.legacy.yml
|
|
args:
|
|
apply:
|
|
tags:
|
|
- manage
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_tail_included | bool
|
|
|
|
# Restart?
|
|
|
|
- name: Debug minifirewall_restart_force
|
|
debug:
|
|
var: minifirewall_restart_force | bool
|
|
verbosity: 1
|
|
tags:
|
|
- always
|
|
|
|
- name: Force restart minifirewall (legacy)
|
|
command: /bin/true
|
|
notify: "restart minifirewall (legacy)"
|
|
tags:
|
|
- always
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_restart_force | bool
|
|
|
|
- name: Force restart minifirewall (modern)
|
|
command: /bin/true
|
|
notify: "restart minifirewall (modern)"
|
|
tags:
|
|
- always
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_restart_force | bool |