110 lines
3.4 KiB
YAML
110 lines
3.4 KiB
YAML
---
|
|
|
|
- name: Compose minifirewall_restart_handler_name variable
|
|
set_fact:
|
|
minifirewall_restart_handler_name: "{{ minifirewall_restart_if_needed | bool | ternary('restart minifirewall', 'restart minifirewall (noop)') }}"
|
|
|
|
# Legacy or modern mode? ##############################################
|
|
|
|
- name: Check minifirewall
|
|
stat:
|
|
path: /etc/init.d/minifirewall
|
|
register: _minifirewall_check
|
|
|
|
# Legacy versions of minifirewall don't define the VERSION variable
|
|
- name: Look for minifirewall version
|
|
shell: "grep -E '^\\s*VERSION=' /etc/init.d/minifirewall"
|
|
failed_when: False
|
|
changed_when: False
|
|
check_mode: False
|
|
register: _minifirewall_version_check
|
|
|
|
- name: Set install mode to legacy if needed
|
|
set_fact:
|
|
minifirewall_install_mode: legacy
|
|
minifirewall_main_file: "{{ minifirewall_legacy_main_file }}"
|
|
minifirewall_tail_file: "{{ minifirewall_legacy_tail_file }}"
|
|
when:
|
|
- minifirewall_install_mode != 'modern'
|
|
- not (minifirewall_force_upgrade_script | bool)
|
|
- _minifirewall_version_check.rc == 1 # grep didn't find but the file exists
|
|
|
|
- name: Set install mode to modern if not legacy
|
|
set_fact:
|
|
minifirewall_install_mode: modern
|
|
when: minifirewall_install_mode != 'legacy'
|
|
|
|
- name: Debug install mode
|
|
debug:
|
|
var: minifirewall_install_mode
|
|
verbosity: 1
|
|
|
|
#######################################################################
|
|
|
|
- name: Fail if minifirewall_main_file is defined (legacy mode)
|
|
fail:
|
|
msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_main_file is defined
|
|
|
|
- name: Install tasks (modern mode)
|
|
include: install.yml
|
|
when: minifirewall_install_mode != 'legacy'
|
|
|
|
- name: Install tasks (legacy mode)
|
|
include: install.legacy.yml
|
|
when: minifirewall_install_mode == 'legacy'
|
|
|
|
- name: Config tasks (modern mode)
|
|
include: config.yml
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_update_config | bool
|
|
|
|
- name: Config tasks (legacy mode)
|
|
include: config.legacy.yml
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_update_config | bool
|
|
|
|
- name: Utils tasks
|
|
include: utils.yml
|
|
|
|
- name: NRPE tasks
|
|
include: nrpe.yml
|
|
|
|
- name: Activation tasks
|
|
include: activate.yml
|
|
|
|
- name: Tail tasks (modern mode)
|
|
include: tail.yml
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_tail_included | bool
|
|
|
|
- name: Tail tasks (legacy mode)
|
|
include: tail.legacy.yml
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_tail_included | bool
|
|
|
|
# Restart?
|
|
|
|
- name: Force restart minifirewall (modern mode)
|
|
command: /etc/init.d/minifirewall restart
|
|
register: minifirewall_init_restart
|
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
|
when:
|
|
- minifirewall_install_mode != 'legacy'
|
|
- minifirewall_restart_force | bool
|
|
|
|
- name: Force restart minifirewall (legacy mode)
|
|
command: /etc/init.d/minifirewall restart
|
|
register: minifirewall_init_restart
|
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
|
when:
|
|
- minifirewall_install_mode == 'legacy'
|
|
- minifirewall_restart_force | bool |