Ansible roles by Evolix
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
ansible-roles/minifirewall/tasks/main.yml

110 lines
3.4 KiB

---
- name: Compose minifirewall_restart_handler_name variable
set_fact:
minifirewall_restart_handler_name: "{{ minifirewall_restart_if_needed | bool | ternary('restart minifirewall', 'restart minifirewall (noop)') }}"
# Legacy or modern mode? ##############################################
- name: Check minifirewall
stat:
path: /etc/init.d/minifirewall
register: _minifirewall_check
# Legacy versions of minifirewall don't define the VERSION variable
- name: Look for minifirewall version
shell: "grep -E '^\\s*VERSION=' /etc/init.d/minifirewall"
failed_when: False
changed_when: False
check_mode: False
register: _minifirewall_version_check
- name: Set install mode to legacy if needed
set_fact:
minifirewall_install_mode: legacy
minifirewall_main_file: "{{ minifirewall_legacy_main_file }}"
minifirewall_tail_file: "{{ minifirewall_legacy_tail_file }}"
when:
- minifirewall_install_mode != 'modern'
- not (minifirewall_force_upgrade_script | bool)
- _minifirewall_version_check.rc == 1 # grep didn't find but the file exists
- name: Set install mode to modern if not legacy
set_fact:
minifirewall_install_mode: modern
when: minifirewall_install_mode != 'legacy'
- name: Debug install mode
debug:
var: minifirewall_install_mode
verbosity: 1
#######################################################################
- name: Fail if minifirewall_main_file is defined (legacy mode)
fail:
msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
when:
- minifirewall_install_mode != 'legacy'
- minifirewall_main_file is defined
- name: Install tasks (modern mode)
include: install.yml
when: minifirewall_install_mode != 'legacy'
- name: Install tasks (legacy mode)
include: install.legacy.yml
when: minifirewall_install_mode == 'legacy'
- name: Config tasks (modern mode)
include: config.yml
when:
- minifirewall_install_mode != 'legacy'
- minifirewall_update_config | bool
- name: Config tasks (legacy mode)
include: config.legacy.yml
when:
- minifirewall_install_mode == 'legacy'
- minifirewall_update_config | bool
- name: Utils tasks
include: utils.yml
- name: NRPE tasks
include: nrpe.yml
- name: Activation tasks
include: activate.yml
- name: Tail tasks (modern mode)
include: tail.yml
when:
- minifirewall_install_mode != 'legacy'
- minifirewall_tail_included | bool
- name: Tail tasks (legacy mode)
include: tail.legacy.yml
when:
- minifirewall_install_mode == 'legacy'
- minifirewall_tail_included | bool
# Restart?
- name: Force restart minifirewall (modern mode)
command: /etc/init.d/minifirewall restart
register: minifirewall_init_restart
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
when:
- minifirewall_install_mode != 'legacy'
- minifirewall_restart_force | bool
- name: Force restart minifirewall (legacy mode)
command: /etc/init.d/minifirewall restart
register: minifirewall_init_restart
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
when:
- minifirewall_install_mode == 'legacy'
- minifirewall_restart_force | bool