diff options
author | Egor Tensin <Egor.Tensin@gmail.com> | 2023-08-08 22:30:18 +0200 |
---|---|---|
committer | Egor Tensin <Egor.Tensin@gmail.com> | 2023-08-08 22:32:17 +0200 |
commit | 95a082d3c771fbe9a380f10280134406b7dc3f93 (patch) | |
tree | 308e62d6d22532d8e7a6406fe3846842d52c19f2 /roles/apt/handlers/main.yml | |
parent | add firewall role (diff) | |
download | infra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.tar.gz infra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.zip |
firewall: reboot on rule changes
Just restaring netfilter-persistent could break other services depending
on iptables, like Docker.
Also, I'm not sure why I need a wait_for_connection after a reboot call,
so get rid of those.
Diffstat (limited to 'roles/apt/handlers/main.yml')
-rw-r--r-- | roles/apt/handlers/main.yml | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml index 625a8af..81438db 100644 --- a/roles/apt/handlers/main.yml +++ b/roles/apt/handlers/main.yml @@ -1,16 +1,5 @@ - name: Reboot + become: true ansible.builtin.reboot: - args: # 3 minutes is plenty. reboot_timeout: 180 - # Don't reboot yourself accidentally: - when: 'ansible_env["SSH_CLIENT"].split()[0] not in ansible_all_ipv4_addresses' - become: true - listen: reboot - -- name: Wait for connectivity - ansible.builtin.wait_for_connection: - args: - # 3 minutes is plenty. - timeout: 180 - listen: reboot |