diff options
| author | Egor Tensin <Egor.Tensin@gmail.com> | 2023-08-08 22:30:18 +0200 |
|---|---|---|
| committer | Egor Tensin <Egor.Tensin@gmail.com> | 2023-08-08 22:32:17 +0200 |
| commit | 95a082d3c771fbe9a380f10280134406b7dc3f93 (patch) | |
| tree | 308e62d6d22532d8e7a6406fe3846842d52c19f2 /roles/apt | |
| parent | add firewall role (diff) | |
| download | infra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.tar.gz infra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.zip | |
firewall: reboot on rule changes
Just restaring netfilter-persistent could break other services depending
on iptables, like Docker.
Also, I'm not sure why I need a wait_for_connection after a reboot call,
so get rid of those.
Diffstat (limited to 'roles/apt')
| -rw-r--r-- | roles/apt/handlers/main.yml | 13 | ||||
| -rw-r--r-- | roles/apt/tasks/main.yml | 4 |
2 files changed, 3 insertions, 14 deletions
diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml index 625a8af..81438db 100644 --- a/roles/apt/handlers/main.yml +++ b/roles/apt/handlers/main.yml @@ -1,16 +1,5 @@ - name: Reboot + become: true ansible.builtin.reboot: - args: # 3 minutes is plenty. reboot_timeout: 180 - # Don't reboot yourself accidentally: - when: 'ansible_env["SSH_CLIENT"].split()[0] not in ansible_all_ipv4_addresses' - become: true - listen: reboot - -- name: Wait for connectivity - ansible.builtin.wait_for_connection: - args: - # 3 minutes is plenty. - timeout: 180 - listen: reboot diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml index 63f3ed7..1d07a7f 100644 --- a/roles/apt/tasks/main.yml +++ b/roles/apt/tasks/main.yml @@ -4,7 +4,7 @@ install_recommends: false update_cache: true upgrade: dist - notify: reboot + notify: Reboot - name: Reboot if necessary ansible.builtin.meta: flush_handlers @@ -14,7 +14,7 @@ ansible.builtin.apt: autoremove: true purge: true - notify: reboot + notify: Reboot - name: Reboot if necessary ansible.builtin.meta: flush_handlers |