aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles/firewall/tasks
diff options
context:
space:
mode:
authorEgor Tensin <Egor.Tensin@gmail.com>2023-08-08 22:30:18 +0200
committerEgor Tensin <Egor.Tensin@gmail.com>2023-08-08 22:32:17 +0200
commit95a082d3c771fbe9a380f10280134406b7dc3f93 (patch)
tree308e62d6d22532d8e7a6406fe3846842d52c19f2 /roles/firewall/tasks
parentadd firewall role (diff)
downloadinfra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.tar.gz
infra-ansible-95a082d3c771fbe9a380f10280134406b7dc3f93.zip
firewall: reboot on rule changes
Just restaring netfilter-persistent could break other services depending on iptables, like Docker. Also, I'm not sure why I need a wait_for_connection after a reboot call, so get rid of those.
Diffstat (limited to 'roles/firewall/tasks')
-rw-r--r--roles/firewall/tasks/main.yml4
1 files changed, 2 insertions, 2 deletions
diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml
index 9fcf543..345f6a6 100644
--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@@ -16,7 +16,7 @@
loop:
- {src: rules.v4, dest: /etc/iptables/rules.v4}
- {src: rules.v6, dest: /etc/iptables/rules.v6}
- notify: Reload iptables
+ notify: Reboot
-- name: Flush handlers
+- name: Reboot if necessary
ansible.builtin.meta: flush_handlers