Update..

2020-04-29 18:49:59 +02:00
parent bd44e1968d
commit 7b4bc8a5a6
13 changed files with 1434 additions and 3 deletions
--- a/scripts/modify-ipt-server.yml.BAK
+++ b/scripts/modify-ipt-server.yml.BAK
@ -672,3 +672,53 @@
    #changed_when: "marker_ipv6_removed.rc < 1"
    when: 
      - main_ipv6_exists.stat.exists
+  
+  # ---
+  # Firewall scripts
+  # ---
+  
+  - name: Check if firewall scripts are latest
+    shell: 'diff {{ git_firewall_repository.dest }}/{{ item }} /usr/local/sbin/{{ item }} > /dev/null 2>&1'
+    changed_when: "diff_script_output.rc > 0"
+    # diff_output.rc
+    #    0  -> unchanged
+    #    1  -> changed
+    #    2  -> not present
+    failed_when: "diff_script_output.rc > 2"
+    when: git_firewall_repository is defined and git_firewall_repository > 0
+    loop:
+       - ipt-firewall-server
+       - ip6t-firewall-server
+    register: diff_script_output
+  
+  - name: Ensure firewall scripts are latest
+    command: cp {{ git_firewall_repository.dest }}/{{ item }} /usr/local/sbin/{{ item }}
+    loop:
+       - ipt-firewall-server
+       - ip6t-firewall-server
+    when:
+      - git_firewall_repository is defined and git_firewall_repository > 0
+      - diff_script_output.changed
+    notify:
+      - Restart IPv4 Firewall
+      - Restart IPv6 Firewall
+
+  # ===
+  # Handlers used by this playbook
+  # ===
+
+  handlers:
+    - name: Restart IPv4 Firewall
+      service:
+  	   name: ipt-firewall
+  	   state: restarted
+      when:
+  	   - main_ipv4_exists.stat.exists
+  
+    - name: Restart IPv6 Firewall
+      service:
+  	   name: ip6t-firewall
+  	   state: restarted
+      when:
+  	   - main_ipv6_exists.stat.exists
+