From 3706754b6b9435a9a5a92338026092d315cef7fe Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Mon, 3 Dec 2018 08:59:30 -0800 Subject: [PATCH] Don't import tasks in iptables reload and use listen This syntax doesn't work in Ansible 2.8.0. Futher, we can use "listen" to collapse the notify to a single item (at the expense of duplicating the when clause in the handlers). Change-Id: I05e2d32f4e1e692ac528a7254c6e3be2858ebacf --- playbooks/roles/iptables/handlers/main.yaml | 17 +++++++++++++---- playbooks/roles/iptables/tasks/main.yaml | 6 ++---- .../roles/iptables/tasks/reload-debian.yaml | 2 -- .../roles/iptables/tasks/reload-redhat.yaml | 5 ----- 4 files changed, 15 insertions(+), 15 deletions(-) delete mode 100644 playbooks/roles/iptables/tasks/reload-debian.yaml delete mode 100644 playbooks/roles/iptables/tasks/reload-redhat.yaml diff --git a/playbooks/roles/iptables/handlers/main.yaml b/playbooks/roles/iptables/handlers/main.yaml index 1d54c922c6..09d10fa018 100644 --- a/playbooks/roles/iptables/handlers/main.yaml +++ b/playbooks/roles/iptables/handlers/main.yaml @@ -1,11 +1,20 @@ -- name: Reload iptables Debian - import_tasks: tasks/reload-debian.yaml +- name: Reload iptables (Debian) + command: '{{ reload_command }}' when: - not ansible_facts.is_chroot - ansible_facts.os_family == 'Debian' + listen: "Reload iptables" -- name: Reload iptables RedHat - import_tasks: tasks/reload-redhat.yaml +- name: Reload iptables (RedHat) + command: 'systemctl reload iptables' when: - not ansible_facts.is_chroot - ansible_facts.os_family == 'RedHat' + listen: "Reload iptables" + +- name: Reload ip6tables (Red Hat) + command: 'systemctl reload ip6tables' + when: + - not ansible_facts.is_chroot + - ansible_facts.os_family == 'RedHat' + listen: "Reload iptables" \ No newline at end of file diff --git a/playbooks/roles/iptables/tasks/main.yaml b/playbooks/roles/iptables/tasks/main.yaml index 62bd120357..314d6adacf 100644 --- a/playbooks/roles/iptables/tasks/main.yaml +++ b/playbooks/roles/iptables/tasks/main.yaml @@ -25,8 +25,7 @@ mode: 0640 setype: '{{ setype | default(omit) }}' notify: - - Reload iptables Debian - - Reload iptables RedHat + - Reload iptables - name: Install IPv6 rules files template: @@ -37,8 +36,7 @@ mode: 0640 setype: '{{ setype | default(omit) }}' notify: - - Reload iptables Debian - - Reload iptables RedHat + - Reload iptables - name: Include OS specific tasks include_tasks: "{{ item }}" diff --git a/playbooks/roles/iptables/tasks/reload-debian.yaml b/playbooks/roles/iptables/tasks/reload-debian.yaml deleted file mode 100644 index 3e8483aa82..0000000000 --- a/playbooks/roles/iptables/tasks/reload-debian.yaml +++ /dev/null @@ -1,2 +0,0 @@ -- name: Reload iptables (Debian) - command: '{{ reload_command }}' diff --git a/playbooks/roles/iptables/tasks/reload-redhat.yaml b/playbooks/roles/iptables/tasks/reload-redhat.yaml deleted file mode 100644 index 4be6044de4..0000000000 --- a/playbooks/roles/iptables/tasks/reload-redhat.yaml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Reload iptables (Red Hat) - command: 'systemctl reload iptables' - -- name: Reload ip6tables (Red Hat) - command: 'systemctl reload ip6tables'