ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

commit d1d03ad41043f5565db0ec2bcc39605c91b59623
parent c2fe523ebc428cec8c788a173d9428a8cf38d872
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 21 Feb 2021 18:22:02 +0100

roles/acme-redirect: restart nftables using handler

5 files changed, 37 insertions(+), 41 deletions(-)
A
roles/acme-redirect/meta/main.yml
|
5
+++++
M
roles/acme-redirect/tasks/firewall.yml
|
19
++-----------------
M
roles/acme-redirect/tasks/main.yml
|
5
+++++
A
roles/acme-redirect/tasks/renew.yml
|
25
+++++++++++++++++++++++++
M
roles/acme-redirect/tasks/start.yml
|
24
------------------------
diff --git a/roles/acme-redirect/meta/main.yml b/roles/acme-redirect/meta/main.yml
@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - nftables-handler+
\ No newline at end of file

diff --git a/roles/acme-redirect/tasks/firewall.yml b/roles/acme-redirect/tasks/firewall.yml
@@ -6,19 +6,4 @@
     dest: /etc/nftables.d/acme-redirect.nft
   when:
     - network.nftables.enable is true
-
-- name: "[OpenRC] Restart service: nftables"
-  service:
-    name: nftables
-    state: restarted
-  when:
-    - ansible_service_mgr == "openrc"
-    - network.nftables.enable is true
-
-- name: "[systemd] Restart service: nftables"
-  systemd:
-    name: nftables
-    state: restarted
-  when:
-    - ansible_service_mgr == "systemd"
-    - network.nftables.enable is true-
\ No newline at end of file
+  notify: Restart nftables+
\ No newline at end of file

diff --git a/roles/acme-redirect/tasks/main.yml b/roles/acme-redirect/tasks/main.yml
@@ -24,6 +24,11 @@
 - name: Run handlers
   meta: flush_handlers
 
+- include: renew.yml
+  when:
+    - services.acme_redirect.enable is defined
+    - services.acme_redirect.enable is true
+
 - include: remove.yml
   when:
     - services.acme_redirect.enable is defined

diff --git a/roles/acme-redirect/tasks/renew.yml b/roles/acme-redirect/tasks/renew.yml
@@ -0,0 +1,25 @@
+---
+
+- command:
+    cmd: acme-redirect check -q
+  register: acme_check
+  become: yes
+  become_user: acme-redirect
+  when:
+    - services.acme_redirect.enable is true
+
+- fail:
+    msg: "Check of Certs failed: {{acme_check.stdout}}"
+  when:
+    - acme_check.stdout | length > 0
+
+- command:
+    cmd: acme-redirect renew -q
+  register: acme_renew
+  become: yes
+  become_user: acme-redirect
+
+- fail:
+    msg: "Renew of certs failed: {{acme_renew.stdout}}"
+  when:
+    - acme_renew.stdout | length > 0

diff --git a/roles/acme-redirect/tasks/start.yml b/roles/acme-redirect/tasks/start.yml
@@ -15,27 +15,3 @@
     state: started
   when:
     - ansible_service_mgr == "systemd"
-
-- command:
-    cmd: acme-redirect check -q
-  register: acme_check
-  become: yes
-  become_user: acme-redirect
-  when:
-    - services.acme_redirect.enable is true
-
-- fail:
-    msg: "Check of Certs failed: {{acme_check.stdout}}"
-  when:
-    - acme_check.stdout | length > 0
-
-- command:
-    cmd: acme-redirect renew -q
-  register: acme_renew
-  become: yes
-  become_user: acme-redirect
-
-- fail:
-    msg: "Renew of certs failed: {{acme_renew.stdout}}"
-  when:
-    - acme_renew.stdout | length > 0