aboutsummaryrefslogtreecommitdiff
path: root/roles/harden/handlers/main.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/harden/handlers/main.yaml')
-rw-r--r--roles/harden/handlers/main.yaml38
1 files changed, 38 insertions, 0 deletions
diff --git a/roles/harden/handlers/main.yaml b/roles/harden/handlers/main.yaml
new file mode 100644
index 0000000..e25c78f
--- /dev/null
+++ b/roles/harden/handlers/main.yaml
@@ -0,0 +1,38 @@
+- name: update grub
+ command: update-grub
+
+- name: reload fail2ban
+ command: fail2ban-client reload
+
+- name: enable ufw
+ ufw:
+ state: enabled
+ policy: deny
+
+- name: restart ufw
+ systemd:
+ name: ufw
+ state: restarted
+ enabled: true
+ when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart ssh
+ systemd:
+ name: ssh
+ state: restarted
+ enabled: true
+ when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart unattended-upgrades
+ systemd:
+ name: unattended-upgrades
+ state: restarted
+ enabled: true
+ when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart fail2ban
+ systemd:
+ name: fail2ban
+ state: restarted
+ enabled: true
+ when: ansible_facts['service_mgr'] == 'systemd'
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-26 01:29:33 +0000