From 8fb0b275bf00c963a24c21e1dfbaa64491c4f445 Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Sun, 25 May 2025 11:51:57 +0300
Subject: added role-based playbooks

---
 roles/harden/handlers/main.yaml | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 roles/harden/handlers/main.yaml

(limited to 'roles/harden/handlers')

diff --git a/roles/harden/handlers/main.yaml b/roles/harden/handlers/main.yaml
new file mode 100644
index 0000000..e25c78f
--- /dev/null
+++ b/roles/harden/handlers/main.yaml
@@ -0,0 +1,38 @@
+- name: update grub
+  command: update-grub
+
+- name: reload fail2ban
+  command: fail2ban-client reload
+
+- name: enable ufw
+  ufw:
+    state: enabled
+    policy: deny
+
+- name: restart ufw
+  systemd:
+    name: ufw
+    state: restarted
+    enabled: true
+  when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart ssh
+  systemd:
+    name: ssh
+    state: restarted
+    enabled: true
+  when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart unattended-upgrades
+  systemd:
+    name: unattended-upgrades
+    state: restarted
+    enabled: true
+  when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: restart fail2ban
+  systemd:
+    name: fail2ban
+    state: restarted
+    enabled: true
+  when: ansible_facts['service_mgr'] == 'systemd'
-- 
cgit v1.2.3