From b8f1d76bd38d03e68fbc51f8e7340a9963a4104d Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Thu, 29 May 2025 19:34:32 +0300
Subject: removed handlers, need to run all the time

---
 .../ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml | 31 ++++++++++++++++++----
 1 file changed, 26 insertions(+), 5 deletions(-)

(limited to 'roles/ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml')

diff --git a/roles/ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml b/roles/ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml
index beb0910..75a790c 100644
--- a/roles/ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml
+++ b/roles/ssh-nginx-multiplex/tasks/ssh_nginx_setup.yaml
@@ -41,7 +41,13 @@
       owner: root
       group: root
       mode: '0644'
-    notify: restart nginx
+
+  - name: restart nginx
+    systemd:
+      name: nginx
+      state: restarted
+      enabled: true
+    when: ansible_service_mgr == 'systemd'
   
   - name: deploy sslh config file
     template:
@@ -50,16 +56,19 @@
       owner: root
       group: root
       mode: '0644'
-    notify: restart sslh
+
+  - name: restart sslh
+    systemd:
+      name: sslh
+      state: restarted
+      enabled: true
+    when: ansible_service_mgr == 'systemd'
 
   - name: allow ssh port and enable ufw
     ufw:
       rule: allow
       port: "{{ internal_sshd_port }}"
       proto: tcp
-    notify: 
-      - enable ufw
-      - restart ufw
   
   - name: allow http port and enable ufw
     ufw:
@@ -70,6 +79,18 @@
       - enable ufw
       - restart ufw
 
+  - name: enable ufw
+    ufw:
+      state: enabled
+      policy: deny
+  
+  - name: restart ufw
+    systemd:
+      name: ufw
+      state: restarted
+      enabled: true
+    when: ansible_service_mgr == 'systemd'
+
   when:
     - public_sslh_port is defined
     - internal_nginx_port is defined
-- 
cgit v1.2.3