roles/harden/handlers/main.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

- name: update grub
  command: update-grub

- name: reload fail2ban
  command: fail2ban-client reload

- name: enable ufw
  ufw:
    state: enabled
    policy: deny

- name: restart ufw
  systemd:
    name: ufw
    state: restarted
    enabled: true
  when: ansible_facts['service_mgr'] == 'systemd'

- name: restart ssh
  systemd:
    name: ssh
    state: restarted
    enabled: true
  when: ansible_facts['service_mgr'] == 'systemd'

- name: restart unattended-upgrades
  systemd:
    name: unattended-upgrades
    state: restarted
    enabled: true
  when: ansible_facts['service_mgr'] == 'systemd'

- name: restart fail2ban
  systemd:
    name: fail2ban
    state: restarted
    enabled: true
  when: ansible_facts['service_mgr'] == 'systemd'