aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorAaron LI <aly@aaronly.me>2018-03-08 21:54:50 +0800
committerAaron LI <aly@aaronly.me>2018-03-14 11:35:08 +0800
commit7fed657b7728d36a8635695afc147ebd5dda0830 (patch)
tree8e6c7711ec7106a4ba0b181f368c6d5cbec6de79 /roles
parentf5b1f531b5544a1d335f75d057620ce0db92ffef (diff)
downloadansible-dfly-vps-7fed657b7728d36a8635695afc147ebd5dda0830.tar.bz2
security: restart syslogd and reload pf
Diffstat (limited to 'roles')
-rw-r--r--roles/security/handlers/main.yml3
-rw-r--r--roles/security/tasks/main.yml2
2 files changed, 5 insertions, 0 deletions
diff --git a/roles/security/handlers/main.yml b/roles/security/handlers/main.yml
index e63d093..d4926b7 100644
--- a/roles/security/handlers/main.yml
+++ b/roles/security/handlers/main.yml
@@ -1,3 +1,6 @@
---
+- name: restart-syslogd
+ command: rcrestart syslogd
+
- name: reload-pf
command: rcreload pf
diff --git a/roles/security/tasks/main.yml b/roles/security/tasks/main.yml
index 0a7ef0f..08780a5 100644
--- a/roles/security/tasks/main.yml
+++ b/roles/security/tasks/main.yml
@@ -4,6 +4,7 @@
src: pf.conf.j2
dest: /etc/pf.conf
validate: "pfctl -nf %s"
+ notify: reload-pf
- name: firewall - enable PF
command: rcenable pf
@@ -18,6 +19,7 @@
block: |
# Block SSH auth failures using "sshlockout" and "pf"
auth.info;authpriv.info |exec /usr/sbin/sshlockout -pf bruteforce
+ notify: restart-syslogd
- name: periodic - copy clean-pf script
copy: