Ensure to disable nftables unit from old target
This commit is contained in:
parent
a34e5441a9
commit
477f4f722c
GPG Key ID:
E759BAA22501AF32
|
|
@ -18,6 +18,7 @@
|
|||
### Fixed
|
||||
* Ansible-lint: Fix line longer than 160 chars.
|
||||
* Start nftables systemd unit earlier (thanks to @kravietz − PR #19).
|
||||
* Ensure to disable nftables systemd unit from old target.
|
||||
|
||||
## v1.7.0
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,8 @@
|
|||
- name: Restart nftables service
|
||||
systemd:
|
||||
daemon_reload: '{{ (nftables__register_systemd_service.changed | default(False)) or
|
||||
(nftables__register_fail2ban_service.changed | default(False)) }}'
|
||||
(nftables__register_fail2ban_service.changed | default(False)) or
|
||||
(nftables__register_fix_systemd_target.changed | default(False)) }}'
|
||||
state: 'restarted'
|
||||
name: '{{ nft_service_name }}'
|
||||
enabled: '{{ nft_service_enabled }}'
|
||||
|
|
|
|||
|
|
@ -174,8 +174,8 @@
|
|||
when: (nft_enabled|bool and
|
||||
nft__nat_table_manage|bool)
|
||||
|
||||
# Manage service [[[1
|
||||
- name: Install Debian systemd service unit
|
||||
# Manage nftables service [[[1
|
||||
- name: Install nftables Debian systemd service unit
|
||||
template:
|
||||
src: '{{ nft_service_unit_content }}'
|
||||
dest: '{{ nft_service_unit_path }}'
|
||||
|
|
@ -187,6 +187,15 @@
|
|||
nft_service_manage|bool)
|
||||
notify: ['Restart nftables service']
|
||||
|
||||
- name: Ensure to remove nftables systemd service from old target
|
||||
file:
|
||||
path: '/etc/systemd/system/multi-user.target.wants/nftables.service'
|
||||
state: absent
|
||||
register: nftables__register_fix_systemd_target
|
||||
when: (nft_enabled|bool and
|
||||
nft_service_manage|bool)
|
||||
notify: ['Restart nftables service']
|
||||
|
||||
# Manage custom fail2ban service [[[1
|
||||
- name: Create Fail2Ban custom directory for systemd service
|
||||
file:
|
||||
|
|
|
|||
Loading…
Reference in New Issue