majic-ansible-roles Files · roles/common/handlers/main.yml

Files @ 72af31a420be

Branch filter:

Location: majic-ansible-roles/roles/common/handlers/main.yml

72af31a420be 1005 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-192: Switch to using NTPsec NTP server for increased security:

- This has for some time been a way better option, and it should also
provide for compatibility with Debian 12 Bookworm.

---

- name: Update PAM configuration  # noqa 301
  # [301] Commands should not change things if nothing needs doing
  #   This task is invoked only if user is very specific about requiring to
  #   run the handlers manually as a way to bring the system to consistency
  #   after interrupted runs.
  command: "/usr/sbin/pam-auth-update --package"

- name: Restart SSH
  service:
    name: ssh
    state: restarted

- name: Update CA certificate cache  # noqa 301
  # [301] Commands should not change things if nothing needs doing
  #   This task is invoked only if user is very specific about requiring to
  #   run the handlers manually as a way to bring the system to consistency
  #   after interrupted runs.
  command: "/usr/sbin/update-ca-certificates --fresh"

- name: Restart ferm
  service:
    name: ferm
    state: restarted

- name: Reload systemd
  systemd:
    daemon_reload: true

- name: Restart NTP server
  service:
    name: ntpsec
    state: restarted
  when: ntp_servers | length > 0