From d75d7f65570e4a2f5c1db3e0f936a1c42897b570 Mon Sep 17 00:00:00 2001
From: Rene Mewissen <rene@tantooine.myfirewall.org>
Date: Wed, 1 Oct 2025 14:51:26 +0200
Subject: [PATCH] moved listen to outside of block

---
 main.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 main.yml

diff --git a/main.yml b/main.yml
new file mode 100644
index 0000000..a3398eb
--- /dev/null
+++ b/main.yml
@@ -0,0 +1,22 @@
+---
+- name: update aide database
+  listen: "update aide db"
+  block: # This block is now a task within the handler
+    - name: system setup | aide | run aide --update to check for legitimate changes
+      tags: aide,hardening,system
+      command: aide --update
+      register: aide_update_result
+      changed_when: "'new database written to' in aide_update_result.stdout"
+      async: 1800 # Allow up to 30 minutes for update
+      poll: 15
+
+    - name: system setup | aide | activate updated database
+      tags: aide,hardening,system
+      copy:
+        src: /var/lib/aide/aide.db.new
+        dest: /var/lib/aide/aide.db
+        remote_src: true
+        owner: root
+        group: root
+        mode: '0600'
+      when: aide_update_result.changed
\ No newline at end of file