Handler neu organisiert

2025-10-15 10:17:29 +02:00
parent d1d15ea480
commit da68d324ca
4 changed files with 32 additions and 53 deletions
--- a/global_handlers/global_handlers.yml
+++ b/global_handlers/global_handlers.yml
@@ -1,20 +1,34 @@
 ---
- name: Update_aide_database
-  tags: aide,hardening,system
-  block:
-    - name: system setup | aide | run aide --update to check for legitimate changes
-      command: aide --config /etc/aide/aide.conf --update
-      register: aide_update_result
-      changed_when: "'new database written to' in aide_update_result.stdout"
-      async: 1800 # Allow up to 30 minutes for update
-      poll: 15
+- name: apt_update
+  apt:
+    update_cache: yes
+  when: ansible_os_family == "Debian"

-    - name: system setup | aide | activate updated database
-      copy:
-        src: /var/lib/aide/aide.db.new
-        dest: /var/lib/aide/aide.db
-        remote_src: true
-        owner: root
-        group: root
-        mode: '0600'
-      when: aide_update_result.changed
+- name: restart_sshd
+  service:
+    name: "{{ openssh_service }}"
+    state: restarted
+
+- name: restart_fail2ban
+  service:
+    name: "fail2ban"
+    state: restarted
+
+- name: restart_logind
+  service:
+    name: "logind"
+    state: restarted
+
+- name: reload ufw
+  command: ufw reload
+  listen: "reload ufw firewall"
+
+- name: restart auditd
+  service:
+    name: auditd
+    state: restarted
+
+- name: restart rsyslog
+  ansible.builtin.service:
+    name: rsyslog
+    state: restarted