feat: add option to reboot host automatically

2022-09-25 13:12:21 +02:00 · 2022-09-25 13:12:21 +02:00 · cffe9f7dc0
parent 5d498096c3
commit cffe9f7dc0
2 changed files with 11 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -9,6 +9,7 @@ auditd_exclude_rule_stages: []
 # This option prevents auditd from performing change/restart actions at runtime and requires a reboot instead.
 # For security reasons, this option should only be disabled for testing purposes.
 auditd_refuse_manual_stop: True
+auditd_reboot_on_change: False

 # @var auditd_config_immutable:description: >
 # The auditd daemon is configured to use the augenrules program to read audit rules during
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -9,3 +9,13 @@
  listen: __auditd_restart
  become: True
  become_user: root
+
+- name: Reboot server
+  reboot:
+    reboot_timeout: 600
+  when:
+    - auditd_reboot_on_change | bool
+    - auditd_refuse_manual_stop | bool
+  listen: __auditd_restart
+  become: True
+  become_user: root