From 1f36ad2c49b2ae7afd2c44606929b9e3ebf96daa Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Fri, 6 Jul 2018 23:18:11 +0200
Subject: [PATCH] use become

---
 handlers/main.yml |  2 +-
 tasks/config.yml  | 57 +++++++++++++++++++++++++----------------------
 tasks/install.yml | 21 +++++++++--------
 3 files changed, 43 insertions(+), 37 deletions(-)

diff --git a/handlers/main.yml b/handlers/main.yml
index f719843..f992e27 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
-- name: restart iptables
+- name: Restart iptables
   shell: sleep 2 && systemctl restart iptables
   async: 1
   poll: 0
diff --git a/tasks/config.yml b/tasks/config.yml
index 23cb4cb..54aeb64 100644
--- a/tasks/config.yml
+++ b/tasks/config.yml
@@ -1,30 +1,33 @@
 ---
-- name: Set custom iptables rules
-  iptables_raw:
-    name: 'iptables_custom_rules_{{ item.name }}'
-    rules: '{{ item.rules }}'
-    state: '{{ item.state }}'
-    weight: '{{ item.weight|default(omit) }}'
-    table: '{{ item.table|default(omit) }}'
-  with_items: '{{ iptables_custom_rules }}'
-  loop_control:
-    label: "{{item.name}}"
-  tags: iptables
+- name: Setup iptables
+  block:
+  - name: Set custom iptables rules
+    iptables_raw:
+      name: 'iptables_custom_rules_{{ item.name }}'
+      rules: '{{ item.rules }}'
+      state: '{{ item.state }}'
+      weight: '{{ item.weight|default(omit) }}'
+      table: '{{ item.table|default(omit) }}'
+    with_items: '{{ iptables_custom_rules }}'
+    loop_control:
+      label: "{{item.name}}"
+    tags: iptables
 
-- name: Set default iptables head rules
-  iptables_raw:
-    name: iptables_default_head
-    weight: 10
-    keep_unmanaged: '{{ iptables_keep_unmanaged }}'
-    state: present
-    rules: '{{ iptables_default_head }}'
-  tags: iptables
+  - name: Set default iptables head rules
+    iptables_raw:
+      name: iptables_default_head
+      weight: 10
+      keep_unmanaged: '{{ iptables_keep_unmanaged }}'
+      state: present
+      rules: '{{ iptables_default_head }}'
+    tags: iptables
 
-- name: Set default iptables tail rules
-  iptables_raw:
-    name: iptables_default_tail
-    weight: 99
-    keep_unmanaged: '{{ iptables_keep_unmanaged }}'
-    state: '{{ (iptables_default_tail != "" ) | ternary("present", "absent") }}'
-    rules: '{{ iptables_default_tail }}'
-  tags: iptables
+  - name: Set default iptables tail rules
+    iptables_raw:
+      name: iptables_default_tail
+      weight: 99
+      keep_unmanaged: '{{ iptables_keep_unmanaged }}'
+      state: '{{ (iptables_default_tail != "" ) | ternary("present", "absent") }}'
+      rules: '{{ iptables_default_tail }}'
+    tags: iptables
+  become: True
diff --git a/tasks/install.yml b/tasks/install.yml
index 668108d..2283fc6 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -1,11 +1,14 @@
 ---
-- name: Install package
-  package:
-    name: '{{ iptables_package }}'
-    state: latest
+- name: Install iptables
+  block:
+  - name: Install packages
+    package:
+      name: "{{ iptables_package }}"
+      state: latest
 
-- name: Enable and start service
-  service:
-    name: iptables
-    enabled: True
-    state: started
+  - name: Enable and start service
+    service:
+      name: iptables
+      enabled: True
+      state: started
+  become: True