michaelschiemer/deployment/infrastructure/roles/base-security/handlers/main.yml

---
# Base Security Role Handlers

- name: restart ssh
  service:
    name: ssh
    state: restarted
  listen: restart ssh

- name: reload ssh
  service:
    name: ssh
    state: reloaded
  listen: reload ssh

- name: restart fail2ban
  service:
    name: fail2ban
    state: restarted
  listen: restart fail2ban

- name: reload fail2ban
  service:
    name: fail2ban
    state: reloaded
  listen: reload fail2ban

- name: restart auditd
  service:
    name: auditd
    state: restarted
  listen: restart auditd

- name: reload systemd
  systemd:
    daemon_reload: true
  listen: reload systemd

- name: restart ufw
  service:
    name: ufw
    state: restarted
  listen: restart ufw

- name: reload ufw
  command: ufw --force reload
  listen: reload ufw

- name: restart unattended-upgrades
  service:
    name: unattended-upgrades
    state: restarted
  listen: restart unattended-upgrades

- name: update aide database
  command: aideinit
  listen: update aide database

- name: restart rsyslog
  service:
    name: rsyslog
    state: restarted
  listen: restart rsyslog

- name: update rkhunter
  command: rkhunter --propupd
  listen: update rkhunter