[debops.ferm | Configure ferm default variables (pre)] all changed

debops / ansible-ferm

Manage iptables firewall using ferm

GNU General Public License v3.0

33 stars 20 forks source link

[debops.ferm | Configure ferm default variables (pre)] all changed #59

Closed le9i0nx closed 8 years ago

le9i0nx commented 9 years ago

https://github.com/debops/ansible-ferm/blob/master/tasks/main.yml#L43 https://github.com/debops/ansible-ferm/blob/master/tasks/main.yml#L187

TASK: [debops.ferm | Configure ferm default variables (pre)] ******************-
--- before: /etc/default/ferm
+++ after: /home/le9i0nx/crypt/ansible/roles/debops.ferm/templates/etc/default/ferm-pre.j2
@@ -1,11 +1,11 @@
-# Ansible managed: /home/le9i0nx/crypt/ansible/roles/debops.ferm/templates/etc/default/ferm-post.j2 modified on 2015-09-24 11:22:42 by le9i0nx on itregion-gavrilov
+# Ansible managed: /home/le9i0nx/crypt/ansible/roles/debops.ferm/templates/etc/default/ferm-pre.j2 modified on 2015-09-24 11:22:42 by le9i0nx on itregion-gavrilov
-
 # configuration for /etc/init.d/ferm
-
 # use iptables-restore for fast firewall initialization?
 FAST=no
-
 # cache the output of ferm --lines in /var/cache/ferm?
 CACHE=no
-
 # additional paramaters for ferm (like --def '=bar')

changed: [mail_test]

drybjed commented 9 years ago

When I check the templates with diff -u, the only differences I see are:

--- ferm-post.j2        2015-09-04 14:54:39.445720601 +0200
+++ ferm-pre.j2 2015-09-04 14:54:39.457720695 +0200
@@ -18,6 +18,11 @@
        (ansible_local.cap12s.enabled | bool and 'cap_net_admin' in ansible_local.cap12s.list)))))) %}
 ENABLED="yes"
 {% else %}
+{% if ((ansible_local|d() and ansible_local.ferm|d() and ansible_local.ferm.enabled|d() and ansible_local.ferm.enabled | bool) and
+       not ferm | bool) %}
+ENABLED="yes"
+{% else %}
 ENABLED="no"
 {% endif %}
+{% endif %}

For the ansible_managed line, that will always be changed if you specify the filename and date in this field in ansible.cfg, if you change it for a static string, it shouldn't change.

As for the empty removed lines, I'm not sure what's happening there. Can you check if you have current debops.ferm version and what are the differences between templates?

le9i0nx commented 9 years ago

I use master. This occurs because https://github.com/debops/ansible-ferm/blob/master/templates/etc/default/ferm-pre.j2#L1 https://github.com/debops/ansible-ferm/blob/master/templates/etc/default/ferm-post.j2#L1

Different scripts generate different first lines -# Ansible managed: /home/le9i0nx/crypt/ansible/roles/debops.ferm/templates/etc/default/ferm-post.j2 modified on 2015-09-24 11:22:42 by le9i0nx on itregion-gavrilov +# Ansible managed: /home/le9i0nx/crypt/ansible/roles/debops.ferm/templates/etc/default/ferm-pre.j2 modified on 2015-09-24 11:22:42 by le9i0nx on itregion-gavrilov ferm-post.j2 ferm-pre.j2

drybjed commented 9 years ago

I suppose both templates could be put into one, but I need to check the logic to make sure it works correctly in different scenarios. Give me some time, please. :)

logan2211 commented 8 years ago

+1 ansible_managed issue