florianutz / ubuntu2004_cis

Ubuntu CIS Hardening Ansible Role
MIT License
109 stars 67 forks source link

Restart services after modifying #26

Open IamEnTm opened 3 years ago

IamEnTm commented 3 years ago

I might be missing something, but it seems the chrony service is never restarted, which means that any changes made on the configuration file won't be applied when this role has finished running. I think adding a restart when this service is mentioned as the _'ubuntu2004cis_timesynchronization', is a good idea. I came across this issue while configuring the chrony service, but it might occur on other services as well.

*Edit: the chrony service is used in 'section2'.

ljluestc commented 1 year ago
---
- name: Configure and restart chrony service
  hosts: your_target_hosts
  tasks:
    - name: Ensure chrony package is installed
      apt:
        name: chrony
        state: present

    - name: Configure chrony.conf
      template:
        src: chrony.conf.j2
        dest: /etc/chrony/chrony.conf
      notify: Restart chrony service

  handlers:
    - name: Restart chrony service
      systemd:
        name: chrony
        state: restarted