78 lines
2.0 KiB
YAML
78 lines
2.0 KiB
YAML
---
|
|
- name: Something
|
|
hosts: temp
|
|
become: false
|
|
gather_facts: true
|
|
|
|
vars:
|
|
services_to_disable:
|
|
- something.service
|
|
- snmpd.service
|
|
- poo.bear
|
|
- rpcbind.service
|
|
|
|
tasks:
|
|
- name: Get the list of services on the host
|
|
ansible.builtin.service_facts:
|
|
|
|
# "sshd.service": {
|
|
# "status": "enabled",
|
|
# "source": "systemd",
|
|
# "state": "running",
|
|
# "name": "sshd.service"
|
|
# },
|
|
# "systemd-remount-fs.service": {
|
|
# "status": "static",
|
|
# "source": "systemd",
|
|
# "state": "stopped",
|
|
# "name": "systemd-remount-fs.service"
|
|
# },
|
|
|
|
- name: Disable services
|
|
ansible.builtin.service:
|
|
name: "{{ item }}"
|
|
enabled: false
|
|
loop:
|
|
- something.service
|
|
- snmpd.service
|
|
- poo.bear
|
|
- rpcbind.service
|
|
register: r_disable_service
|
|
when:
|
|
- "item in ansible_facts['services']"
|
|
|
|
- name: Debug r_disable_service
|
|
ansible.builtin.debug:
|
|
var: r_disable_service['changed']
|
|
|
|
- name: Set reboot flag on service change # noqa: no-handler
|
|
ansible.builtin.set_fact:
|
|
sf_reboot_flag: true
|
|
when:
|
|
- r_disable_service['changed'] | bool
|
|
|
|
- name: Disable more services
|
|
ansible.builtin.service:
|
|
name: qemu-guest-agent.service
|
|
enabled: false
|
|
register: r_more_disable_service
|
|
when:
|
|
- "'qemu-guest-agent.service' in ansible_facts['services']"
|
|
|
|
- name: Debug r_more_disable_service
|
|
ansible.builtin.debug:
|
|
var: r_more_disable_service['changed']
|
|
|
|
- name: Set reboot flag on service change # noqa: no-handler
|
|
ansible.builtin.set_fact:
|
|
sf_reboot_flag: true
|
|
when:
|
|
- r_more_disable_service['changed'] | bool
|
|
|
|
- name: Reboot host if services were disabled # noqa: no-handler
|
|
ansible.builtin.import_role:
|
|
name: verified_reboot
|
|
when:
|
|
- sf_reboot_flag is defined
|
|
- sf_reboot_flag | bool
|