From 768ed5137ca9541945f1f595145787d9dfe74af7 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 11:36:54 +0100 Subject: [PATCH 01/12] Updating-rsyslog-conf --- roles/_meta/common_base/meta/main.yml | 1 + roles/debian/postfix/tasks/main.yml | 8 +- roles/debian/rsyslog/tasks/main.yml | 12 ++- .../rsyslog/templates/rsyslog.client.conf.j2 | 90 ++++--------------- 4 files changed, 33 insertions(+), 78 deletions(-) diff --git a/roles/_meta/common_base/meta/main.yml b/roles/_meta/common_base/meta/main.yml index d5af663a2..fc3b9fb30 100644 --- a/roles/_meta/common_base/meta/main.yml +++ b/roles/_meta/common_base/meta/main.yml @@ -35,6 +35,7 @@ dependencies: when: is_local is not defined or not is_local - role: debian/rkhunter when: is_local is not defined or not is_local + - role: debian/syslog - role: debian/postfix - role: debian/clamav when: is_local is not defined or not is_local diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index a9a97063b..6375c962e 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -143,10 +143,10 @@ - postfix.disable_syslog is defined - postfix.disable_syslog -#- name: Restart service. -# ansible.builtin.service: -# name: rsyslog -# state: restarted +- name: Restart rsyslog service to apply postfix log changes + ansible.builtin.systemd: + name: rsyslog.service + state: restarted # Needed for Docker. - name: Stop Postfix diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 79308d49d..851e177bb 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -1,4 +1,10 @@ --- +- name: Install rsyslog with apt + ansible.builtin.apt: + name: rsyslog + state: present + update_cache: true + - name: Copy rsyslog configuration in place. ansible.builtin.template: src: "rsyslog.{{ rsyslog.role }}.conf.j2" @@ -8,7 +14,7 @@ mode: "0644" force: true -- name: Restart service. - ansible.builtin.service: - name: rsyslog +- name: Restart rsyslog service + ansible.builtin.systemd: + name: rsyslog.service state: restarted diff --git a/roles/debian/rsyslog/templates/rsyslog.client.conf.j2 b/roles/debian/rsyslog/templates/rsyslog.client.conf.j2 index 1fd057852..f70e66116 100644 --- a/roles/debian/rsyslog/templates/rsyslog.client.conf.j2 +++ b/roles/debian/rsyslog/templates/rsyslog.client.conf.j2 @@ -1,36 +1,30 @@ -# /etc/rsyslog.conf Configuration file for rsyslog. +# /etc/rsyslog.conf configuration file for rsyslog # -# For more information see -# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html +# For more information install rsyslog-doc and see +# /usr/share/doc/rsyslog-doc/html/configuration/index.html ################# #### MODULES #### ################# -$ModLoad imuxsock # provides support for local system logging -#$ModLoad imklog # provides kernel logging support -#$ModLoad immark # provides --MARK-- message capability +module(load="imuxsock") # provides support for local system logging +module(load="imklog") # provides kernel logging support +#module(load="immark") # provides --MARK-- message capability # provides UDP syslog reception -#$ModLoad imudp -#$UDPServerRun 514 +#module(load="imudp") +#input(type="imudp" port="514") # provides TCP syslog reception -#$ModLoad imtcp -#$InputTCPServerRun 514 +#module(load="imtcp") +#input(type="imtcp" port="514") ########################### #### GLOBAL DIRECTIVES #### ########################### -# -# Use traditional timestamp format. -# To enable high precision timestamps, comment out the following line. -# -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat - # # Set the default permissions for all log files. # @@ -54,68 +48,22 @@ $IncludeConfig /etc/rsyslog.d/*.conf ############### #### RULES #### ############### -*.* @{{ rsyslog.server }}:{{ rsyslog.listen_port }} -# -# First some standard log files. Log by facility. -# -auth,authpriv.* /var/log/auth.log -*.*;auth,authpriv.none -/var/log/syslog -#cron.* /var/log/cron.log -daemon.* -/var/log/daemon.log -kern.* -/var/log/kern.log -lpr.* -/var/log/lpr.log -mail.* -/var/log/mail.log -user.* -/var/log/user.log - -# -# Logging for the mail system. Split it up so that -# it is easy to write scripts to parse these files. -# -mail.info -/var/log/mail.info -mail.warn -/var/log/mail.warn -mail.err /var/log/mail.err # -# Logging for INN news system. +# Log anything besides private authentication messages to a single log file # -news.crit /var/log/news/news.crit -news.err /var/log/news/news.err -news.notice -/var/log/news/news.notice +*.*;auth,authpriv.none -/var/log/syslog # -# Some "catch-all" log files. +# Log commonly used facilities to their own log file # -*.=debug;\ - auth,authpriv.none;\ - news.none;mail.none -/var/log/debug -*.=info;*.=notice;*.=warn;\ - auth,authpriv.none;\ - cron,daemon.none;\ - mail,news.none -/var/log/messages +auth,authpriv.* /var/log/auth.log +cron.* -/var/log/cron.log +kern.* -/var/log/kern.log +mail.* -/var/log/mail.log +user.* -/var/log/user.log # # Emergencies are sent to everybody logged in. # -*.emerg :omusrmsg:* - -# -# I like to have messages displayed on the console, but only on a virtual -# console I usually leave idle. -# -#daemon,mail.*;\ -# news.=crit;news.=err;news.=notice;\ -# *.=debug;*.=info;\ -# *.=notice;*.=warn /dev/tty8 - -# The named pipe /dev/xconsole is for the `xconsole' utility. To use it, -# you must invoke `xconsole' with the `-file' option: -# -# $ xconsole -file /dev/xconsole [...] -# -# NOTE: adjust the list below, or you'll go crazy if you have a reasonably -# busy site.. -# -daemon.*;mail.*;\ - news.err;\ - *.=debug;*.=info;\ - *.=notice;*.=warn |/dev/xconsole +*.emerg :omusrmsg:* From bbae56c399176286e20aabccbd36736dd900390e Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 11:44:30 +0100 Subject: [PATCH 02/12] Adding-daemon-reload-rsyslog --- roles/_meta/common_base/meta/main.yml | 2 +- roles/debian/postfix/tasks/main.yml | 1 + roles/debian/rsyslog/tasks/main.yml | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/_meta/common_base/meta/main.yml b/roles/_meta/common_base/meta/main.yml index fc3b9fb30..f9dfe8ded 100644 --- a/roles/_meta/common_base/meta/main.yml +++ b/roles/_meta/common_base/meta/main.yml @@ -35,7 +35,7 @@ dependencies: when: is_local is not defined or not is_local - role: debian/rkhunter when: is_local is not defined or not is_local - - role: debian/syslog + - role: debian/rsyslog - role: debian/postfix - role: debian/clamav when: is_local is not defined or not is_local diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index 6375c962e..4a5a98d7f 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -147,6 +147,7 @@ ansible.builtin.systemd: name: rsyslog.service state: restarted + daemon_reload: true # Needed for Docker. - name: Stop Postfix diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 851e177bb..a274935ba 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -18,3 +18,4 @@ ansible.builtin.systemd: name: rsyslog.service state: restarted + daemon_reload: true From 471fd4984f8e47dc079aacda90cf8772fd134193 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 11:52:48 +0100 Subject: [PATCH 03/12] Template-update-rsyslog --- roles/debian/postfix/tasks/main.yml | 7 +++---- roles/debian/rsyslog/tasks/main.yml | 5 ++--- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index 4a5a98d7f..e6f96e7c5 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -143,11 +143,10 @@ - postfix.disable_syslog is defined - postfix.disable_syslog -- name: Restart rsyslog service to apply postfix log changes - ansible.builtin.systemd: - name: rsyslog.service +- name: Restart rsyslog service + ansible.builtin.service: + name: rsyslog state: restarted - daemon_reload: true # Needed for Docker. - name: Stop Postfix diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index a274935ba..271e8d76e 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -15,7 +15,6 @@ force: true - name: Restart rsyslog service - ansible.builtin.systemd: - name: rsyslog.service + ansible.builtin.service: + name: rsyslog state: restarted - daemon_reload: true From f675f89d4448a1598ad24f28b58bafb94f2e4ab2 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 12:00:52 +0100 Subject: [PATCH 04/12] Changing-rsyslog-name-restart --- roles/debian/postfix/tasks/main.yml | 2 +- roles/debian/rsyslog/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index e6f96e7c5..d34702c9c 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -145,7 +145,7 @@ - name: Restart rsyslog service ansible.builtin.service: - name: rsyslog + name: rsyslog.service state: restarted # Needed for Docker. diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 271e8d76e..0027d7798 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -16,5 +16,5 @@ - name: Restart rsyslog service ansible.builtin.service: - name: rsyslog + name: rsyslog.service state: restarted From 8f748dcb686d2be52a878383b1c7f9df03ae0db2 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 12:06:15 +0100 Subject: [PATCH 05/12] Updating-restart-method-rsyslog --- roles/debian/postfix/tasks/main.yml | 16 ++++++++++++++-- roles/debian/rsyslog/tasks/main.yml | 16 ++++++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index d34702c9c..65339c065 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -143,10 +143,22 @@ - postfix.disable_syslog is defined - postfix.disable_syslog -- name: Restart rsyslog service +- name: Check if rsyslog init script exists + ansible.builtin.stat: + path: /etc/init.d/rsyslog + register: rsyslog_init + +- name: Restart rsyslog via init.d if available + ansible.builtin.command: /etc/init.d/rsyslog restart + when: rsyslog_init.stat.exists + args: + warn: false + +- name: Restart rsyslog via service if init.d not available ansible.builtin.service: - name: rsyslog.service + name: rsyslog state: restarted + when: not rsyslog_init.stat.exists # Needed for Docker. - name: Stop Postfix diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 0027d7798..28c258e36 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,7 +14,19 @@ mode: "0644" force: true -- name: Restart rsyslog service +- name: Check if rsyslog init script exists + ansible.builtin.stat: + path: /etc/init.d/rsyslog + register: rsyslog_init + +- name: Restart rsyslog via init.d if available + ansible.builtin.command: /etc/init.d/rsyslog restart + when: rsyslog_init.stat.exists + args: + warn: false + +- name: Restart rsyslog via service if init.d not available ansible.builtin.service: - name: rsyslog.service + name: rsyslog state: restarted + when: not rsyslog_init.stat.exists From 1e89927b1df1355c65b93d4f5d839fe16088b98f Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 12:25:35 +0100 Subject: [PATCH 06/12] Debugging-rsyslog-service --- roles/debian/rsyslog/tasks/main.yml | 38 ++++++++++++++++++----------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 28c258e36..d49f3dace 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,19 +14,29 @@ mode: "0644" force: true -- name: Check if rsyslog init script exists - ansible.builtin.stat: - path: /etc/init.d/rsyslog - register: rsyslog_init +- name: Debug systemd unit files + ansible.builtin.shell: "systemctl list-unit-files --type=service | grep rsyslog || echo 'not found'" + register: rsyslog_unit_files + changed_when: false -- name: Restart rsyslog via init.d if available - ansible.builtin.command: /etc/init.d/rsyslog restart - when: rsyslog_init.stat.exists - args: - warn: false +- name: Show systemd unit files debug + ansible.builtin.debug: + msg: "Systemd unit files: {{ rsyslog_unit_files.stdout }}" -- name: Restart rsyslog via service if init.d not available - ansible.builtin.service: - name: rsyslog - state: restarted - when: not rsyslog_init.stat.exists +- name: Debug active services + ansible.builtin.shell: "systemctl list-units --type=service | grep rsyslog || echo 'not found'" + register: rsyslog_active_services + changed_when: false + +- name: Show active services debug + ansible.builtin.debug: + msg: "Active systemd services: {{ rsyslog_active_services.stdout }}" + +- name: Check SysV services + ansible.builtin.shell: "service --status-all | grep rsyslog || echo 'not found'" + register: rsyslog_sysv_services + changed_when: false + +- name: Show SysV services debug + ansible.builtin.debug: + msg: "SysV service status: {{ rsyslog_sysv_services.stdout }}" From ae1c4242da79e04bfbc9da270184325547b1038a Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 12:31:03 +0100 Subject: [PATCH 07/12] Enabling-rsyslog-service --- roles/debian/postfix/tasks/main.yml | 18 +++------------ roles/debian/rsyslog/tasks/main.yml | 34 ++++++++--------------------- 2 files changed, 12 insertions(+), 40 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index 65339c065..f78c2c540 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -143,22 +143,10 @@ - postfix.disable_syslog is defined - postfix.disable_syslog -- name: Check if rsyslog init script exists - ansible.builtin.stat: - path: /etc/init.d/rsyslog - register: rsyslog_init - -- name: Restart rsyslog via init.d if available - ansible.builtin.command: /etc/init.d/rsyslog restart - when: rsyslog_init.stat.exists - args: - warn: false - -- name: Restart rsyslog via service if init.d not available - ansible.builtin.service: - name: rsyslog +- name: Restart rsyslog service + ansible.builtin.systemd: + name: rsyslog.service state: restarted - when: not rsyslog_init.stat.exists # Needed for Docker. - name: Stop Postfix diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index d49f3dace..c861aee29 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,29 +14,13 @@ mode: "0644" force: true -- name: Debug systemd unit files - ansible.builtin.shell: "systemctl list-unit-files --type=service | grep rsyslog || echo 'not found'" - register: rsyslog_unit_files - changed_when: false +- name: Ensure rsyslog is enabled and started + ansible.builtin.systemd: + name: rsyslog.service + enabled: true + state: started -- name: Show systemd unit files debug - ansible.builtin.debug: - msg: "Systemd unit files: {{ rsyslog_unit_files.stdout }}" - -- name: Debug active services - ansible.builtin.shell: "systemctl list-units --type=service | grep rsyslog || echo 'not found'" - register: rsyslog_active_services - changed_when: false - -- name: Show active services debug - ansible.builtin.debug: - msg: "Active systemd services: {{ rsyslog_active_services.stdout }}" - -- name: Check SysV services - ansible.builtin.shell: "service --status-all | grep rsyslog || echo 'not found'" - register: rsyslog_sysv_services - changed_when: false - -- name: Show SysV services debug - ansible.builtin.debug: - msg: "SysV service status: {{ rsyslog_sysv_services.stdout }}" +- name: Restart rsyslog service + ansible.builtin.systemd: + name: rsyslog.service + state: restarted From 145a80db8424308f8644c2126d5127648c968d24 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 12:46:15 +0100 Subject: [PATCH 08/12] Testing-sysvinit --- roles/debian/rsyslog/tasks/main.yml | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index c861aee29..0bf18a13c 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,13 +14,24 @@ mode: "0644" force: true -- name: Ensure rsyslog is enabled and started - ansible.builtin.systemd: - name: rsyslog.service - enabled: true - state: started +- name: Check if rsyslog init script exists (SysVinit) + ansible.builtin.stat: + path: /etc/init.d/rsyslog + register: rsyslog_init + +- name: Debug init.d existence + ansible.builtin.debug: + msg: "Init script exists: {{ rsyslog_init.stat.exists }}" + +- name: Restart rsyslog via SysVinit if available + ansible.builtin.sysvinit: + name: rsyslog + state: restarted + when: rsyslog_init.stat.exists -- name: Restart rsyslog service +- name: Restart rsyslog via systemd if init.d not available ansible.builtin.systemd: - name: rsyslog.service + name: rsyslog state: restarted + enabled: true + when: not rsyslog_init.stat.exists From ae69a7f323fb217d3fc3ebc17a60137f2440bcb8 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 13:12:42 +0100 Subject: [PATCH 09/12] Reworking-rsyslog-for-containers --- roles/debian/rsyslog/tasks/main.yml | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 0bf18a13c..c2d29130d 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,24 +14,13 @@ mode: "0644" force: true -- name: Check if rsyslog init script exists (SysVinit) - ansible.builtin.stat: - path: /etc/init.d/rsyslog - register: rsyslog_init +- name: Restart rsyslog in a container (if is_local is true) + ansible.builtin.command: + cmd: /usr/sbin/service rsyslog restart + when: is_local | default(false) -- name: Debug init.d existence - ansible.builtin.debug: - msg: "Init script exists: {{ rsyslog_init.stat.exists }}" - -- name: Restart rsyslog via SysVinit if available - ansible.builtin.sysvinit: - name: rsyslog - state: restarted - when: rsyslog_init.stat.exists - -- name: Restart rsyslog via systemd if init.d not available +- name: Restart rsyslog using systemd (if is_local is false) ansible.builtin.systemd: - name: rsyslog + name: rsyslog.service state: restarted - enabled: true - when: not rsyslog_init.stat.exists + when: not (is_local | default(false)) From 404ebb775196c52dfc471de54307289e443a02c8 Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 13:25:28 +0100 Subject: [PATCH 10/12] Switching-command-to-shell-container-rsyslog --- roles/debian/rsyslog/tasks/main.yml | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index c2d29130d..38066edea 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -14,13 +14,15 @@ mode: "0644" force: true -- name: Restart rsyslog in a container (if is_local is true) - ansible.builtin.command: - cmd: /usr/sbin/service rsyslog restart - when: is_local | default(false) +- name: Restart rsyslog based on environment + block: + - name: Restart rsyslog in a container (if is_local is true) + ansible.builtin.shell: | + pkill -HUP rsyslogd || true + when: is_local | default(false) -- name: Restart rsyslog using systemd (if is_local is false) - ansible.builtin.systemd: - name: rsyslog.service - state: restarted - when: not (is_local | default(false)) + - name: Restart rsyslog using systemd (if is_local is false) + ansible.builtin.systemd: + name: rsyslog.service + state: restarted + when: not (is_local | default(false)) From 17e43390c3f245e774a01159062aa4c0dea8f89f Mon Sep 17 00:00:00 2001 From: Drazen Date: Thu, 20 Feb 2025 14:20:14 +0100 Subject: [PATCH 11/12] Reworking-postfix-start-stop-tasks-for-containers --- roles/debian/postfix/tasks/main.yml | 74 +++++++++++++++++++---------- 1 file changed, 49 insertions(+), 25 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index f78c2c540..f25e41f35 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -143,30 +143,54 @@ - postfix.disable_syslog is defined - postfix.disable_syslog -- name: Restart rsyslog service - ansible.builtin.systemd: - name: rsyslog.service - state: restarted +- name: Restart rsyslog based on environment to apply postfix changes + block: + - name: Restart rsyslog in a container to apply postfix changes (if is_local is true) + ansible.builtin.shell: | + pkill -HUP rsyslogd || true + when: is_local | default(false) + + - name: Restart rsyslog using systemd to apply postfix changes (if is_local is false) + ansible.builtin.systemd: + name: rsyslog.service + state: restarted + when: not (is_local | default(false)) # Needed for Docker. -- name: Stop Postfix - ansible.builtin.command: - cmd: /usr/sbin/service postfix stop - -- name: Remove trailing lock files. - ansible.builtin.file: - path: "{{ lock_file }}" - state: absent - with_items: - - /var/spool/postfix/pid/master.pid - - /var/lib/postfix/master.lock - loop_control: - loop_var: lock_file - -- name: Create Postfix Aliases database - ansible.builtin.command: - cmd: /usr/bin/newaliases - -- name: Restart Postfix - ansible.builtin.command: - cmd: /usr/sbin/service postfix start +- name: Manage Postfix Service + block: + - name: Stop Postfix in a container (if is_local is true) + ansible.builtin.command: + cmd: /usr/sbin/service postfix stop + when: is_local | default(false) + + - name: Stop Postfix using systemd (if is_local is false) + ansible.builtin.systemd: + name: postfix + state: stopped + when: not (is_local | default(false)) + + - name: Remove trailing lock files + ansible.builtin.file: + path: "{{ lock_file }}" + state: absent + with_items: + - /var/spool/postfix/pid/master.pid + - /var/lib/postfix/master.lock + loop_control: + loop_var: lock_file + + - name: Create Postfix Aliases database + ansible.builtin.command: + cmd: /usr/bin/newaliases + + - name: Start Postfix in a container (if is_local is true) + ansible.builtin.command: + cmd: /usr/sbin/service postfix start + when: is_local | default(false) + + - name: Start Postfix using systemd (if is_local is false) + ansible.builtin.systemd: + name: postfix + state: started + when: not (is_local | default(false)) From c90d4481ac4826211091a5acc155ca81a95008c4 Mon Sep 17 00:00:00 2001 From: Drazen Date: Mon, 24 Feb 2025 14:35:21 +0100 Subject: [PATCH 12/12] Updating-conditions-rsyslog-postfix --- roles/debian/postfix/tasks/main.yml | 12 ++++++------ roles/debian/rsyslog/tasks/main.yml | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/debian/postfix/tasks/main.yml b/roles/debian/postfix/tasks/main.yml index f25e41f35..75b82eeca 100644 --- a/roles/debian/postfix/tasks/main.yml +++ b/roles/debian/postfix/tasks/main.yml @@ -148,13 +148,13 @@ - name: Restart rsyslog in a container to apply postfix changes (if is_local is true) ansible.builtin.shell: | pkill -HUP rsyslogd || true - when: is_local | default(false) + when: is_local - name: Restart rsyslog using systemd to apply postfix changes (if is_local is false) ansible.builtin.systemd: name: rsyslog.service state: restarted - when: not (is_local | default(false)) + when: is_local is not defined or not is_local # Needed for Docker. - name: Manage Postfix Service @@ -162,13 +162,13 @@ - name: Stop Postfix in a container (if is_local is true) ansible.builtin.command: cmd: /usr/sbin/service postfix stop - when: is_local | default(false) + when: is_local - name: Stop Postfix using systemd (if is_local is false) ansible.builtin.systemd: name: postfix state: stopped - when: not (is_local | default(false)) + when: is_local is not defined or not is_local - name: Remove trailing lock files ansible.builtin.file: @@ -187,10 +187,10 @@ - name: Start Postfix in a container (if is_local is true) ansible.builtin.command: cmd: /usr/sbin/service postfix start - when: is_local | default(false) + when: is_local - name: Start Postfix using systemd (if is_local is false) ansible.builtin.systemd: name: postfix state: started - when: not (is_local | default(false)) + when: is_local is not defined or not is_local diff --git a/roles/debian/rsyslog/tasks/main.yml b/roles/debian/rsyslog/tasks/main.yml index 38066edea..c8dd41d0c 100644 --- a/roles/debian/rsyslog/tasks/main.yml +++ b/roles/debian/rsyslog/tasks/main.yml @@ -19,10 +19,10 @@ - name: Restart rsyslog in a container (if is_local is true) ansible.builtin.shell: | pkill -HUP rsyslogd || true - when: is_local | default(false) + when: is_local - name: Restart rsyslog using systemd (if is_local is false) ansible.builtin.systemd: name: rsyslog.service state: restarted - when: not (is_local | default(false)) + when: is_local is not defined or not is_local