Menu
This is what I have
- name: disable os firewall - firewalld
systemd:
name: firewalld
state: stopped
enabled: no
This task works fine on hosts where firewalld package is installed but fails on hosts where it is not.
What is the best simple approach to make sure it can handle hosts which do not have firewalld installed? I do not want to use any CMDB as it's an additional setup. Also, I want the task to be idempotent; using a shell command like dpkg or rpm to query if firewalld is installed makes the ansible playbook summary report changes which I do not want.
420
Type systemctl disable sshd to prevent SSH from launching when the server boots. However, if SSH is running in the current runtime, it remains active, even if disabled. You need to stop SSH to turn it off in the current runtime.
To disable the service from starting automatically, you can type: sudo systemctl disable application . service.
Start/stop or enable/disable services Check whether a service is already enabled or not: # systemctl is-enabled foo. service; echo $?
Here is an example using failed_when:. While it does run every time, it ignores the failure if the package is not installed:
- name: Stop and disable chrony service
service:
name: chronyd
enabled: no
state: stopped
register: chronyd_service_result
failed_when: "chronyd_service_result is failed and 'Could not find the requested service' not in chronyd_service_result.msg"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
