checkmk_deploy_agent/handlers/main.yml

---
- name: "Activate changes"
  checkmk.general.activation:
    server_url: "{{ checkmk_agent_server_protocol }}://{{ checkmk_agent_server }}:{{ checkmk_agent_server_port }}/"
    site: "{{ checkmk_agent_site }}"
    automation_user: "{{ checkmk_agent_user }}"
    automation_secret: "{{ __checkmk_agent_auth }}"
    force_foreign_changes: "{{ checkmk_agent_force_foreign_changes }}"
    redirect: true
    validate_certs: "{{ checkmk_agent_server_validate_certs }}"
  become: false
  delegate_to: "{{ checkmk_agent_delegate_api_calls }}"
  run_once: true  # noqa run-once[task]
  when: checkmk_agent_auto_activate | bool

- name: "Restart firewall"
  become: true
  ansible.builtin.shell: |
    # Check and reload firewalld (RHEL/CentOS)
    if systemctl is-active --quiet firewalld 2>/dev/null; then
      echo "Reloading firewalld"
      firewall-cmd --reload
      exit 0
    fi
    
    # Check and reload ufw (Ubuntu/Debian)
    if systemctl is-active --quiet ufw 2>/dev/null; then
      echo "Reloading ufw"
      ufw reload
      exit 0
    fi
    
    # Check and reload SuSEfirewall2 (older SUSE)
    if systemctl is-active --quiet SuSEfirewall2 2>/dev/null; then
      echo "Reloading SuSEfirewall2"
      systemctl reload SuSEfirewall2
      exit 0
    fi
    
    echo "No active firewall found - skipping reload"
    exit 0
  args:
    executable: /bin/bash
  register: firewall_reload_result
  changed_when: "'Reloading' in firewall_reload_result.stdout"
  failed_when: false
Upload files to "handlers" 2025-12-01 11:49:40 +01:00			`---`
			`- name: "Activate changes"`
			`checkmk.general.activation:`
			`server_url: "{{ checkmk_agent_server_protocol }}://{{ checkmk_agent_server }}:{{ checkmk_agent_server_port }}/"`
			`site: "{{ checkmk_agent_site }}"`
			`automation_user: "{{ checkmk_agent_user }}"`
			`automation_secret: "{{ __checkmk_agent_auth }}"`
			`force_foreign_changes: "{{ checkmk_agent_force_foreign_changes }}"`
			`redirect: true`
			`validate_certs: "{{ checkmk_agent_server_validate_certs }}"`
			`become: false`
			`delegate_to: "{{ checkmk_agent_delegate_api_calls }}"`
			`run_once: true # noqa run-once[task]`
			`when: checkmk_agent_auto_activate \| bool`

			`- name: "Restart firewall"`
			`become: true`
			`ansible.builtin.shell: \|`
			`# Check and reload firewalld (RHEL/CentOS)`
			`if systemctl is-active --quiet firewalld 2>/dev/null; then`
			`echo "Reloading firewalld"`
			`firewall-cmd --reload`
			`exit 0`
			`fi`

			`# Check and reload ufw (Ubuntu/Debian)`
			`if systemctl is-active --quiet ufw 2>/dev/null; then`
			`echo "Reloading ufw"`
			`ufw reload`
			`exit 0`
			`fi`

			`# Check and reload SuSEfirewall2 (older SUSE)`
			`if systemctl is-active --quiet SuSEfirewall2 2>/dev/null; then`
			`echo "Reloading SuSEfirewall2"`
			`systemctl reload SuSEfirewall2`
			`exit 0`
			`fi`

			`echo "No active firewall found - skipping reload"`
			`exit 0`
			`args:`
			`executable: /bin/bash`
			`register: firewall_reload_result`
			`changed_when: "'Reloading' in firewall_reload_result.stdout"`
			`failed_when: false`