Listen for IPSEC connections in handler

Besides restarting IPSEC, doing whack --listen forces connections to listen.
2017-12-01 09:53:57 +00:00 · 2017-12-01 09:53:57 +00:00 · 6f64a500ad
parent e30e6c05ce
commit 6f64a500ad
2 changed files with 9 additions and 0 deletions
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -12,3 +12,7 @@
    name: ipsec
    state: restarted
  become: yes
+
+- name: Listen for IPSEC connections
+  shell: ipsec whack --listen
+  become: yes
--- a/tasks/ipsec-conf.yml
+++ b/tasks/ipsec-conf.yml
@ -55,6 +55,7 @@
      backup: yes
    notify:
    - Restart ipsec
+    - Listen for IPSEC connections

  - name: Write ipsec tunnel policy for the {{ network }} network
    template:
@ -66,6 +67,7 @@
    - type == 'opportunistic'
    notify:
    - Restart ipsec
+    - Listen for IPSEC connections

  - name: Write ipsec tunnel secrets for the {{ network }} network
    template:
@ -77,6 +79,7 @@
    - type != 'opportunistic'
    notify:
    - Restart ipsec
+    - Listen for IPSEC connections

  - name: Write ipsec tunnel configuration for the {{ network }} network
    template:
@ -95,6 +98,7 @@
    when: current_vip.ip != '' and type != 'opportunistic'
    notify:
    - Restart ipsec
+    - Listen for IPSEC connections

  - name: Write VIP ipsec tunnel configuration for the {{ network }} network
    template:
@ -104,6 +108,7 @@
    when: current_vip.ip != '' and type != 'opportunistic'
    notify:
    - Restart ipsec
+    - Listen for IPSEC connections

  - include_tasks: resource-agent.yml
    when: