infra-run/ansible/roles/cis-debian-ubuntu-hardening/handlers/main.yml

---
- name: Validate ssh configuration
  ansible.builtin.command: sshd -t
  changed_when: false
  listen: validate ssh

- name: Restart ssh service safely
  ansible.builtin.service:
    name: "{{ cis_ssh_service_name }}"
    state: restarted
  listen: restart ssh

- name: Restart auditd
  ansible.builtin.service:
    name: auditd
    state: restarted
    use: service
  listen: restart auditd

- name: Restart rsyslog
  ansible.builtin.service:
    name: rsyslog
    state: restarted
  listen: restart rsyslog

- name: Restart chrony
  ansible.builtin.service:
    name: chrony
    state: restarted
  listen: restart chrony
Add Debian 13 and Ubuntu 26.04 CIS-inspired hardening playbook 2026-05-06 08:56:45 +00:00			`---`
			`- name: Validate ssh configuration`
			`ansible.builtin.command: sshd -t`
			`changed_when: false`
			`listen: validate ssh`

			`- name: Restart ssh service safely`
			`ansible.builtin.service:`
			`name: "{{ cis_ssh_service_name }}"`
			`state: restarted`
			`listen: restart ssh`

			`- name: Restart auditd`
			`ansible.builtin.service:`
			`name: auditd`
			`state: restarted`
			`use: service`
			`listen: restart auditd`

			`- name: Restart rsyslog`
			`ansible.builtin.service:`
			`name: rsyslog`
			`state: restarted`
			`listen: restart rsyslog`

			`- name: Restart chrony`
			`ansible.builtin.service:`
			`name: chrony`
			`state: restarted`
			`listen: restart chrony`