Add Debian 13 and Ubuntu 26.04 CIS-inspired hardening playbook

infra-run/ansible/roles/cis-debian-ubuntu-hardening/handlers/main.yml

@@ -0,0 +1,30 @@
+---
+- name: Validate ssh configuration
+  ansible.builtin.command: sshd -t
+  changed_when: false
+  listen: validate ssh
+
+- name: Restart ssh service safely
+  ansible.builtin.service:
+    name: "{{ cis_ssh_service_name }}"
+    state: restarted
+  listen: restart ssh
+
+- name: Restart auditd
+  ansible.builtin.service:
+    name: auditd
+    state: restarted
+    use: service
+  listen: restart auditd
+
+- name: Restart rsyslog
+  ansible.builtin.service:
+    name: rsyslog
+    state: restarted
+  listen: restart rsyslog
+
+- name: Restart chrony
+  ansible.builtin.service:
+    name: chrony
+    state: restarted
+  listen: restart chrony