iptables: fix the restart of fail2ban and docker.

iptables/handlers/main.yml

@@ -20,3 +20,6 @@
   command: /etc/init.d/iptables-persistent stop
   ignore_errors: true
 
+- name: Restart fail2ban after an iptables restart
+  service: name=fail2ban state=restarted enabled=yes
+  when: has_fail2ban

iptables/tasks/main.yml

@@ -61,39 +61,70 @@
 
   - name: Start the iptables service immediately after the new rules have been installed, on Ubuntu precise. This can have an impact on other tasks
     service: name=iptables-persistent state=restarted enabled=yes
-    register: restart_related
+    register: restart_related_p
+    notify: Restart fail2ban after an iptables restart
     when: install_iptables_rules_precise is changed
 
   - name: Start the iptables service immediately after the new rules have been installed, on Ubuntu Trusty. This can have an impact on other tasks
     service: name=iptables-persistent state=restarted enabled=yes
-    register: restart_related
+    register: restart_related_t
+    notify: Restart fail2ban after an iptables restart
     when: install_iptables_rules_trusty is changed
 
   - name: Start the iptables service immediately after the new rules have been installed, on Debian 7. This can have an impact on other tasks
     service: name=iptables-persistent state=restarted enabled=yes
-    register: restart_related
+    register: restart_related_d7
+    notify: Restart fail2ban after an iptables restart
     when: install_iptables_rules_deb7 is changed
 
   - name: Start the netfilter service immediately after the new rules have been installed. This can have an impact on other tasks
     service: name=netfilter-persistent state=restarted enabled=yes
-    register: restart_related
+    register: restart_related_x
+    notify: Restart fail2ban after an iptables restart
     when: install_netfilter_rules is changed
 
-  - name: Restart fail2ban after an iptables restart
+  - name: Check if the fail2ban service is present
+    stat: path=/usr/bin/fail2ban-server
+    register: fail2ban_installed
+
+  - name: Restart fail2ban after an iptables restart on Ubuntu Precise
     service: name=fail2ban state=restarted enabled=yes
     when:
-      - has_fail2ban
+      - fail2ban_installed.stat.exists
-      - restart_related is changed 
+      - restart_related_p is changed 
+
+  - name: Restart fail2ban after an iptables restart on Ubunt Trusty
+    service: name=fail2ban state=restarted enabled=yes
+    when:
+      - fail2ban_installed.stat.exists
+      - restart_related_t is changed 
+
+  - name: Restart fail2ban after an iptables restart on debian 7
+    service: name=fail2ban state=restarted enabled=yes
+    when:
+      - fail2ban_installed.stat.exists
+      - restart_related_d7 is changed 
+
+  - name: Restart fail2ban after an iptables restart on Ubuntu Xenial
+    service: name=fail2ban state=restarted enabled=yes
+    when:
+      - fail2ban_installed.stat.exists
+      - restart_related_x is changed 
 
   - name: Check if the docker service is present
     stat: path=/usr/bin/dockerd
     register: dockerd_installed
-    when: restart_related is changed
 
-  - name: Restart docker after an iptables restart
+  - name: Restart docker after an iptables restart on Ubuntu Trusty
     service: name=docker state=restarted enabled=yes
     when:
       - dockerd_installed.stat.exists
-      - restart_related is changed 
+      - restart_related_t is changed 
+
+  - name: Restart docker after an iptables restart on Ubuntu Xenial
+    service: name=docker state=restarted enabled=yes
+    when:
+      - dockerd_installed.stat.exists
+      - restart_related_x is changed 
 
   tags: [ 'iptables', 'iptables_rules' ]