firewall: use a handler to reboot

roles/firewall/handlers/main.yml

@@ -6,6 +6,10 @@
   command: mkinitfs
   when: "'handler' not in ansible_skip_tags"
 
+- name: reboot
+  reboot:
+  when: "'handler' not in ansible_skip_tags"
+
 - name: reload frr
   command: /usr/lib/frr/frr-reload.py --reload /etc/frr/frr.conf
   when: "'handler' not in ansible_skip_tags"

roles/firewall/tasks/mgmt.yml

@@ -3,23 +3,13 @@
     dest: /etc/network/interfaces.d/mgmt.intf
     src: mgmt.intf.j2
     mode: 0644
-  register: task_mgmt_interface
+  notify: reboot
 
 - name: Run SSH in management VRF
   lineinfile:
     path: /etc/conf.d/sshd
+    regexp: "#* *vrf="
     line: "vrf=\"mgmt\""
-  register: task_ssh_vrf
+  notify: reboot
 
-- name: Reboot for new VRF
+- meta: flush_handlers
-  reboot:
-  when: task_mgmt_interface.changed or task_ssh_vrf.changed
-  register: task_reboot
-
-- name: Reset the connection
-  meta: reset_connection
-
-- name: Wait for the network device to reload
-  wait_for_connection:
-    delay: 10
-  when: task_reboot.changed