#5 Backup config before configure.yml and then check config before restart

63539f81 · jurgenhaas · d0de40b9 · 63539f81 · 63539f81 · 63539f81
Commit 63539f81 authored 7 years ago by jurgenhaas
--- a/handlers/main.yml
+++ b/handlers/main.yml
 ---
 # file: roles/haproxy/handler/main.yml

- name: "Proxy | Restart HAProxy"
+- name: "Check HAProxy Config"
+  command: haproxy -c -f /etc/haproxy/haproxy.cfg
+  register: haproxy_config_check
+  changed_when: '"Configuration file is valid" in haproxy_config_check.stdout_lines'
+  failed_when: '"Configuration file is valid" not in haproxy_config_check.stdout_lines'
+  notify: "Restart HAProxy"
+
+- name: "Restart HAProxy"
  service: name={{item.name}} state={{item.state}}
  with_items:
    - name: haproxy

--- a/tasks/buildcerts.yml
+++ b/tasks/buildcerts.yml
@@ -8,4 +8,4 @@
    regexp='(fullchain)|(privkey)\.pem'
  with_items: '{{ proxy_certificates_letsencrypt|default([]) }}'
  notify:
-    - "Proxy | Restart HAProxy"
+    - "Restart HAProxy"
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
 ---
 # file: roles/haproxy/tasks/configure.yml

- name: "Proxy | Install SSL certificates"
+- name: "Backup current settings"
+  archive:
+    path=/etc/haproxy
+    dest=/var/backups/haproxy-{{ lookup('pipe','date +%Y%m%d-%H%M%S') }}.tgz
+
+- name: "Install SSL certificates"
  copy:
    src='{{inventory_dir}}/files/ssl/{{item.file}}'
    dest='/etc/haproxy/certs'
  with_items: '{{ proxy_certificates }}'
  when: not item.letsencrypt|default(false)
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create host lists"
+- name: "Create host lists"
  template:
    src='host_list'
    dest='/etc/haproxy/{{item}}.list'
@@ -17,9 +22,9 @@
    group='root'
    mode='644'
  with_items: '{{ groups.webserver }}'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create host ssl lists"
+- name: "Create host ssl lists"
  template:
    src='host_ssl_list'
    dest='/etc/haproxy/{{item}}.ssl.list'
@@ -27,9 +32,9 @@
    group='root'
    mode='644'
  with_items: '{{ groups.webserver }}'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create host path lists"
+- name: "Create host path lists"
  file:
    dest='/etc/haproxy/{{item}}.path.list'
    owner='root'
@@ -39,25 +44,25 @@
  with_items: '{{ groups.webserver }}'
  changed_when: false

- name: "Proxy | Create use bigpipe host lists"
+- name: "Create use bigpipe host lists"
  template:
    src='use_bigpipe_list'
    dest='/etc/haproxy/use_bigpipe.list'
    owner='root'
    group='root'
    mode='644'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create ignore varnish host lists"
+- name: "Create ignore varnish host lists"
  template:
    src='ignore_varnish_list'
    dest='/etc/haproxy/ignore_varnish.list'
    owner='root'
    group='root'
    mode='644'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create empty crm lists files"
+- name: "Create empty crm lists files"
  file:
    dest='/etc/haproxy/{{item}}.crm.list'
    owner='root'
@@ -67,7 +72,7 @@
  with_items: '{{ groups.webserver }}'
  changed_when: false

- name: "Proxy | Update blacklists"
+- name: "Update blacklists"
  template:
    src='{{ item }}'
    dest='/etc/haproxy/{{ item }}'
@@ -78,13 +83,13 @@
    - 'blacklist.ip'
    - 'blacklist.referer'
    - 'blacklist.agent'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"

- name: "Proxy | Create config file"
+- name: "Create config file"
  template:
    src='haproxy_cfg.jinja2'
    dest='/etc/haproxy/haproxy.cfg'
    owner='root'
    group='root'
    mode='644'
-  notify: 'Proxy | Restart HAProxy'
+  notify: "Check HAProxy Config"
--- a/tasks/install.yml
+++ b/tasks/install.yml
 ---
 # file: roles/haproxy/tasks/install.yml

- name: "Proxy | Add Apt Repositories"
+- name: "Add Apt Repositories"
  apt_repository:
    repo='{{ item }}'
    state=present
@@ -9,7 +9,7 @@
  with_items:
    - "ppa:vbernat/haproxy-1.7"

- name: "Proxy | Install some packages"
+- name: "Install some packages"
  apt:
    pkg='{{ item }}'
    state=installed
@@ -18,7 +18,7 @@
    - hatop
    - socat

- name: "Proxy | create directories"
+- name: "create directories"
  file:
    dest='{{ item }}'
    state=directory
@@ -27,7 +27,7 @@
    - /etc/haproxy/certs
    - /etc/haproxy/update

- name: "Proxy | Install hatop shortcut"
+- name: "Install hatop shortcut"
  copy:
    src='usr_local_bin_hatop'
    dest='/usr/local/bin/hatop'
@@ -35,7 +35,7 @@
    group='root'
    mode='755'

- name: "Proxy | Install log rotator"
+- name: "Install log rotator"
  copy:
    src='etc_logrotate_d_haproxy'
    dest='/etc/logrotate.d/haproxy'
@@ -43,7 +43,7 @@
    group='root'
    mode='644'

- name: "Proxy | Install script to read socket"
+- name: "Install script to read socket"
  template:
    src='hasocket'
    dest='/usr/local/bin/hasocket'