Skip to content

Commit 5958936

Browse files
lucagublerlucagubler
authored
Validate config before restarting icinga (#349)
* Only reload icinga2 if config validation is ok * Remove unused handler * Fix ansible lint issues (FQCN and uppercase name) * Fixes #347
1 parent 074e37d commit 5958936

File tree

4 files changed

+19
-14
lines changed

4 files changed

+19
-14
lines changed

roles/icinga2/handlers/main.yml

+11-6
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,15 @@
11
---
2-
- name: restart icinga2 service
3-
service:
4-
name: icinga2
5-
state: restarted
2+
- name: Check icinga2 configuration
3+
ansible.builtin.command:
4+
cmd: icinga2 daemon --validate
5+
register: icinga2_check
6+
changed_when: true
7+
failed_when: icinga2_check.rc != 0
8+
listen: check-and-reload-icinga2-service
9+
notify: reload-icinga2
610

7-
- name: reload icinga2 service
8-
service:
11+
- name: Reload icinga2 service
12+
ansible.builtin.service:
913
name: icinga2
1014
state: reloaded
15+
listen: reload-icinga2

roles/icinga2/tasks/configure.yml

+5-5
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
dest: "{{ icinga2_config_path + '/icinga2.conf' }}"
1111
owner: "{{ icinga2_user }}"
1212
group: "{{ icinga2_group }}"
13-
notify: reload icinga2 service
13+
notify: check-and-reload-icinga2-service
1414

1515
- name: merge defaults and user specified constants (set_fact icinga2_combined_constants)
1616
set_fact:
@@ -22,7 +22,7 @@
2222
dest: "{{ icinga2_config_path + '/constants.conf' }}"
2323
owner: "{{ icinga2_user }}"
2424
group: "{{ icinga2_group }}"
25-
notify: reload icinga2 service
25+
notify: check-and-reload-icinga2-service
2626

2727
- name: features
2828
include_tasks: features.yml
@@ -94,20 +94,20 @@
9494
group: "{{ icinga2_group }}"
9595
mode: 0644
9696
loop: "{{ result.files }}"
97-
notify: reload icinga2 service
97+
notify: check-and-reload-icinga2-service
9898

9999
- name: enable features
100100
file:
101101
state: "{{ 'link' if (item.state is undefined or item.state != 'absent') else 'absent' }}"
102102
path: "{{ '/etc/icinga2/features-enabled/' + icinga2_feature_realname[item.name]|default(item.name) + '.conf' }}"
103103
src: "{{ '../features-available/' + icinga2_feature_realname[item.name]|default(item.name) + '.conf' if (item.state is undefined or item.state != 'absent') else omit }}"
104104
loop: "{{ icinga2_features }}"
105-
notify: reload icinga2 service
105+
notify: check-and-reload-icinga2-service
106106

107107
- name: remove empty config files
108108
ansible.builtin.file:
109109
state: absent
110110
path: "{{ item |regex_replace('^'+icinga2_fragments_path, '/etc/icinga2') }}"
111111
when: item.split('/')[icinga2_fragments_path.split('/')|length] == 'conf.d' or item.split('/')[icinga2_fragments_path.split('/')|length] == 'zones.d'
112112
loop: "{{ _empty_result.stdout_lines }}"
113-
notify: reload icinga2 service
113+
notify: check-and-reload-icinga2-service

roles/icinga2/tasks/features.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
state: absent
2020
path: "{{ '/etc/icinga2/features-enabled/' + icinga2_feature_realname[item]|default(item) + '.conf' }}"
2121
loop: "{{ features_enabled | default([]) | difference(icinga2_features| map(attribute='name')|list) }}"
22-
notify: reload icinga2 service
22+
notify: check-and-reload-icinga2-service
2323
when: icinga2_purge_features
2424

2525
- name: configure features

roles/icinga2/tasks/features/api.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,7 @@
152152
--trustedcert "{{ icinga2_cert_path }}/trusted-master.crt"
153153
{% else %} sign-csr --csr "{{ icinga2_cert_path }}/{{ icinga2_cert_name }}.csr" {%- endif %}
154154
--cert "{{ icinga2_cert_path }}/{{ icinga2_cert_name }}.crt"
155-
notify: reload icinga2 service
155+
notify: check-and-reload-icinga2-service
156156

157157
- name: copy CA root certificate
158158
copy:
@@ -189,7 +189,7 @@
189189
dest: "{{ _crt.dest }}"
190190
owner: "{{ icinga2_user }}"
191191
group: "{{ icinga2_group }}"
192-
notify: reload icinga2 service
192+
notify: check-and-reload-icinga2-service
193193
loop: "{{ _tmp_crt }}"
194194
loop_control:
195195
loop_var: _crt

0 commit comments

Comments
 (0)