From fd6b8c8e6b745874fba042fd95424287ed8f8423 Mon Sep 17 00:00:00 2001 From: cmacrae Date: Tue, 22 Dec 2015 16:36:11 +0000 Subject: [PATCH] Addning handler for Nginx config validation: Although the 'validate' param was added for the deployment of /etc/nginx.conf - this validation process will only be triggered upon changes. So, if a vhost config is updated, but the main config isn't, the collective config will not be verified. I've added a new handler 'validate nginx configuration' and added this to the 'notify' param as a first list item for vhost config changes. Unfortunately, this will not protect against the deployment of malformed configuration, however it will prevent the restart of Nginx in such a situation (as the 'validate nginx configuration' handler should error out before the 'restart nginx' handler is called). --- handlers/main.yml | 4 ++++ tasks/vhosts.yml | 9 +++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 92971d2..6f8e638 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,7 @@ --- - name: restart nginx service: name=nginx state=restarted + +- name: validate nginx configuration + command: nginx -t -c /etc/nginx.conf + changed_when: False diff --git a/tasks/vhosts.yml b/tasks/vhosts.yml index 621ab6b..9cee3d3 100644 --- a/tasks/vhosts.yml +++ b/tasks/vhosts.yml @@ -12,11 +12,16 @@ dest: "{{ nginx_vhost_path }}/vhosts.conf" mode: 0644 when: nginx_vhosts|length > 0 - notify: restart nginx + notify: + - validate nginx configuration + - restart nginx - name: Remove managed vhost config file (if no vhosts are configured). file: path: "{{ nginx_vhost_path }}/vhosts.conf" state: absent when: nginx_vhosts|length == 0 - notify: restart nginx + notify: + - validate nginx configuration + - restart nginx +