From 5c67c42911940d6ee18313bdb94b0710a3355924 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Thu, 4 Dec 2025 02:37:12 +0100 Subject: [PATCH] Restructured Handler Logic --- roles/svc-prx-openresty/tasks/main.yml | 1 + roles/svc-prx-openresty/vars/main.yml | 5 +-- roles/sys-stk-front-base/tasks/main.yml | 12 ++--- roles/sys-stk-front-proxy/defaults/main.yml | 3 -- roles/sys-stk-front-proxy/tasks/01_core.yml | 44 ------------------- roles/sys-stk-front-proxy/tasks/main.yml | 42 ++++++++++++++++-- roles/sys-stk-full-stateful/tasks/main.yml | 6 --- roles/sys-svc-cdn/tasks/main.yml | 2 +- .../tasks/remove_deprecated_nginx_configs.yml | 5 --- .../sys-svc-webserver-core/tasks/01_core.yml | 21 +++------ roles/sys-svc-webserver-core/tasks/main.yml | 6 +++ roles/web-app-keycloak/tasks/01_meta.yml | 7 ++- roles/web-svc-cdn/tasks/main.yml | 3 +- tasks/utils/load_handlers.yml | 14 +++--- 14 files changed, 73 insertions(+), 98 deletions(-) delete mode 100644 roles/sys-stk-front-proxy/tasks/01_core.yml diff --git a/roles/svc-prx-openresty/tasks/main.yml b/roles/svc-prx-openresty/tasks/main.yml index b85de639..d869072a 100644 --- a/roles/svc-prx-openresty/tasks/main.yml +++ b/roles/svc-prx-openresty/tasks/main.yml @@ -5,5 +5,6 @@ vars: docker_compose_flush_handlers: true docker_git_repository_pull: false # Deactivated here to deactivate inhirement + database_type: "" # Deactivate Database for openresty - include_tasks: utils/once/flag.yml when: run_once_svc_prx_openresty is not defined \ No newline at end of file diff --git a/roles/svc-prx-openresty/vars/main.yml b/roles/svc-prx-openresty/vars/main.yml index 0fcf1722..adf42686 100644 --- a/roles/svc-prx-openresty/vars/main.yml +++ b/roles/svc-prx-openresty/vars/main.yml @@ -1,10 +1,7 @@ # General application_id: "svc-prx-openresty" -# Deactivate Database for openresty -database_type: "" - # Openresty OPENRESTY_IMAGE: "openresty/openresty" OPENRESTY_VERSION: "alpine" -OPENRESTY_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.openresty.name') }}" +OPENRESTY_CONTAINER: "{{ applications | get_app_conf('svc-prx-openresty', 'docker.services.openresty.name') }}" diff --git a/roles/sys-stk-front-base/tasks/main.yml b/roles/sys-stk-front-base/tasks/main.yml index 352507a3..3a5167b9 100644 --- a/roles/sys-stk-front-base/tasks/main.yml +++ b/roles/sys-stk-front-base/tasks/main.yml @@ -1,9 +1,9 @@ - block: - - name: Include dependency 'sys-svc-webserver-https' - include_role: - name: sys-svc-webserver-https - when: run_once_sys_svc_webserver_https is not defined - - include_tasks: utils/once/flag.yml + - name: Include dependency 'sys-svc-webserver-https' + include_role: + name: sys-svc-webserver-https + when: run_once_sys_svc_webserver_https is not defined + - include_tasks: utils/once/flag.yml when: run_once_sys_stk_front_base is not defined - include_tasks: "01_cloudflare.yml" @@ -12,4 +12,4 @@ - name: "Reinitialize OpenResty Handler" include_tasks: utils/load_handlers.yml vars: - handler_role_name: "svc-prx-openresty" + handler_role_name: "svc-prx-openresty" \ No newline at end of file diff --git a/roles/sys-stk-front-proxy/defaults/main.yml b/roles/sys-stk-front-proxy/defaults/main.yml index beef469b..9bde7658 100644 --- a/roles/sys-stk-front-proxy/defaults/main.yml +++ b/roles/sys-stk-front-proxy/defaults/main.yml @@ -1,5 +1,2 @@ # default vhost flavour vhost_flavour: "basic" # valid: basic, ws_generic - -# Enable / Disable Proxy during development, for faster Debugging -SYS_STK_FRONT_PROXY_ENABLED: true \ No newline at end of file diff --git a/roles/sys-stk-front-proxy/tasks/01_core.yml b/roles/sys-stk-front-proxy/tasks/01_core.yml deleted file mode 100644 index 780fbae5..00000000 --- a/roles/sys-stk-front-proxy/tasks/01_core.yml +++ /dev/null @@ -1,44 +0,0 @@ -- name: Front bootstrap - include_role: - name: sys-stk-front-base - -- name: "include role for '{{ domain }}' to receive certificates and do the modification routines" - include_role: - name: sys-util-csp-cert - -- name: "Reinitialize OpenResty Handler" - include_tasks: utils/load_handlers.yml - vars: - handler_role_name: "svc-prx-openresty" - -- name: "Copy nginx config to '{{ front_proxy_domain_conf_dst }}'" - template: - src: "{{ item }}" - dest: "{{ front_proxy_domain_conf_dst }}" - register: nginx_conf - notify: restart openresty - vars: - nginx_template_candidates: - - "{{ application_id | abs_role_path_by_application_id }}/templates/proxy.conf.j2" - - "roles/sys-svc-proxy/templates/vhost/{{ vhost_flavour }}.conf.j2" - with_first_found: "{{ nginx_template_candidates }}" - -- block: - - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" - uri: - url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" - register: site_check - failed_when: false - changed_when: false - - - name: Restart nginx if site is down - command: - cmd: "true" - notify: restart openresty - when: - - site_check.status is defined - - not site_check.status in [200,301,302] - when: not nginx_conf.changed - -- name: "Restart Webserver for '{{ front_proxy_domain_conf_dst }}'" - meta: flush_handlers \ No newline at end of file diff --git a/roles/sys-stk-front-proxy/tasks/main.yml b/roles/sys-stk-front-proxy/tasks/main.yml index cbf2193f..9e804cc1 100644 --- a/roles/sys-stk-front-proxy/tasks/main.yml +++ b/roles/sys-stk-front-proxy/tasks/main.yml @@ -1,5 +1,41 @@ # run_once_sys_stk_front_proxy: deactivated -- name: "Load Proxy procedures if Proxy is enabled" - include_tasks: "01_core.yml" - when: SYS_STK_FRONT_PROXY_ENABLED | bool \ No newline at end of file +- name: Front bootstrap + include_role: + name: sys-stk-front-base + +- name: "include role for '{{ domain }}' to receive certificates and do the modification routines" + include_role: + name: sys-util-csp-cert + +- name: "Copy nginx config to '{{ front_proxy_domain_conf_dst }}'" + template: + src: "{{ item }}" + dest: "{{ front_proxy_domain_conf_dst }}" + register: nginx_conf + notify: restart openresty + vars: + nginx_template_candidates: + - "{{ application_id | abs_role_path_by_application_id }}/templates/proxy.conf.j2" + - "roles/sys-svc-proxy/templates/vhost/{{ vhost_flavour }}.conf.j2" + with_first_found: "{{ nginx_template_candidates }}" + +- block: + - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" + uri: + url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" + register: site_check + failed_when: false + changed_when: false + + - name: Restart nginx if site is down + command: + cmd: "true" + notify: restart openresty + when: + - site_check.status is defined + - not site_check.status in [200,301,302] + when: not nginx_conf.changed + +- name: "Restart Webserver for '{{ front_proxy_domain_conf_dst }}'" + meta: flush_handlers \ No newline at end of file diff --git a/roles/sys-stk-full-stateful/tasks/main.yml b/roles/sys-stk-full-stateful/tasks/main.yml index c3ca648a..6ba40927 100644 --- a/roles/sys-stk-full-stateful/tasks/main.yml +++ b/roles/sys-stk-full-stateful/tasks/main.yml @@ -1,10 +1,4 @@ # run_once_sys_stk_full_stateful: deactivated - -- name: "Reinitialize OpenResty Handler" - include_tasks: utils/load_handlers.yml - vars: - handler_role_name: "svc-prx-openresty" - - name: "For '{{ application_id }}': include role sys-stk-front-proxy" include_role: name: sys-stk-front-proxy diff --git a/roles/sys-svc-cdn/tasks/main.yml b/roles/sys-svc-cdn/tasks/main.yml index 38ff1c10..11e325d0 100644 --- a/roles/sys-svc-cdn/tasks/main.yml +++ b/roles/sys-svc-cdn/tasks/main.yml @@ -13,7 +13,7 @@ - run_once_sys_svc_cdn is not defined - name: Overwritte CDN handlers with neutral handlers - ansible.builtin.include_tasks: "{{ [ playbook_dir, 'tasks/utils/load_handlers.yml'] | path_join }}" + ansible.builtin.include_tasks: "tasks/utils/load_handlers.yml" loop: - svc-prx-openresty - docker-compose diff --git a/roles/sys-svc-cln-domains/tasks/remove_deprecated_nginx_configs.yml b/roles/sys-svc-cln-domains/tasks/remove_deprecated_nginx_configs.yml index 896a271a..f5374cac 100644 --- a/roles/sys-svc-cln-domains/tasks/remove_deprecated_nginx_configs.yml +++ b/roles/sys-svc-cln-domains/tasks/remove_deprecated_nginx_configs.yml @@ -5,11 +5,6 @@ patterns: "*.{{ domain }}.conf" register: find_result -- name: "Reinitialize OpenResty Handler" - include_tasks: utils/load_handlers.yml - vars: - handler_role_name: "svc-prx-openresty" - - name: Remove wildcard nginx configs for {{ domain }} ansible.builtin.file: path: "{{ item.path }}" diff --git a/roles/sys-svc-webserver-core/tasks/01_core.yml b/roles/sys-svc-webserver-core/tasks/01_core.yml index 8d270823..a3b1bfab 100644 --- a/roles/sys-svc-webserver-core/tasks/01_core.yml +++ b/roles/sys-svc-webserver-core/tasks/01_core.yml @@ -11,31 +11,20 @@ - name: "Load variables from {{ DOCKER_VARS_FILE }} for {{ role_name }}/{{ application_id }}" include_vars: "{{ DOCKER_VARS_FILE }}" -- name: "Load docker compose & openresty handlers" - include_tasks: utils/load_handlers.yml - loop: - - docker-compose - - svc-prx-openresty - loop_control: - loop_var: handler_role_name - vars: - application_id: svc-prx-openresty # Required to use correct config path at handlers - - name: "Include tasks to create directories" include_tasks: 04_directories.yml +- name: Include OpenResty (Once) + include_tasks: "utils/load_app.yml" + vars: + load_app_id: svc-prx-openresty + - name: Create NGINX Base Config template: src: nginx.conf.j2 dest: "{{ NGINX.FILES.CONFIGURATION }}" notify: restart openresty -- name: Include OpenResty (Once) - include_tasks: "utils/load_app.yml" - vars: - load_app_id: svc-prx-openresty - when: run_once_svc_prx_openresty is not defined - - name: Include health dependencies include_role: name: "{{ item }}" diff --git a/roles/sys-svc-webserver-core/tasks/main.yml b/roles/sys-svc-webserver-core/tasks/main.yml index 92620e21..6c50b64c 100644 --- a/roles/sys-svc-webserver-core/tasks/main.yml +++ b/roles/sys-svc-webserver-core/tasks/main.yml @@ -1,3 +1,9 @@ --- - include_tasks: 01_core.yml when: run_once_sys_svc_webserver_core is not defined + +- name: "Provide OpenResty Handlers for Webserver" + include_tasks: utils/load_handlers.yml + vars: + handler_role_name: svc-prx-openresty + when: run_once_sys_svc_webserver_core is defined \ No newline at end of file diff --git a/roles/web-app-keycloak/tasks/01_meta.yml b/roles/web-app-keycloak/tasks/01_meta.yml index 99dc1c9d..181c4596 100644 --- a/roles/web-app-keycloak/tasks/01_meta.yml +++ b/roles/web-app-keycloak/tasks/01_meta.yml @@ -1,7 +1,10 @@ -- include_tasks: utils/load_handlers.yml +- name: "Reset Docker Compose Handler for Keycloak" + include_tasks: utils/load_handlers.yml vars: handler_role_name: "docker-compose" -- ansible.builtin.include_vars: + +- name: Load Variables for Keycloak + ansible.builtin.include_vars: file: "{{ item }}" loop: - "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml" diff --git a/roles/web-svc-cdn/tasks/main.yml b/roles/web-svc-cdn/tasks/main.yml index 831e8b7f..2cab95ce 100644 --- a/roles/web-svc-cdn/tasks/main.yml +++ b/roles/web-svc-cdn/tasks/main.yml @@ -3,6 +3,7 @@ vars: application_id: 'web-svc-cdn' -- include_tasks: utils/load_handlers.yml +- name: "Reset docker compose Handler for CDN" + include_tasks: utils/load_handlers.yml vars: handler_role_name: "docker-compose" diff --git a/tasks/utils/load_handlers.yml b/tasks/utils/load_handlers.yml index fd5a216a..12ba3390 100644 --- a/tasks/utils/load_handlers.yml +++ b/tasks/utils/load_handlers.yml @@ -1,7 +1,7 @@ - - name: "Load pure handlers from '{{ handler_role_name }}' without 'when' to guaranty that they are executed" - import_role: - name: "{{ handler_role_name }}" - tasks_from: "none.yml" - handlers_from: "main" - vars: - application_id: "{{ handler_role_name }}" \ No newline at end of file +- name: "Load pure handlers from '{{ handler_role_name }}' without 'when' to guaranty that they are executed" + import_role: + name: "{{ handler_role_name }}" + tasks_from: "none.yml" + handlers_from: "main" + vars: + application_id: "{{ handler_role_name }}" \ No newline at end of file