From b18b3b104c902618dbaa02f00a21f06b90479bba Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 16 Sep 2025 13:58:46 +0200 Subject: [PATCH] Implemented performance switch for Front Proxy --- roles/sys-stk-front-proxy/defaults/main.yml | 5 ++- roles/sys-stk-front-proxy/tasks/01_base.yml | 42 +++++++++++++++++ .../{01_cloudflare.yml => 02_cloudflare.yml} | 0 roles/sys-stk-front-proxy/tasks/main.yml | 45 ++----------------- 4 files changed, 49 insertions(+), 43 deletions(-) create mode 100644 roles/sys-stk-front-proxy/tasks/01_base.yml rename roles/sys-stk-front-proxy/tasks/{01_cloudflare.yml => 02_cloudflare.yml} (100%) diff --git a/roles/sys-stk-front-proxy/defaults/main.yml b/roles/sys-stk-front-proxy/defaults/main.yml index d3896db9..131ec89e 100644 --- a/roles/sys-stk-front-proxy/defaults/main.yml +++ b/roles/sys-stk-front-proxy/defaults/main.yml @@ -2,4 +2,7 @@ vhost_flavour: "basic" # valid: basic, ws_generic # build the full template path from the flavour -vhost_template_src: "roles/sys-svc-proxy/templates/vhost/{{ vhost_flavour }}.conf.j2" \ No newline at end of file +vhost_template_src: "roles/sys-svc-proxy/templates/vhost/{{ vhost_flavour }}.conf.j2" + +# Enable / Disable Proxy during development, for faster Debugging +SYS_STK_FRONT_PROXY_ENABLED: true \ No newline at end of file diff --git a/roles/sys-stk-front-proxy/tasks/01_base.yml b/roles/sys-stk-front-proxy/tasks/01_base.yml new file mode 100644 index 00000000..bd94a39e --- /dev/null +++ b/roles/sys-stk-front-proxy/tasks/01_base.yml @@ -0,0 +1,42 @@ +- block: + - name: Include dependency 'sys-svc-proxy' + include_role: + name: sys-svc-proxy + when: run_once_sys_svc_proxy is not defined + - include_tasks: utils/run_once.yml + when: run_once_sys_stk_front_proxy is not defined + +- include_tasks: "02_cloudflare.yml" + when: DNS_PROVIDER == "cloudflare" + +- include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml" + vars: + handler_role_name: "svc-prx-openresty" + +- name: "include role for {{ domain }} to receive certificates and do the modification routines" + include_role: + name: sys-util-csp-cert + +- name: "Copy nginx config to {{ configuration_destination }}" + template: + src: "{{ vhost_template_src }}" + dest: "{{ configuration_destination }}" + register: nginx_conf + notify: restart openresty + +- block: + - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" + uri: + url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" + register: site_check + failed_when: false + changed_when: false + + - name: Restart nginx if site is down + command: + cmd: "true" + notify: restart openresty + when: + - site_check.status is defined + - not site_check.status in [200,301,302] + when: not nginx_conf.changed \ No newline at end of file diff --git a/roles/sys-stk-front-proxy/tasks/01_cloudflare.yml b/roles/sys-stk-front-proxy/tasks/02_cloudflare.yml similarity index 100% rename from roles/sys-stk-front-proxy/tasks/01_cloudflare.yml rename to roles/sys-stk-front-proxy/tasks/02_cloudflare.yml diff --git a/roles/sys-stk-front-proxy/tasks/main.yml b/roles/sys-stk-front-proxy/tasks/main.yml index 16503aa3..cbeda604 100644 --- a/roles/sys-stk-front-proxy/tasks/main.yml +++ b/roles/sys-stk-front-proxy/tasks/main.yml @@ -1,42 +1,3 @@ -- block: - - name: Include dependency 'sys-svc-proxy' - include_role: - name: sys-svc-proxy - when: run_once_sys_svc_proxy is not defined - - include_tasks: utils/run_once.yml - when: run_once_sys_stk_front_proxy is not defined - -- include_tasks: "01_cloudflare.yml" - when: DNS_PROVIDER == "cloudflare" - -- include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml" - vars: - handler_role_name: "svc-prx-openresty" - -- name: "include role for {{ domain }} to receive certificates and do the modification routines" - include_role: - name: sys-util-csp-cert - -- name: "Copy nginx config to {{ configuration_destination }}" - template: - src: "{{ vhost_template_src }}" - dest: "{{ configuration_destination }}" - register: nginx_conf - notify: restart openresty - -- block: - - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" - uri: - url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" - register: site_check - failed_when: false - changed_when: false - - - name: Restart nginx if site is down - command: - cmd: "true" - notify: restart openresty - when: - - site_check.status is defined - - not site_check.status in [200,301,302] - when: not nginx_conf.changed +- name: "Load Proxy procedures if Proxy is enabled" + include_tasks: "01_base.yml" + when: SYS_STK_FRONT_PROXY_ENABLED | bool \ No newline at end of file