kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 02:10:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Normalized run_once_, made openresty handlers without when aviable and forced flush in run_once when blocks to avoid handlers with when conditions

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-08 15:32:26 +02:00
parent e675aa5886
commit c7b25ed093
58 changed files with 410 additions and 293 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/sys-cln-certs/README.md
View File

@@ -10,7 +10,7 @@ This Ansible role automates the detection, revocation and deletion of unused Let
- Deploys and configures a `sys-cln-certs.infinito.service` systemd unit
- (Optionally) Sets up a recurring cleanup via a systemd timer using the `sys-timer` role
- Integrates with `sys-alm-compose` to send failure notifications
- Ensures idempotent execution with a `run_once_cleanup_certs` flag
- Ensures idempotent execution with a `run_once_sys_cln_certs` flag
## Features
@@ -24,7 +24,7 @@ This Ansible role automates the detection, revocation and deletion of unused Let
Optionally wires in a timer via the `sys-timer` role, controlled by the `on_calendar_cleanup_certs` variable.
- **Smart Execution Logic**
Prevents multiple runs in one play by setting a `run_once_cleanup_certs` fact.
Prevents multiple runs in one play by setting a `run_once_sys_cln_certs` fact.
- **Failure Notification**
Triggers `sys-alm-compose.infinito@sys-cln-certs.infinito.service` on failure.

14
roles/sys-cln-certs/tasks/main.yml
View File

@@ -3,28 +3,28 @@
name: pkgmgr-install
vars:
package_name: certreap
when: run_once_cleanup_certs is not defined
when: run_once_sys_cln_certs is not defined
- name: configure sys-cln-certs.infinito.service
template:
src: sys-cln-certs.service.j2
dest: /etc/systemd/system/sys-cln-certs.infinito.service
notify: Reload and restart sys-cln-certs.infinito.service
when: run_once_cleanup_certs is not defined
when: run_once_sys_cln_certs is not defined
- name: "set 'service_name' to '{{ role_name }}'"
set_fact:
service_name: "{{ role_name }}"
when: run_once_cleanup_certs is not defined
when: run_once_sys_cln_certs is not defined
- name: "include role for sys-timer for {{service_name}}"
include_role:
name: sys-timer
vars:
on_calendar: "{{ on_calendar_cleanup_certs }}"
when: run_once_cleanup_certs is not defined
when: run_once_sys_cln_certs is not defined
- name: run the run_once_cleanup_certs tasks once
- name: run the run_once_sys_cln_certs tasks once
set_fact:
run_once_cleanup_certs: true
when: run_once_cleanup_certs is not defined
run_once_sys_cln_certs: true
when: run_once_sys_cln_certs is not defined