From 1effd347df7032641d67d5db8581c01f5164a976 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 1 Dec 2016 21:36:07 +0000 Subject: [PATCH] Setup a proxyreload for httpd that looks for the ticketkey. If it's not there, assume the proxy is just being configured and don't reload httpd. --- handlers/restart_services.yml | 3 +++ .../proxy-conditional-reload.sh | 25 +++++++++++++++++++ roles/httpd/certificate/tasks/main.yml | 6 ++--- roles/httpd/domainrewrite/tasks/main.yml | 2 +- roles/httpd/fingerprints/tasks/main.yml | 4 +-- roles/httpd/mime-type/tasks/main.yml | 2 +- roles/httpd/mod_ssl/tasks/main.yml | 4 +-- roles/httpd/proxy/tasks/main.yml | 6 ++--- roles/httpd/redirect/tasks/main.yml | 2 +- roles/httpd/redirectmatch/tasks/main.yml | 2 +- roles/httpd/reverseproxy/tasks/main.yml | 2 +- roles/httpd/website/tasks/main.yml | 8 +++--- 12 files changed, 47 insertions(+), 19 deletions(-) create mode 100644 roles/base/files/common-scripts/proxy-conditional-reload.sh diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 92409bb7d8..0f22b88814 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -93,6 +93,9 @@ - name: restart postfix service: name=postfix state=restarted +- name: reload proxyhttpd + command: /usr/local/bin/proxy-conditional-reload.sh httpd httpd + - name: restart glusterd service: name=glusterd state=restarted diff --git a/roles/base/files/common-scripts/proxy-conditional-reload.sh b/roles/base/files/common-scripts/proxy-conditional-reload.sh new file mode 100644 index 0000000000..ef600875f3 --- /dev/null +++ b/roles/base/files/common-scripts/proxy-conditional-reload.sh @@ -0,0 +1,25 @@ +#!/bin/bash +# reload SERVICE only if PACKAGE is installed. +# We use this throughout handlers/restart_services.yml + +SERVICE=$1 +PACKAGE=$2 + +rpm -q $PACKAGE + +INSTALLED=$? + +if [ ! -f /etc/httpd/ticketkey_*.tkey ]; then + # This host is not configured yet, do not try and restart httpd + exit 0 +fi + +if [ $INSTALLED -eq 0 ]; then + echo "Package $PACKAGE installed. Attempting reload of $SERVICE." + /sbin/service $SERVICE reload + exit $? # Exit with the /sbin/service status code +fi + +# If the package wasn't installed, then pretend everything is fine. +echo "Package $PACKAGE not installed. Skipping reload of $SERVICE." +exit 0 diff --git a/roles/httpd/certificate/tasks/main.yml b/roles/httpd/certificate/tasks/main.yml index 273c3164b2..afae3243eb 100644 --- a/roles/httpd/certificate/tasks/main.yml +++ b/roles/httpd/certificate/tasks/main.yml @@ -13,7 +13,7 @@ mode=0644 when: SSLCertificateChainFile is defined notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/certificate @@ -29,7 +29,7 @@ - "{{private}}/files/httpd/{{cert}}.cert" - "{{private}}/files/httpd/{{name}}.cert" notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/certificate @@ -45,7 +45,7 @@ - "{{private}}/files/httpd/{{key}}.key" - "{{private}}/files/httpd/{{name}}.key" notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/certificate diff --git a/roles/httpd/domainrewrite/tasks/main.yml b/roles/httpd/domainrewrite/tasks/main.yml index c75da82e81..1f444ea016 100644 --- a/roles/httpd/domainrewrite/tasks/main.yml +++ b/roles/httpd/domainrewrite/tasks/main.yml @@ -16,7 +16,7 @@ - "{{roles}}/httpd/domainrewrite/templates/domainrewrite.{{destname}}.conf" - "{{roles}}/httpd/domainrewrite/templates/domainrewrite.conf" notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/domainrewrite diff --git a/roles/httpd/fingerprints/tasks/main.yml b/roles/httpd/fingerprints/tasks/main.yml index 223a00f68e..24b9d3f044 100644 --- a/roles/httpd/fingerprints/tasks/main.yml +++ b/roles/httpd/fingerprints/tasks/main.yml @@ -1,6 +1,6 @@ - copy: src=fingerprints.html dest=/srv/web/fingerprints.html notify: - - reload httpd + - reload proxyhttpd tags: - fingerprints - httpd @@ -8,7 +8,7 @@ - copy: src=fingerprints.conf dest=/etc/httpd/conf.d/{{website}}/fingerprints.conf notify: - - reload httpd + - reload proxyhttpd tags: - fingerprints - httpd diff --git a/roles/httpd/mime-type/tasks/main.yml b/roles/httpd/mime-type/tasks/main.yml index fd7c7cd4c6..137eac1bb5 100644 --- a/roles/httpd/mime-type/tasks/main.yml +++ b/roles/httpd/mime-type/tasks/main.yml @@ -2,7 +2,7 @@ src=mime-types.conf dest=/etc/httpd/conf.d/{{website}}/mime-types.conf owner=root group=root mode=0644 notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/mime-type diff --git a/roles/httpd/mod_ssl/tasks/main.yml b/roles/httpd/mod_ssl/tasks/main.yml index f8d0cb1535..8d8d023906 100644 --- a/roles/httpd/mod_ssl/tasks/main.yml +++ b/roles/httpd/mod_ssl/tasks/main.yml @@ -1,7 +1,7 @@ - name: Install mod_ssl yum: name=mod_ssl state=installed notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/mod_ssl @@ -14,7 +14,7 @@ group=root mode=0644 notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/certificate diff --git a/roles/httpd/proxy/tasks/main.yml b/roles/httpd/proxy/tasks/main.yml index b3c84d6ef9..69a53fabbf 100644 --- a/roles/httpd/proxy/tasks/main.yml +++ b/roles/httpd/proxy/tasks/main.yml @@ -3,7 +3,7 @@ src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf owner=root group=root mode=0644 notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/proxy @@ -27,7 +27,7 @@ - 02-ticketkey.conf - 03-reqtimeout.conf notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/proxy @@ -35,7 +35,7 @@ - name: set the apache mpm to use event MPM copy: src=00-mpm.conf dest=/etc/httpd/conf.modules.d/00-mpm.conf notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/proxy diff --git a/roles/httpd/redirect/tasks/main.yml b/roles/httpd/redirect/tasks/main.yml index 170b2adfdf..4df91328c5 100644 --- a/roles/httpd/redirect/tasks/main.yml +++ b/roles/httpd/redirect/tasks/main.yml @@ -14,7 +14,7 @@ owner=root group=root notify: - - reload httpd + - reload proxyhttpd with_first_found: - redirect.{{name}}.conf - redirect.conf diff --git a/roles/httpd/redirectmatch/tasks/main.yml b/roles/httpd/redirectmatch/tasks/main.yml index a14a2688a7..0262e9e39a 100644 --- a/roles/httpd/redirectmatch/tasks/main.yml +++ b/roles/httpd/redirectmatch/tasks/main.yml @@ -14,7 +14,7 @@ owner=root group=root notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/redirect diff --git a/roles/httpd/reverseproxy/tasks/main.yml b/roles/httpd/reverseproxy/tasks/main.yml index bb69f55c11..b1ef2d25cb 100644 --- a/roles/httpd/reverseproxy/tasks/main.yml +++ b/roles/httpd/reverseproxy/tasks/main.yml @@ -17,7 +17,7 @@ - "{{roles}}/httpd/reverseproxy/templates/reversepassproxy.{{destname}}.conf" - "{{roles}}/httpd/reverseproxy/templates/reversepassproxy.conf" notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/reverseproxy diff --git a/roles/httpd/website/tasks/main.yml b/roles/httpd/website/tasks/main.yml index 0629c89604..12bc2333e2 100644 --- a/roles/httpd/website/tasks/main.yml +++ b/roles/httpd/website/tasks/main.yml @@ -16,7 +16,7 @@ group=root mode=0755 notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/website @@ -31,7 +31,7 @@ group=root mode=0644 notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/website @@ -47,7 +47,7 @@ - logs - robots notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/website @@ -64,7 +64,7 @@ - robots/robots.txt.{{name}} - robots/robots.txt notify: - - reload httpd + - reload proxyhttpd tags: - httpd - httpd/website