improve validating mechanism

2024-08-16 13:39:49 +02:00 · 2021-09-30 00:22:27 +02:00 · 2021-09-30 00:22:27 +02:00 · 347c8600b9
commit 347c8600b9
parent b3c0dfffab
5 changed files with 40 additions and 46 deletions
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,14 +1,4 @@
 ---
- name: unbound checkconf
-  become: true
-  ansible.builtin.command: unbound-checkconf /etc/unbound/unbound.conf
-  retries: 5
-  delay: 3
-  register: result
-  until: result.rc == 0
-
-  notify: systemctl restart unbound
-
 - name: systemctl restart unbound
  become: true
  ansible.builtin.service:
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -0,0 +1,23 @@
+---
+- name: Copy unbound configuration snippets
+  become: true
+  ansible.builtin.copy:
+    src: '{{ item }}'
+    dest: '/etc/unbound/unbound.conf.d/'
+    owner: root
+    group: root
+    mode: 'u=rw,g=r,o=r'
+  with_fileglob:
+    - 'files/snippets/*.conf'
+  notify: systemctl restart unbound
+
+- name: Copy main unbound configuration
+  become: true
+  ansible.builtin.template:
+    src: 'files/unbound.conf'
+    dest: '/etc/unbound/unbound.conf'
+    owner: root
+    group: root
+    mode: 'u=rw,g=r,o=r'
+    validate: unbound-checkconf %s
+  notify: systemctl restart unbound
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -0,0 +1,13 @@
+---
+- name: update debian cache
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    cache_valid_time: 43200
+  when: ansible_pkg_mgr == "apt"
+
+- name: install unbound
+  become: true
+  ansible.builtin.package:
+    name: unbound
+    state: "{{ unbound__state }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -3,40 +3,8 @@
  ansible.builtin.include_tasks: versioncheck.yml
  when: submodules_versioncheck|bool

- name: update cache
-  become: true
-  ansible.builtin.apt:
-    state: "{{ unbound__state }}"
-    update_cache: true
-    cache_valid_time: 43200
-  when: ansible_pkg_mgr == "apt"
-
 - name: install unbound
-  become: true
-  ansible.builtin.package:
-    name: unbound
-    state: present
+  ansible.builtin.include_tasks: install.yml

- name: Copy unbound configuration snippets
-  become: true
-  ansible.builtin.copy:
-    src: '{{ item }}'
-    dest: '/etc/unbound/unbound.conf.d/'
-    owner: root
-    group: root
-    mode: 'u=rw,g=r,o=r'
-  with_fileglob:
-    - 'files/snippets/*.conf'
-  notify:
-    - unbound checkconf
-
- name: Copy main unbound configuration
-  become: true
-  ansible.builtin.template:
-    src: 'files/unbound.conf'
-    dest: '/etc/unbound/unbound.conf'
-    owner: root
-    group: root
-    mode: 'u=rw,g=r,o=r'
-  notify:
-    - unbound checkconf
+- name: configure unbound
+  ansible.builtin.include_tasks: configure.yml
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,3 +1,3 @@
 ---
-playbook_version_number: 68  # should be integer
+playbook_version_number: 69  # should be integer
 playbook_version_path: 'role-unbound_roles-ansible_github.com.version'