Various updates

71189b93 · Chris Croome · bfa0d7eb · 71189b93 · 71189b93 · 71189b93
Commit 71189b93 authored 2 years ago by Chris Croome
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -2,8 +2,7 @@
 # https://ansible-lint.readthedocs.io/rules/
 skip_list:
  - command-instead-of-module
-  - jinja[spacing]
  - key-order[task]
-  - schema
+  - schema[meta]
 # vim: syntax=yaml
 ...
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ Set the `systemd_timesyncd_reboot` variable to `true` for servers which have inc
 ### systemd_units
-A list of System units to configure, by default there is curently only one service defined, `systemd-timesyncd`:
+A list of System units to configure, for example:
 ```yaml
 systemd_units:
@@ -33,7 +33,7 @@ systemd_units:
        conf:
          Time:
            NTP: 0.pool.ntp.org 1.pool.ntp.org 3.pool.ntp.org 2.pool.ntp.org
-        state: present
+        state: templated
    pkgs:
      - systemd-timesyncd
    state: present
@@ -42,10 +42,20 @@ systemd_units:
 The only required variables is `name`, see the [meta/argument_specs.yml](meta/argument_specs.yml) for the variable types.
-For each service required `.deb` packages can be specified, the state of the service can be specified and the files to be created / amended and their content in YAML, which will be converted into ini format using the [templates/unit.j2](templates/unit.j2) template.
+For each service required `.deb` packages, the state of the service and the files to be created / amended and their content in YAML can be specified.
 Files are read using the [JC ini parser](https://kellyjonbrazil.github.io/jc/docs/parsers/ini) and only updated if the `conf` is to be changed.
+Files can have one of three states set:
+* `absent` - file deleted.
+* `edited` - edit an existing file.
+* `templated` - create a file if one does not exist or replace an existing one.
+The `edited` option uses the [Ansible ini module](https://docs.ansible.com/ansible/latest/collections/community/general/ini_file_module.html) to change or add specified variables, howveer it can't remove variables, unlike the `templated` option it preserves existing comments the file.
+The `templated` option generates the systemd file using the [templates/unit.j2](templates/unit.j2) template.
 When files are updated or deleted backups are created based on the existing file name but prefixed with a leading `.` and suffixed with a timestamp in ISO8601 format and the file extension `.bak`.
 ## Read existing Systemd files using JC
@@ -63,7 +73,7 @@ Time:
 This role requires Ansible 2.11 or newer, [JC](https://pypi.org/project/jc/) and [JMESPath](https://pypi.org/project/jmespath/) to be installed using `pip3` on the Ansible controller.
-## Repo
+## Repository
 The primary URL of this repo is [`https://git.coop/webarch/systemd`](https://git.coop/webarch/systemd) however it is also [mirrored to GitHub](https://github.com/webarch-coop/ansible-role-systemd) and [available via Ansible Galaxy](https://galaxy.ansible.com/chriscroome/systemd).

--- a/meta/argument_specs.yml
+++ b/meta/argument_specs.yml
@@ -36,11 +36,11 @@ argument_specs:
              state:
                type: str
                required: false
-                description: The state of the systemd unit file, present templates the file, edited updates an existing file.
+                description: The state of the systemd unit file.
-                options:
+                choices:
                  - absent
                  - edited
-                  - present
+                  - templated
          name:
            type: str
            required: true
@@ -53,14 +53,14 @@ argument_specs:
            type: str
            required: false
            description: The state of the systemd unit.
-            options:
+            choices:
              - absent
              - present
          unit_state:
            type: str
            required: false
            description: The state of the systemd service.
-            options:
+            choices:
              - reloaded
              - restarted
              - started

--- a/meta/main.yml
+++ b/meta/main.yml
@@ -6,19 +6,13 @@ galaxy_info:
  description: Ansible role for configuring some systemd services on Debian
  company: Webarchitects Co-operative
  license: GNU General Public License v3.0 (GPLv3)
-  min_ansible_version: 2.11
+  min_ansible_version: "2.11"
  platforms:
    - name: debian
      versions:
        - bookworm
        - bullseye
        - buster
-        - stretch
-  # dependencies:
-  #   - name: jc
-  #     src: https://git.coop/webarch/jc
-  #     version: 1.6.0
-  #     scm: git
  galaxy_tags:
    - debian
    - systemd

--- a/tasks/file_absent.yml
+++ b/tasks/file_absent.yml
@@ -17,8 +17,8 @@
      register: systemd_file_absent
      when: systemd_file_absent.stat.exists | bool
-    - name: Flush handlers
+    - name: Include flush handlers task
-      ansible.builtin.meta: flush_handlers
+      ansible.builtin.include_tasks: flush_handlers.yml
      when: systemd_file_absent.changed | bool
  tags:

--- a/tasks/file_present.yml
+++ b/tasks/file_present.yml
@@ -7,20 +7,18 @@
        var: systemd_file
        verbosity: 2
-    # - name: Set a fact for the systemd unit file sections
-    #   ansible.builtin.set_fact:
-    #     systemd_sections: "{{ systemd_file.conf.keys() }}"         
-    # - name: Debug the proposed systemd unit file sections
-    #   ansible.builtin.debug:
-    #     var: systemd_sections
-    #     verbosity: 2
    - name: Stat the systemd unit file
      ansible.builtin.stat:
        path: "{{ systemd_file.path }}"
      register: systemd_file_state
+    - name: Ensure that contradictory variables are not defined
+      ansible.builtin.assert:
+        that:
+          - systemd_file.state != "edited"
+        fail_msg: "The {{ systemd_file.path }} file needs to exist before it can be edited, set state to templated for the file to be created."
+      when: not systemd_file_state.stat.exists | bool
    - name: Systemd unit file read and backed up
      block:
@@ -40,7 +38,7 @@
        - name: Set a fact for the existing systemd unit file sections
          ansible.builtin.set_fact:
-            systemd_file_sections: "{{ systemd_file_vars.keys() }}"    
+            systemd_file_sections: "{{ systemd_file_vars.keys() }}"
        - name: Debug the existing systemd unit file sections
          ansible.builtin.debug:
@@ -59,7 +57,7 @@
      when: systemd_file_state.stat.exists | bool
-    - name: Modify systemd unit file
+    - name: Systemd unit file edited
      block:
        - name: Comment present at the top of the systemd unit file
@@ -94,7 +92,7 @@
        - systemd_file_state.stat.exists | bool
        - systemd_file.state == "edited"
-    - name: Template systemd unit file
+    - name: Systemd unit file templated
      block:
        - name: Systemd unit file directory present
@@ -117,7 +115,7 @@
      when: >-
        ( not systemd_file_state.stat.exists | bool ) or
-        ( systemd_file.state == "present" )
+        ( systemd_file.state == "templated" )
    - name: Include flush handlers task
      ansible.builtin.include_tasks: flush_handlers.yml

--- a/tasks/main.yml
+++ b/tasks/main.yml
 ---
- name: Configure some systemd services
+- name: Configure specified systemd services
  block:
    - name: Package systemd present
@@ -33,14 +33,14 @@
            ( systemd_unit.state is not defined ) or
            ( systemd_unit.state == "present" )
+        - name: Include timesyncd tasks
+          ansible.builtin.include_tasks: timesyncd.yml
+          when: ( "systemd-timesyncd" in systemd_unit_names )
      when:
        - systemd_units is defined
        - systemd_units | length > 0
-    - name: Include timesyncd tasks
-      ansible.builtin.include_tasks: timesyncd.yml
-      when: ( "systemd-timesyncd" in systemd_unit_names )
  when: systemd
  tags:
    - systemd

--- a/tasks/unit_absent.yml
+++ b/tasks/unit_absent.yml
@@ -7,47 +7,28 @@
        var: systemd_unit
        verbosity: 2
-    - name: Systemd packages present
+    - name: Systend unit stopped
+      ansible.builtin.systemd:
+        name: "{{ systemd_unit.name }}"
+        state: stopped
+      when: systemd_unit_file_name in systemd_unit_files_enabled
+      vars:
+        systemd_unit_file_name: "{{ systemd_unit.name }}.service"
+    - name: Systemd packages absent
      ansible.builtin.apt:
        pkg: "{{ systemd_unit.pkgs }}"
-        state: present
+        state: absent
      when:
        - systemd_unit.pkgs is defined
        - systemd_unit.pkgs | length > 0
-    - name: Systemd unit file directory present
+    - name: Systemd unit files absent
-      ansible.builtin.file:
+      ansible.builtin.include_tasks: file_absent.yml
-        path: "{{ systemd_unit.path | ansible.builtin.dirname }}"
+      loop: "{{ systemd_unit.files }}"
-        state: directory
+      loop_control:
-        mode: 0755
+        loop_var: systemd_file
-        owner: root
+        label: "{{ systemd_file.path | basename }}"
-        group: root
-    - name: Systemd unit file present
-      ansible.builtin.template:
-        src: unit.j2
-        dest: "{{ systemd_unit.path }}"
-        backup: true
-        mode: 0644
-        owner: root
-        group: root
-      register: systend_unit_present
-      notify: Reload systemd
-    - name: Flush handlers
-      ansible.builtin.meta: flush_handlers
-      when: systend_unit_present.changed | bool
-    - name: Stat the systemd unit file
-      ansible.builtin.stat:
-        path: "{{ systemd_unit.path }}"
-      register: systemd_unit_state
-    - name: Unit state set
-      ansible.builtin.systemd:
-        name: "{{ systemd_unit.name }}"
-        state: "{{ systemd_unit.unit_state | default('started') }}"
-      when: systemd_unit_state.stat.exists | bool
  tags:
    - systemd

--- a/tasks/unit_present.yml
+++ b/tasks/unit_present.yml
@@ -25,7 +25,7 @@
        - systemd_file.state is defined
        - systemd_file.state == "absent"
-    - name: Include the systemd unit file edited or present tasks
+    - name: Include the systemd unit file edited or templated tasks
      ansible.builtin.include_tasks: file_present.yml
      loop: "{{ systemd_unit.files }}"
      loop_control:
@@ -34,7 +34,7 @@
      when: >-
        ( systemd_file.state is not defined ) or
        ( systemd_file.state == "edited" ) or
-        ( systemd_file.state == "present" )
+        ( systemd_file.state == "templated" )
    - name: Unit state set
      ansible.builtin.systemd: