Majic Projects
Majic Ansible Roles
Go to the previous open issue
Go to the previous issue (open or closed)
star_faded.png
Please log in to bookmark issues
icon_project.png Majic Ansible Roles / Closed Enhancement MAR-51 Improve role robustness
Go to the next issue (open or closed)
Go to the next open issue
This issue has been closed with status "Closed" and resolution "RESOLVED".
Issue basics
  • Type of issue
    Enhancement
  • Category
    General
  • Targetted for
    1.0.0
  • Status
    Closed
  • Progress
  • Priority
    Needs to be fixed
User pain
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
Affected by this issue (0)
There are no items
People involved
Times and dates
  • Posted at
  • Last updated
  • Estimated time
    1 day, 16 hours
  • Time spent
    No time spent
    Click here to see time logged against this issue
Issue details
  • Resolution
    RESOLVED
Attachments (0)
There is nothing attached to this issue
Duplicate issues (0)
This issue does not have any duplicates
Show / hide more details »
Description
Currently some roles may be somewhat unreliable in different ways. These roles should really be improved to be more robust so there wouldn't be any surprises during failures, reruns, etc.

The following should be fixed in different roles:
* '''backup_client'''
** Extraction of key identifiers should also include checks for content. I.e. bail-out in case the mandatory key IDs are not successfully extracted.
* '''mail_forwarder'''
** Purging of Exim configuration should be moved from a handler to task, since it is idempotent.
*'''preseed'''
** '''ansible_key''' documentation is incorrect - this should be value, not path to ssh key.
*'''common'''
** '''ca_certificates''' should be a dictionary describing deployed certificate files. Keys should be filenames, values should be certificates themselves (currently it's a list of file paths).
* '''ldap_server'''
** '''ldap_server_tls_certificate''' should be certificate content itself instead of a file path.
** '''ldap_server_tls_key''' should be key content itself instead of a file path.
* '''xmpp_server'''
** '''xmpp_tls_certificate''' should be certificate content itself instead of a file path.
** '''xmpp_tls_key''' should be key content itself instead of a file path.
* '''mail_server'''
** '''imap_tls_certificate''' should be content instead of a file path.
** '''imap_tls_key''' should be content instead of a file path.
** '''smtp_tls_certificate''' should be content instead of a file path.
** '''smtp_tls_key''' should be content instead of a file path.
* '''web_server'''
** '''default_https_tls_key''' should be content instead of a file path.
** '''default_https_tls_certificate''' should be content instead of a file path.
* '''php_website'''
** '''https_tls_key''' should be content instead of a file path.
** '''https_tls_certificate''' should be content instead of a file path.
* '''wsgi_website'''
** '''https_tls_key''' should be content instead of a file path.
** '''https_tls_certificate''' should be content instead of a file path.
* '''all roles'''
** Introduce optional execution of all handlers in tasks via custom variable and include directive. The purpose is to allow for execution of handlers only in case of some failed run, since certain handlers are used to bring the system to consistent state. Unfortunately, tagging can't be used for this purpose, and custom variable is needed instead. The handlers should not be auto-executed during regular runs.


Todos (0 / 0)
Options
Issue created