From f568b38831b87d661c6b46b5f28356109887eded Mon Sep 17 00:00:00 2001 From: s3lph Date: Sun, 5 May 2024 13:13:58 +0200 Subject: [PATCH] fix: only start knot after rendering the configuration --- roles/knot/tasks/config.yml | 48 ++++++++++++++++++++++++++++++++++++ roles/knot/tasks/install.yml | 6 ----- roles/knot/tasks/main.yml | 7 +----- roles/knot/tasks/zones.yml | 43 -------------------------------- 4 files changed, 49 insertions(+), 55 deletions(-) delete mode 100644 roles/knot/tasks/zones.yml diff --git a/roles/knot/tasks/config.yml b/roles/knot/tasks/config.yml index 8d46efb..57eb01b 100644 --- a/roles/knot/tasks/config.yml +++ b/roles/knot/tasks/config.yml @@ -10,3 +10,51 @@ vars: zones: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | map(attribute='value') | list }}" notify: restart knot + +- name: Create knot zone directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + owner: knot + group: knot + mode: "0750" + loop: + - "{{ knot_zone_master_storage_path }}" + - "{{ knot_zone_replica_storage_path }}" + +- name: Make sure all zones have a name + ansible.builtin.assert: + that: + - "'name' in item.value" + - "item.value.name | type_debug == 'str'" + fail_msg: "{{ item.key }} does not have a name" + loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}" + +- name: Make sure all zones have at least one master defined + ansible.builtin.assert: + that: + - "'masters' in item.value" + - "item.value.masters | type_debug == 'list'" + - "item.value.masters | length > 0" + fail_msg: "{{ item.key }} does not have a zone master" + loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}" + +- name: Render knot zone files + ansible.builtin.template: + src: var/lib/knot/master/zone.j2 + dest: "{{ knot_zone_master_storage_path }}/{{ item.name }}zone" + owner: knot + group: knot + mode: "0640" + validate: /usr/bin/kzonecheck -v %s + vars: + zone: "{{ item }}" + when: "inventory_hostname in item['masters']" + loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | map(attribute='value') | list }}" + notify: reload knot + +- name: Start and enable knot + ansible.builtin.service: + name: knot + state: started + enabled: true diff --git a/roles/knot/tasks/install.yml b/roles/knot/tasks/install.yml index 6b8ae29..283cf4b 100644 --- a/roles/knot/tasks/install.yml +++ b/roles/knot/tasks/install.yml @@ -16,9 +16,3 @@ - knot - knot-dnsutils - knot-dnssecutils - -- name: Start and enable knot - ansible.builtin.service: - name: knot - state: started - enabled: true diff --git a/roles/knot/tasks/main.yml b/roles/knot/tasks/main.yml index d7ef7fd..c565c91 100644 --- a/roles/knot/tasks/main.yml +++ b/roles/knot/tasks/main.yml @@ -6,14 +6,9 @@ - "role::knot" - "role::knot:install" -- name: Render zonefiles - ansible.builtin.import_tasks: zones.yml - tags: - - "role::knot" - - "role::knot:zones" - - name: Configure knot ansible.builtin.import_tasks: config.yml tags: - "role::knot" - "role::knot:config" + - "role::knot:zones" # Backwards compat; this used to be a separate file diff --git a/roles/knot/tasks/zones.yml b/roles/knot/tasks/zones.yml deleted file mode 100644 index ea10c70..0000000 --- a/roles/knot/tasks/zones.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- - -- name: Create knot zone directories - ansible.builtin.file: - path: "{{ item }}" - state: directory - owner: knot - group: knot - mode: "0750" - loop: - - "{{ knot_zone_master_storage_path }}" - - "{{ knot_zone_replica_storage_path }}" - -- name: Make sure all zones have a name - ansible.builtin.assert: - that: - - "'name' in item.value" - - "item.value.name | type_debug == 'str'" - fail_msg: "{{ item.key }} does not have a name" - loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}" - -- name: Make sure all zones have at least one master defined - ansible.builtin.assert: - that: - - "'masters' in item.value" - - "item.value.masters | type_debug == 'list'" - - "item.value.masters | length > 0" - fail_msg: "{{ item.key }} does not have a zone master" - loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | list }}" - -- name: Render knot zone files - ansible.builtin.template: - src: var/lib/knot/master/zone.j2 - dest: "{{ knot_zone_master_storage_path }}/{{ item.name }}zone" - owner: knot - group: knot - mode: "0640" - validate: /usr/bin/kzonecheck -v %s - vars: - zone: "{{ item }}" - when: "inventory_hostname in item['masters']" - loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^knot_zone_.+$') | map(attribute='value') | list }}" - notify: reload knot