From 5fde32740888b24cc1686d01f647cae6b06324bd Mon Sep 17 00:00:00 2001 From: Scott Walkinshaw Date: Wed, 20 Jul 2022 12:06:43 -0400 Subject: [PATCH 1/2] Fix warnings for missing nginx-includes paths --- .../wordpress-setup/tasks/nginx-includes.yml | 99 +++++++++++-------- 1 file changed, 57 insertions(+), 42 deletions(-) diff --git a/roles/wordpress-setup/tasks/nginx-includes.yml b/roles/wordpress-setup/tasks/nginx-includes.yml index a18e2e1851..aebc5ae644 100644 --- a/roles/wordpress-setup/tasks/nginx-includes.yml +++ b/roles/wordpress-setup/tasks/nginx-includes.yml @@ -1,49 +1,64 @@ --- -- name: Build list of Nginx includes templates - find: - paths: - - "{{ nginx_includes_templates_path }}" - pattern: "*.conf.j2" - recurse: yes +- stat: + path: "{{ nginx_includes_templates_path }}" become: no delegate_to: localhost - register: nginx_includes_templates + register: nginx_includes_local_directory -- name: Create includes.d directories - file: - path: "{{ nginx_path }}/includes.d/{{ item }}" - state: directory - mode: '0755' - with_items: "{{ nginx_includes_templates.files | map(attribute='path') | - map('regex_replace', nginx_includes_pattern, '\\2') | - map('dirname') | unique | list | sort - }}" - when: nginx_includes_templates.files | count +- block: + - name: Build list of Nginx includes templates + find: + paths: "{{ nginx_includes_templates_path }}" + pattern: "*.conf.j2" + recurse: yes + become: no + delegate_to: localhost + register: nginx_includes_templates -- name: Template files out to includes.d - template: - src: "{{ item }}" - dest: "{{ nginx_path }}/includes.d/{{ item | regex_replace(nginx_includes_pattern, '\\2') }}" - mode: '0644' - with_items: "{{ nginx_includes_templates.files | map(attribute='path') | list | sort(True) }}" - notify: reload nginx + - name: Create includes.d directories + file: + path: "{{ nginx_path }}/includes.d/{{ item }}" + state: directory + recurse: yes + mode: '0755' + with_items: "{{ nginx_includes_templates.files | map(attribute='path') | + map('regex_replace', nginx_includes_pattern, '\\2') | + map('dirname') | unique | list | sort + }}" + when: nginx_includes_templates.files | count -- name: Retrieve list of existing files in includes.d - find: - paths: "{{ nginx_path }}/includes.d" - pattern: "*.conf" - recurse: yes - register: nginx_includes_existing - when: nginx_includes_d_cleanup | bool + - name: Template files out to includes.d + template: + src: "{{ item }}" + dest: "{{ nginx_path }}/includes.d/{{ item | regex_replace(nginx_includes_pattern, '\\2') }}" + mode: '0644' + with_items: "{{ nginx_includes_templates.files | map(attribute='path') | list | sort(True) }}" + notify: reload nginx + when: nginx_includes_local_directory.stat.isdir is defined + +- name: Cleanup old unmanaged Nginx includes + block: + - stat: + path: "{{ nginx_path }}/includes.d" + register: nginx_includes_directory -- name: Remove unmanaged files from includes.d - file: - path: "{{ item }}" - state: absent - with_items: "{{ nginx_includes_existing.files | default({}) | map(attribute='path') | - difference(nginx_includes_templates.files | map(attribute='path') | - map('regex_replace', nginx_includes_pattern, nginx_path + '/includes.d/\\2') | unique - ) | list - }}" - when: nginx_includes_d_cleanup - notify: reload nginx + - name: Retrieve list of existing files in includes.d + find: + paths: "{{ nginx_path }}/includes.d" + pattern: "*.conf" + recurse: yes + register: nginx_includes_existing + when: nginx_includes_directory.stat.isdir is defined + + - name: Remove unmanaged files from includes.d + file: + path: "{{ item }}" + state: absent + with_items: "{{ nginx_includes_existing.files | default({}) | map(attribute='path') | + difference(nginx_includes_templates.files | default({} )| map(attribute='path') | + map('regex_replace', nginx_includes_pattern, nginx_path + '/includes.d/\\2') | unique + ) | list + }}" + when: nginx_includes_directory.stat.isdir is defined + notify: reload nginx + when: nginx_includes_d_cleanup | bool From b06a2f3c251b5218cef316d41e4ce5f11e627edd Mon Sep 17 00:00:00 2001 From: Scott Walkinshaw Date: Wed, 20 Jul 2022 12:51:27 -0400 Subject: [PATCH 2/2] Fix warnings for missing fail2ban filters paths --- roles/fail2ban/defaults/main.yml | 1 + roles/fail2ban/tasks/main.yml | 14 +++++++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/roles/fail2ban/defaults/main.yml b/roles/fail2ban/defaults/main.yml index 598172cfbd..a57c78e9ab 100644 --- a/roles/fail2ban/defaults/main.yml +++ b/roles/fail2ban/defaults/main.yml @@ -28,4 +28,5 @@ fail2ban_services_default: fail2ban_services_custom: [] fail2ban_services: "{{ fail2ban_services_default + fail2ban_services_custom }}" +fail2ban_builtin_filter_templates_path: "{{ playbook_dir }}/roles/fail2ban/templates/filters" fail2ban_filter_templates_path: fail2ban_filters diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml index 2a900a2a87..8e1bf7ecba 100644 --- a/roles/fail2ban/tasks/main.yml +++ b/roles/fail2ban/tasks/main.yml @@ -18,11 +18,19 @@ notify: - restart fail2ban +- name: Check if fail2ban_filter_templates_path exists + stat: + path: "{{ fail2ban_filter_templates_path }}" + become: no + delegate_to: localhost + register: fail2ban_filter_templates_path_result + - name: build list of fail2ban filter templates find: - paths: - - "{{ playbook_dir }}/roles/fail2ban/templates/filters" - - "{{ fail2ban_filter_templates_path }}" + paths: "{{ fail2ban_filter_templates_path_result.stat.isdir is defined | ternary( + [fail2ban_builtin_filter_templates_path, fail2ban_filter_templates_path], + [fail2ban_builtin_filter_templates_path] + ) }}" pattern: "*.conf.j2" become: no delegate_to: localhost