From 9f5f692b6a9bc46c4d733eb390cab414689c70a0 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 29 Jul 2018 09:25:54 -0500 Subject: [PATCH] roles/apache: Do not start Apache If another role that depends on the *apache* role accidentally creates an invalid configuration, it will be impossible to correct it by subsequent invocations of its playbook. This is because the *apache* role always tries to start the service, which will fail if the configuration is invalid, thus aborting the playbook. With this early abort, there is no way for later tasks to correct the error. Playbooks that include the *apache* role should have a task that is executed after all the roles have been applied to ensure the service is running. --- roles/apache/files/.gitignore | 1 + roles/apache/tasks/main.yml | 6 ------ 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/roles/apache/files/.gitignore b/roles/apache/files/.gitignore index c55fa0e..151513e 100644 --- a/roles/apache/files/.gitignore +++ b/roles/apache/files/.gitignore @@ -3,3 +3,4 @@ *.key *.pem *.keytab +*.cnf diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index 946ad70..5636fc1 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -87,12 +87,6 @@ with_items: '{{ web_ports }}' notify: save firewalld configuration -- meta: flush_handlers -- name: ensure httpd service is running - service: - name=httpd - state=started - - name: ensure old apache logs are rotated template: src=httpd.logrotate.j2