updates

2024-07-25 11:38:45 -04:00 · 2024-07-25 11:38:45 -04:00 · 6f4db88af9
commit 6f4db88af9
parent c7a929c4b5
6 changed files with 133 additions and 9 deletions
--- a/apache-precheck.yml
+++ b/apache-precheck.yml
@ -4,11 +4,8 @@
  become: true
  gather_facts: true

-  vars:
-    mw_apache_bin: 'httpd'
-    mw_apache_pkg: 'httpd'
-    # mw_apache_pkg: 'php'
-
+  vars_files:
+    - httpd.yml

  tasks:
    - name: Check if Middleware Apache package is present
@ -19,10 +16,6 @@
      changed_when: false
      register: mw_apache_pkg_check

-    - name: Debug mw_apache_pkg_check
-      ansible.builtin.debug:
-        var: mw_apache_pkg_check
-
    - name: Verify Middleware Apache package and process presence
      block:
        - name: Assert that Middleware Apache package is present
@ -42,6 +35,7 @@
              mw_apache_is_installed: false

    - name: Verify if Middleware Apache process is running
+      when: mw_apache_pkg_check['results'] | length == 0
      block:
        - name: Check if any Middleware Apache processes are running
          community.general.pids:
--- a/httpd_unit.ini
+++ b/httpd_unit.ini
@ -0,0 +1,20 @@
+[Unit]
+Description=The Apache HTTP Server
+Wants=httpd-init.service
+After=network.target remote-fs.target nss-lookup.target httpd-init.service
+Documentation=man:httpd.service(8)
+
+[Service]
+Type=notify
+Environment=LANG=C
+
+ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND -f /apps/GTS/https-testinstance.wellsfargo.com/conf/httpd.conf
+ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
+# Send SIGWINCH for graceful stop
+KillSignal=SIGWINCH
+KillMode=mixed
+PrivateTmp=true
+OOMPolicy=continue
+
+[Install]
+WantedBy=multi-user.target
--- a/vars/httpd.yml
+++ b/vars/httpd.yml
@ -0,0 +1,3 @@
+---
+mw_apache_bin: 'httpd'
+mw_apache_pkg: 'httpd'
--- a/verify-apache.yml
+++ b/verify-apache.yml
@ -4,6 +4,10 @@
  become: true
  gather_facts: false

+  vars:
+    mw_apache_bin: 'httpd'
+    mw_apache_pkg: 'httpd'
+
  tasks:
    - name: Verify Middleware Apache package presence
      ansible.builtin.debug:
@ -16,3 +20,9 @@
        msg: "Middleware Apache process is running."
      when:
        - mw_apache_is_running | bool
+
+    - name: Verify configuration files
+      ansible.builtin.import_tasks: verify-configs.yml
+      when:
+        - mw_apache_is_installed | bool
+        - mw_apache_is_running | bool
--- a/verify-configs.yml
+++ b/verify-configs.yml
@ -0,0 +1,39 @@
+---
+- name: Verify Middleware Apache configs
+  ansible.builtin.find:
+    path: /apps/GTS
+    recurse: true
+    use_regex: false
+    patterns:
+      - 'httpd.conf'
+  register: find_files
+
+- name: Debug find_files
+  ansible.builtin.debug:
+    var: find_files
+
+- name: List the Apache configurations found
+  ansible.builtin.debug:
+    msg: "Config found: {{ item['path'] }}"
+  loop: "{{ find_files['files'] }}"
+  loop_control:
+    label: "{{ item['path'] }}"
+
+- name: Get a list of Apache processes on the host
+  ansible.builtin.shell:
+    cmd: |
+      set -o pipefail
+      ps -ef | grep -i {{ mw_apache_bin }} | awk '{print $11}'
+  register: apache_processes
+  changed_when: false
+
+- name: Debug apache_processes
+  ansible.builtin.debug:
+    msg: "{{ item }}"
+  loop: "{{ apache_processes['stdout_lines'] }}"
+  when:
+    - "'apps' in item"
+
+- name: Debug mw_apache_bin
+  ansible.builtin.debug:
+    var: mw_apache_bin
--- a/verify-services.yml
+++ b/verify-services.yml
@ -0,0 +1,58 @@
+---
+- name: Verify Services
+  hosts: all
+  become: true
+  gather_facts: false
+
+  vars:
+    # value in minutes (int/float):
+    bigboot_service_max_timeout: 2
+
+    bigboot_protected_services:
+      - sshd.service
+      - user@0.service
+
+  tasks:
+    - name: Verify Middleware Apache package presence
+      ansible.builtin.service_facts:
+
+    - name: Debug services
+      ansible.builtin.debug:
+        var: ansible_facts.services
+
+    - name: Capture a list of running services
+      ansible.builtin.set_fact:
+        bigboot_systemd_running_services:
+          "{{ bigboot_systemd_running_services | default([]) + [item['key']] }}"
+      when:
+        - "'running' in item['value']['state']"
+      loop: "{{ ansible_facts['services'] | dict2items }}"
+      loop_control:
+        label: "{{ item['key'] }}"
+
+    - name: Debug bigboot_systemd_running_services
+      ansible.builtin.debug:
+        var: bigboot_systemd_running_services
+
+    - name: Get timeout value for service
+      ansible.builtin.shell:
+        cmd: |
+          set -o pipefail
+          systemctl show {{ item }} | grep TimeoutStopUSec
+      changed_when: false
+      register: bigboot_systemd_service_timeout
+      loop: "{{ bigboot_systemd_running_services }}"
+
+    - name: Debug bigboot_systemd_service_timeout
+      ansible.builtin.debug:
+        msg: "{{ item['item'] }} -> {{ item['stdout'] | regex_replace('^.*=(.*$)', '\\1') }}"
+      when:
+        - item['item'] not in bigboot_protected_services
+        - item['stdout'] | regex_replace('^.*=(.*$)', '\\1') | community.general.to_minutes >= bigboot_service_max_timeout
+      loop: "{{ bigboot_systemd_service_timeout['results'] }}"
+      loop_control:
+        label: "{{ item['item'] }}"
+
+    # - name: Convert a duration into minutes
+    #   ansible.builtin.debug:
+    #     msg: "{{ '1min 30s' | community.general.to_minutes }}"