Update to 2022-03-17 09:00

roles/ldap2pg/tasks/conf.yml

@@ -0,0 +1,40 @@
+---
+
+- name: Deploy ldap2pg configuration
+  block:
+    - name: Render config template
+      template:
+        src: ldap2pg.yml.j2
+        dest: "/etc/ldap2pg.yml"
+        owner: "{{ ldap2pg_user }}"
+        group: "{{ ldap2pg_user }}"
+        mode: 0600
+        backup: True
+      register: ldap2pg_rendered_conf
+      notify:
+        - restart ldap2pg.timer
+
+    - name: Validate new configuration
+      command: /bin/ldap2pg --config /etc/ldap2pg.yml --dry
+      changed_when: False
+      become_user: "{{ ldap2pg_user }}"
+      register: ldap2pg_conf_validation
+
+  rescue:
+    - name: Rollback previous configuration
+      copy:
+        src: "{{ ldap2pg_rendered_conf.backup_file }}"
+        dest: /etc/ldap2pg.yml
+        remote_src: True
+        owner: "{{ ldap2pg_user }}"
+        group: "{{ ldap2pg_user }}"
+        mode: 0600
+      when: ldap2pg_rendered_conf.backup_file is defined
+
+  tags: pg
+
+- name: Fails if new configuration isn't validated
+  fail:
+    msg: "Failed to validate /etc/ldap2pg: {{ ldap2pg_conf_validation.stdout }}"
+  when: ldap2pg_conf_validation.rc != 0
+  tags: pg