Closed ganto closed 6 years ago
ypid
commented
7 years ago Thanks for the patch.
I guess if a .deb package is shipping such an "invalid" configuration this would be considered a bug.
Sounds like IfModule should be used. Is that what you mean? I guess your patch mitigates this issue already?
When I remember correctly, there was a reason why I handle modules first. There is "Manage Apache modules" and "Manage Apache modules, part 2" in the tasks.
ganto
commented
7 years ago I guess you first handle the modules because a snippet that you activate afterwards might depend on it. This perfectly makes sense.
Now my issue was, that running the modules task would fail because there is still a snippet active which uses a module not yet activated. This is the case because I patch the upstream snippet to use mod_headers. Before I used debops.apache I enabled the module via lineinfile which obviously didn't check the consistency of the configuration and therefore wouldn't fail.
This patch series now allows to disable an inconsistent config before managing the modules.
As stated before, the actual issue is the inconsistent config. The correct approach in my case would therefore be, to guard the header statements with an
ypid
commented
7 years ago All right. Thanks for explaining. I guess this patch comes in handy for such situations. I would just leave it open for now so that this PR can be checked out when next working on the role. In the meantime, if anyone else comes across this/needs this maybe just give the first comment in this PR a thumbs up.
ganto
commented
7 years ago FYI: The original issue Error executing /usr/sbin/apache2ctl: AH00526: Syntax error on line 15 of /omd/sites/debops/etc/apache/mode.conf:\nInvalid command 'RequestHeader', perhaps misspelled or defined by a module not included in the server configuration\n" was fixed with https://github.com/debops-contrib/ansible-checkmk_server/pull/53/commits/35bc317dfae84825abaaf40728e57bea05f6840b
drybjed
commented
6 years ago @ganto, @ypid, since you don't plan to merge the PR at the moment, can I close it so that it doesn't block the merge of all roles into one repository? We can certainly come back to it later.
ganto
commented
6 years ago Sure, go on.
ypid
commented
6 years ago @ganto Sorry for the delay. Closing then for now.
The
apache2_moduleAnsible module used for activating/deactivating Apache 2 modules expects a valid server configuration when it's running. However, it might happen, that a 3rd party mechanism installs a snippet which requires some modules not yet available before running the module tasks. This would result in an error such as:However, I must admit that in my case, I manually patch the Apache configuration shipped by the Check_MK package which triggers this error. I guess if a .deb package is shipping such an "invalid" configuration this would be considered a bug.
Maybe there are some other conditions which would make those changes useful. Otherwise it'll be a reference if someone ever has this issue and needs a quick fix. Feel free to close it if you don't see fit.
I'm using this patchset until I figured out a way to fix the HTTPS issues in Check_MK in a cleaner way.