feat: Add dynamic config

nginxinc · Aug 19, 2024 · 563fd3e · 563fd3e
1 parent b7dabbe
commit 563fd3e
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 6 deletions.
diff --git a/defaults/main/agent.yml b/defaults/main/agent.yml
@@ -3,14 +3,15 @@
 # Requires access to either the NGINX stub_status or the NGINX Plus REST API.
 nginx_agent_enable: false
 
+
+########################################################################################################################
+# The following parameters let you configure the static configuration file of NGINX Agent.                             #
+# By default, the config produced is as close a match to the default config provided by NGINX Agent upon installation. #
+########################################################################################################################
+
 # Configure the NGINX Agent.
 nginx_agent_configure: false
 
-#######################################################################################################################
-# The following parameters let you configure NGINX Agent.                                                             #
-# By default, the config produced is as close a match to the default config provided by NGINX Agent upon installation.#
-#######################################################################################################################
-
 # Specify the NGINX Agent API host and port. Optionally, specify the path to the cert and key.
 # Default is not enabled.
 # nginx_agent_api:
@@ -84,3 +85,23 @@ nginx_agent_metrics:
 # nginx_agent_app_protect:
 #   report_interval: 15s
 #   precompiled_publication: true
+
+
+#############################################################################################
+# The following parameters let you configure the dynamic configuration file of NGINX Agent. #
+# By default, nothing is configured.                                                        #
+#############################################################################################
+
+# Configure the NGINX Agent dynamic configuration file.
+# NOTE: This will only run if the NGINX Agent dynamic configuration file has not yet been modified externally.
+# If you want to force push a dynamic configuration file, use the 'nginx_agent_configure_dynamic_force' parameter below.
+# Default is false.
+nginx_agent_configure_dynamic: false
+# Force pushing a new dynamic configuration file to NGINX Agent.
+# NOTE: This will overwrite any changes made to the dynamic configuration file by a control plane, and might lead to unexpected behavior.
+# Default is false.
+nginx_agent_configure_dynamic_force: false
+
+# Specify the NGINX Agent instance group and tags.
+# nginx_agent_instance_group: my_instance_group
+# nginx_agent_tags: [ansible, dev, qa]
diff --git a/molecule/agent/converge.yml b/molecule/agent/converge.yml
@@ -25,3 +25,6 @@
         nginx_agent_api:
           host: 127.0.0.1
           port: 8081
+        nginx_agent_configure_dynamic: true
+        nginx_agent_instance_group: ansible_instance_group
+        nginx_agent_tags: ['ansible', 'dev']
diff --git a/tasks/agent/install-agent.yml b/tasks/agent/install-agent.yml
@@ -1,4 +1,16 @@
 ---
+- name: (Alpine Linux/Debian/SLES OSs) Install NGINX Agent nstat prerequisite
+  ansible.builtin.package:
+    name: iproute2
+    state: present
+  when: ansible_facts['os_family'] in ['Alpine', 'Debian', 'Suse']
+
+- name: (Red Hat OSs) Install NGINX Agent nstat prerequisite
+  ansible.builtin.package:
+    name: iproute
+    state: present
+  when: ansible_facts['os_family'] == "RedHat"
+
 - name: Manage NGINX Agent repository
   ansible.builtin.include_tasks: "{{ role_path }}/tasks/agent/setup-{{ ansible_facts['os_family'] | lower }}.yml"
   when: ansible_facts['os_family'] in ['Alpine', 'Debian', 'RedHat', 'Suse']
@@ -8,11 +20,34 @@
     name: nginx-agent
     state: present
 
-- name: Configure NGINX Agent
+- name: Dynamically generate NGINX Agent static configuration file
   ansible.builtin.template:
     src: nginx-agent/nginx-agent.conf.j2
     dest: /etc/nginx-agent/nginx-agent.conf
     mode: "0644"
     backup: true
   when: nginx_agent_configure | bool
   notify: (Handler) Start NGINX Agent
+
+- name: Check if the NGINX Agent dynamic configuration file has been modified
+  ansible.builtin.lineinfile:
+    path: /var/lib/nginx-agent/agent-dynamic.conf
+    line: '# agent-dynamic.conf'
+    state: present
+  check_mode: true
+  changed_when: false
+  when:
+    - nginx_agent_configure_dynamic | bool
+    - not nginx_agent_configure_dynamic_force | bool
+  register: default_conf
+
+- name: Dynamically generate NGINX Agent dynamic configuration file if it has not been externally modified
+  ansible.builtin.template:
+    src: nginx-agent/agent-dynamic.conf.j2
+    dest: "{{ (ansible_facts['system'] | lower is not search('bsd')) | ternary('/var/lib/nginx-agent/agent-dynamic.conf', '/var/db/nginx-agent/agent-dynamic.conf') }}"
+    mode: "0644"
+    backup: true
+  when:
+    - nginx_agent_configure_dynamic | bool
+    - (default_conf['msg'] is defined and default_conf['msg'] != 'line added') or nginx_agent_configure_dynamic_force | bool
+  notify: (Handler) Start NGINX Agent
diff --git a/templates/nginx-agent/agent-dynamic.conf.j2 b/templates/nginx-agent/agent-dynamic.conf.j2
@@ -0,0 +1,11 @@
+{{ ansible_managed | comment }}
+
+{% if nginx_agent_instance_group is defined %}
+instance_group: {{ nginx_agent_instance_group }}
+{% endif %}
+{% if nginx_agent_tags is defined %}
+tags:
+{% for tag in nginx_agent_tags %}
+  - {{ tag }}
+{% endfor %}
+{% endif %}