61 lines
1.7 KiB
YAML
61 lines
1.7 KiB
YAML
---
|
|
# roles/pfsense_upgrade/tasks/main.yml
|
|
|
|
- name: Include pre-flight checks
|
|
ansible.builtin.import_tasks: preflight.yml
|
|
tags: [always, preflight, check]
|
|
|
|
- name: Include version detection
|
|
ansible.builtin.import_tasks: version_detect.yml
|
|
tags: [always, check]
|
|
|
|
- name: Include update check
|
|
ansible.builtin.import_tasks: update_check.yml
|
|
tags: [always, check]
|
|
|
|
# Config backup to webhook (before upgrade)
|
|
- name: Include config backup to webhook
|
|
ansible.builtin.import_tasks: backup_webhook.yml
|
|
tags: [always, backup]
|
|
when: perform_upgrade | bool
|
|
|
|
- name: DEBUG - Check CARP conditions
|
|
ansible.builtin.debug:
|
|
msg:
|
|
- "ha_peer is defined: {{ ha_peer is defined }}"
|
|
- "ha_peer value: {{ ha_peer | default('UNDEFINED') }}"
|
|
- "ha_peer length: {{ ha_peer | length if ha_peer is defined else 'N/A' }}"
|
|
when: always
|
|
|
|
# CARP pre-upgrade (demotion)
|
|
- name: Include CARP pre-upgrade logic
|
|
ansible.builtin.import_tasks: carp_pre.yml
|
|
tags: [always, check, carp]
|
|
when:
|
|
- ha_peer is defined
|
|
- ha_peer | length > 0
|
|
- upgrade_available | bool # Also only if upgrade is available
|
|
|
|
# Upgrade execution
|
|
- name: Include upgrade execution
|
|
ansible.builtin.import_tasks: upgrade.yml
|
|
tags: [upgrade]
|
|
when:
|
|
- perform_upgrade | bool
|
|
- upgrade_available | bool
|
|
|
|
# CARP post-upgrade (restore)
|
|
- name: Include CARP post-upgrade restore
|
|
ansible.builtin.import_tasks: carp_post.yml
|
|
tags: [upgrade, carp]
|
|
when:
|
|
- ha_peer is defined
|
|
- ha_peer | length > 0
|
|
- perform_upgrade | bool
|
|
- upgrade_available | bool # Also only if upgrade is available
|
|
|
|
# Verification
|
|
- name: Include post-upgrade verification
|
|
ansible.builtin.import_tasks: verify.yml
|
|
tags: [upgrade, verify]
|
|
when: perform_upgrade | bool |