From f9a73e6b230cfd63d81792c50b337ba0c708f60c Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sun, 24 Dec 2017 17:36:43 +0100
Subject: [PATCH] add config validation

---
 defaults/main.yml                 | 1 +
 tasks/install.yml                 | 2 ++
 templates/etc/nginx/nginx.conf.j2 | 2 +-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 1422d8e..ea513fa 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
 nginx_user: nginx
 nginx_group: nginx
+nginx_worker_processes: 1
 nginx_open_ports:
   - 80
   - 443
diff --git a/tasks/install.yml b/tasks/install.yml
index 8e1bebf..be1c1b8 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -57,6 +57,7 @@
       owner: root
       group: root
       mode: 0640
+      validate: /sbin/nginx -t -c %s
     notify:
       - nginx_reload
 
@@ -67,6 +68,7 @@
       owner: root
       group: root
       mode: 0640
+      validate: bash -c 'nginx -t -c /dev/stdin <<< "events {worker_connections 1;} http { include %s; }"'
     with_items:
       - header.conf
       - tls.conf
diff --git a/templates/etc/nginx/nginx.conf.j2 b/templates/etc/nginx/nginx.conf.j2
index 9d9baa9..2a38da4 100644
--- a/templates/etc/nginx/nginx.conf.j2
+++ b/templates/etc/nginx/nginx.conf.j2
@@ -1,6 +1,6 @@
 # {{ ansible_managed }}
 user {{ nginx_user }} {{ nginx_group }};
-worker_processes 1;
+worker_processes {{ nginx_worker_processes }};
 
 error_log /var/log/nginx/error.log;
 pid /run/nginx.pid;