From c1169f86f16842d548e739a5ce8db80dce975dd9 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 28 Dec 2017 11:16:06 +0100
Subject: [PATCH] Squid: replace logrotate file if default

---
 squid/tasks/logrotate.yml            |  6 ------
 squid/tasks/logrotate_jessie.yml     | 29 ++++++++++++++++++++++++++++
 squid/tasks/logrotate_stretch.yml    | 29 ++++++++++++++++++++++++++++
 squid/tasks/main.yml                 |  6 +++++-
 squid/templates/logrotate.j2         | 11 -----------
 squid/templates/logrotate_jessie.j2  | 14 ++++++++++++++
 squid/templates/logrotate_stretch.j2 | 18 +++++++++++++++++
 7 files changed, 95 insertions(+), 18 deletions(-)
 delete mode 100644 squid/tasks/logrotate.yml
 create mode 100644 squid/tasks/logrotate_jessie.yml
 create mode 100644 squid/tasks/logrotate_stretch.yml
 delete mode 100644 squid/templates/logrotate.j2
 create mode 100644 squid/templates/logrotate_jessie.j2
 create mode 100644 squid/templates/logrotate_stretch.j2

diff --git a/squid/tasks/logrotate.yml b/squid/tasks/logrotate.yml
deleted file mode 100644
index 975c3a96..00000000
--- a/squid/tasks/logrotate.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: logrotate configuration
-  template:
-    src: logrotate.j2
-    dest: /etc/logrotate.d/{{ squid_daemon_name }}
-    force: no
diff --git a/squid/tasks/logrotate_jessie.yml b/squid/tasks/logrotate_jessie.yml
new file mode 100644
index 00000000..654089f5
--- /dev/null
+++ b/squid/tasks/logrotate_jessie.yml
@@ -0,0 +1,29 @@
+---
+
+# md5sum for squid logrotate file :
+#
+# --check reads stdin for a list of files and md5 sums
+# the list contains the checksum for the file provided by Jessie
+#
+# We don't use --status so we can debug if needed
+#
+# With that command we can check if the logrotate file for squid
+# is the one provided by the package.
+
+- name: check if logrotate file is default
+  shell: 'printf "43994674706b672ae5018f592beccf2e  /etc/logrotate.d/{{ squid_daemon_name }}" | md5sum --check'
+  changed_when: False
+  failed_when: False
+  check_mode: no
+  register: squid_logrotate_md5
+  tags:
+    - squid
+
+- name: logrotate configuration
+  template:
+    src: logrotate.j2
+    dest: /etc/logrotate.d/{{ squid_daemon_name }}
+    force: yes
+  when: squid_logrotate_md5.rc == 0
+  tags:
+    - squid
diff --git a/squid/tasks/logrotate_stretch.yml b/squid/tasks/logrotate_stretch.yml
new file mode 100644
index 00000000..579c228c
--- /dev/null
+++ b/squid/tasks/logrotate_stretch.yml
@@ -0,0 +1,29 @@
+---
+
+# md5sum for squid logrotate file :
+#
+# --check reads stdin for a list of files and md5 sums
+# the list contains the checksum for the file provided by Stretch
+#
+# We don't use --status so we can debug if needed
+#
+# With that command we can check if the logrotate file for squid
+# is the one provided by the package.
+
+- name: check if logrotate file is default
+  shell: 'printf "c210feea019412adac8a5d5dcba427af  /etc/logrotate.d/{{ squid_daemon_name }}" | md5sum --check'
+  changed_when: False
+  failed_when: False
+  check_mode: no
+  register: squid_logrotate_md5
+  tags:
+    - squid
+
+- name: logrotate configuration
+  template:
+    src: logrotate_stretch.j2
+    dest: /etc/logrotate.d/{{ squid_daemon_name }}
+    force: yes
+  when: squid_logrotate_md5.rc == 0
+  tags:
+    - squid
diff --git a/squid/tasks/main.yml b/squid/tasks/main.yml
index 7c080b44..19e6949c 100644
--- a/squid/tasks/main.yml
+++ b/squid/tasks/main.yml
@@ -134,7 +134,11 @@
   notify: "reload squid"
   when: ansible_distribution_major_version | version_compare('9', '>=')
 
-- include: logrotate.yml
+- include: logrotate_jessie.yml
+  when: ansible_distribution_release == "jessie"
+
+- include: logrotate_stretch.yml
+  when: ansible_distribution_major_version | version_compare('9', '>=')
 
 - include: minifirewall.yml
 
diff --git a/squid/templates/logrotate.j2 b/squid/templates/logrotate.j2
deleted file mode 100644
index 12597d7b..00000000
--- a/squid/templates/logrotate.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-/var/log/{{ squid_daemon_name }}/*.log {
-    monthly
-    compress
-    rotate 12
-    missingok
-    create 640 proxy adm
-    sharedscripts
-    postrotate
-        test ! -e /var/run/{{ squid_daemon_name }}.pid || /usr/sbin/{{ squid_daemon_name }} -k rotate
-    endscript
-}
diff --git a/squid/templates/logrotate_jessie.j2 b/squid/templates/logrotate_jessie.j2
new file mode 100644
index 00000000..7733ef9b
--- /dev/null
+++ b/squid/templates/logrotate_jessie.j2
@@ -0,0 +1,14 @@
+#
+#	Logrotate fragment for squid3.
+#
+/var/log/squid3/*.log {
+    monthly
+    compress
+    rotate 12
+    missingok
+    create 640 proxy adm
+    sharedscripts
+    postrotate
+        test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate
+    endscript
+}
diff --git a/squid/templates/logrotate_stretch.j2 b/squid/templates/logrotate_stretch.j2
new file mode 100644
index 00000000..5b2f6a67
--- /dev/null
+++ b/squid/templates/logrotate_stretch.j2
@@ -0,0 +1,18 @@
+#
+#	Logrotate fragment for squid.
+#
+/var/log/squid/*.log {
+    monthly
+    compress
+    delaycompress
+    rotate 12
+    missingok
+    create 640 proxy adm
+    sharedscripts
+    prerotate
+        test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports monthly
+    endscript
+    postrotate
+        test ! -e /var/run/squid.pid || test ! -x /usr/sbin/squid || /usr/sbin/squid -k rotate
+    endscript
+}