From 3322faf57676607cd720c9efd7f63115f8ea803b Mon Sep 17 00:00:00 2001
From: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Date: Tue, 4 Feb 2020 22:17:00 +0100
Subject: [PATCH] Shell best practice (#40)

* add shell options to syncconf handler to fail fast in case of error

* update CHANGELOG
---
 CHANGELOG.md      | 4 ++++
 handlers/main.yml | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5cedf57..77c1d98 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,10 @@
 Changelog
 ---------
 
+**6.0.1**
+
+- add shell options to syncconf handler to fail fast in case of error
+
 **6.0.0**
 
 - Newer versions of WireGuard (around November 2019) introduced `wg syncconf` subcommand. This has the advantage that changes to the WireGuard configuration can be applied without disturbing existing connections. With this change this role tries to use `wg syncconf` subcommand when available. This even works if you have hosts with older and newer WireGuard versions.
diff --git a/handlers/main.yml b/handlers/main.yml
index 8776427..7d6b6e8 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -8,6 +8,9 @@
 
 - name: syncconf wireguard
   shell: |
+      set -o errexit
+      set -o pipefail
+      set -o nounset
       systemctl is-active wg-quick@wg-quick@{{ wireguard_interface|quote }} || systemctl start wg-quick@{{ wireguard_interface|quote }}
       wg syncconf {{ wireguard_interface|quote }} <(wg-quick strip /etc/wireguard/{{ wireguard_interface|quote }}.conf)
       exit 0