updates for Ansible 2.x

roles/easyredmine/tasks/attachments_storage.yml

@@ -9,14 +9,14 @@
 
 - file: path='{{ redmine_files_nfs_mount }}'
         state=directory
-  sudo: yes
+  become: yes
 
 - mount: name='{{ redmine_files_nfs_mount }}'
          src='{{ redmine_files_nfs_source }}'
          fstype=nfs
          opts=rsize=32768,wsize=32768,tcp,hard,nointr
          state=mounted
-  sudo: yes
+  become: yes
 
 - name: set attachments_storage_path in configuration.yml
   lineinfile: >

roles/easyredmine/tasks/database.yml

@@ -1,6 +1,6 @@
 - name: install mysql, mariadb packages
   yum: name='{{ item }}'
-  sudo: yes
+  become: yes
   with_items:
     - mysql-devel
     - mariadb-server
@@ -9,14 +9,14 @@
 
 - service: name='{{ redmine_db_service_provider }}'
            state=started
-  sudo: yes
+  become: yes
 
 - mysql_db: name='{{ redmine_db_name }}'
             state=present
             encoding=utf8
             login_user='{{ mysql_admin_login }}'
             login_password='{{ mysql_admin_password }}'
-  sudo: yes
+  become: yes
   register: redmine_db_created
 
 # source database may not have same name as VM db.
@@ -51,5 +51,5 @@
               append_privs=yes
               priv='{{ redmine_db_name }}.*:ALL'
               state=present
-  sudo: yes
+  become: yes
 

roles/easyredmine/tasks/firewall.yml

@@ -2,18 +2,18 @@
 - service: name=firewalld
            state=started
            enabled=yes
-  sudo: yes
+  become: yes
 
 - firewalld: service=https
              permanent=true
              state=enabled
-  sudo: yes
+  become: yes
   notify: restart firewalld
 
 - firewalld: service=http
              permanent=true
              state=enabled
-  sudo: yes
+  become: yes
   notify: restart firewalld
 
 - firewalld: rich_rule='rule service name="ssh" family="ipv4" source address="{{ item }}" accept'
@@ -24,32 +24,32 @@
     - 192.168.0.0/16
     - 172.16.0.0/16
     - 128.91.49.0/24
-  sudo: yes
+  become: yes
   notify: restart firewalld
   when: is_production_vm == True
 
 - firewalld: service=ssh
              permanent=true
              state=disabled
-  sudo: yes
+  become: yes
   notify: restart firewalld
   when: is_production_vm == True
 
 - name: define new icmp types for timestamp responses
   copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml'
         src='{{ item }}.xml'
-  sudo: yes
+  become: yes
   with_items:
     - timestamp-reply
     - timestamp-request
 
 - name: load new icmp types for timestamp responses
   command: firewall-cmd --reload
-  sudo: yes
+  become: yes
 
 - name: disable icmp timestamp responses
   command: firewall-cmd --permanent --zone=public --add-icmp-block={{ item }}
-  sudo: yes
+  become: yes
   with_items:
     - timestamp-reply
     - timestamp-request
@@ -58,4 +58,4 @@
 - name: restart firewalld
   service: name=firewalld
            state=restarted
-  sudo: yes
+  become: yes

roles/easyredmine/tasks/main.yml

@@ -1,15 +1,21 @@
 ---
 
-- include: system.yml tags=system
+- include: system.yml
+  tags: system
 
-- include: firewall.yml tags=firewall
+- include: firewall.yml
+  tags: firewall
 
-- include: database.yml tags=database
+- include: database.yml
+  tags: database
   when: do_database_management == True
 
-- include: redmine.yml tags=redmine
+- include: redmine.yml 
+  tags: redmine
 
-- include: nginx.yml tags=nginx
+- include: nginx.yml 
+  tags: nginx
 
-- include: attachments_storage.yml tags=attachments_storage
+- include: attachments_storage.yml
+  tags: attachments_storage
   when: is_production_vm == True

roles/easyredmine/tasks/nginx.yml

@@ -1,22 +1,22 @@
 - get_url: url=https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
            dest=/etc/yum.repos.d/passenger.repo
-  sudo: yes
+  become: yes
 - rpm_key: key=https://packagecloud.io/gpg.key
-  sudo: yes
+  become: yes
 
 # this makecache is mostly because I can not find any other way to fully
 # import the GPG. key for the Passenger repo. 'rpm --import' is not
 # sufficient.
-- command: yum -q makecache -y --disablerepo='*' --enablerepo='passenger*'
-  sudo: yes
+- command: /usr/bin/yum -q makecache -y --disablerepo='*' --enablerepo='passenger*'
+  become: yes
   changed_when: False
 
 - yum: name=epel-release
-  sudo: yes
+  become: yes
 
 - name: install nginx, passenger
   yum: name='{{ item }}'
-  sudo: yes
+  become: yes
   with_items:
     - nginx
     - passenger
@@ -27,31 +27,31 @@
 # https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score
 - name: generate new Diffie-Hellman group
   command: 'openssl dhparam -out {{ dharam_pem_path }} 2048'
-  sudo: yes
+  become: yes
   notify: restart nginx
   when: dharam_pem.stat.exists == False
 
 - template: dest='/etc/nginx/conf.d/easyredmine.conf'
             src=easyredmine.conf.j2
-  sudo: yes
+  become: yes
   notify: restart nginx
 
 - template: dest='/etc/nginx/nginx.conf'
             src=nginx.conf.j2
-  sudo: yes
+  become: yes
   notify: restart nginx
 
 - template: dest=/etc/nginx/conf.d/passenger.conf
             src=passenger.conf.j2
-  sudo: yes
+  become: yes
   notify: restart nginx
 
 - copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
         src='{{ nginx_pem }}'
-  sudo: yes
+  become: yes
   notify: restart nginx
 
 - service: name=nginx
            state=started
            enabled=yes
-  sudo: yes
+  become: yes

roles/easyredmine/tasks/redmine.yml

@@ -1,6 +1,6 @@
 - name: install redmine package depdendencies
   yum: name='{{ item }}'
-  sudo: yes
+  become: yes
   with_items:
     - mysql-devel
     - unzip
@@ -18,7 +18,7 @@
   gem: name='{{ item }}'
        user_install=no
        executable=/usr/local/bin/gem # RVM's version
-  sudo: yes
+  become: yes
   with_items:
     - bundler
     - redmine-installer
@@ -26,7 +26,7 @@
 - name: installer package is present?
   stat: path='{{ installer_package_path }}'
   register: has_installer_package
-  sudo: no
+  become: no
   changed_when: false
 
 - name: download installer
@@ -35,37 +35,37 @@
            mode=0640
            force=no
   when: has_installer_package.stat.exists == False
-  sudo: no
+  become: no
 
 - name: add redmine installation wrapper script
   template: dest='{{ _redmine_install_wrapper }}'
             src=install_wrapper.j2
             mode=750
-  sudo: no
+  become: no
 
 - name: delete contents of redmine root directory
   file: path='{{ redmine_root_dir }}'
         state=absent
-  sudo: yes
-  when: redmine_db_created|changed
+  become: yes
+  when: redmine_db_created is defined and redmine_db_created|changed
 
 - name: make installation directory
   file: path='{{ redmine_root_dir }}'
         state=directory
         owner='{{ redmine_owner }}'
         mode=755
-  sudo: yes
+  become: yes
   register: mk_redmine_root_dir
 
 - name: run redmine installer
-  shell: 'source ~/.bash_profile && {{ _redmine_install_wrapper }}'
+  shell: 'source ~/.bash_profile && {{ _redmine_install_wrapper }} > ~/install.log'
   when: mk_redmine_root_dir|changed and do_redmine_installer == True
   register: installer_run
-  sudo: no
+  become: no
 
 - copy: dest='/opt/easyredmine/lib/tasks/ebrc_settings.rake'
         src='ebrc_settings.rake'
-  sudo: yes
+  become: yes
 
 - name: restrict config permissions
   file: path='{{ redmine_root_dir }}/config'
@@ -75,7 +75,7 @@
   command: 'rake redmine:ebrc_settings RAILS_ENV=production'
   args:
     chdir: '{{ redmine_root_dir }}'
-  sudo: no
+  become: no
   when: do_redmine_installer == True
 
 - name: adding run_tasks crontab
@@ -83,33 +83,33 @@
         minute="*/15"
         job='cd {{ redmine_root_dir }} && /usr/local/bin/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null'
         user='{{ redmine_owner }}'
-  sudo: yes
+  become: yes
 
 - name: add redmine IMAP fetch script
   template: dest='{{ redmine_root_dir }}/script/redmine_receive_imap'
             src=redmine_receive_imap.j2
             mode=750
-  sudo: no
+  become: no
 
 - name: add redmine repository fetch script
   template: dest='{{ redmine_root_dir }}/script/redmine_fetch_changesets'
             src=redmine_fetch_changesets.j2
             mode=750
-  sudo: no
+  become: no
 
 - name: adding redmine_receive_imap crontab
   cron: name="fetch from imap"
         minute="*/5"
         job="({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap"
         user='{{ redmine_owner }}'
-  sudo: yes
+  become: yes
 
 - name: adding redmine_fetch_changesets crontab
   cron: name="fetch from repository"
         minute="*/5"
         job="({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets"
         user='{{ redmine_owner }}'
-  sudo: yes
+  become: yes
 
 - name: set session cookie as secure
   lineinfile: >

roles/easyredmine/tasks/system.yml

@@ -2,7 +2,7 @@
 
 - name: install system tools
   yum: name='{{ item }}'
-  sudo: yes
+  become: yes
   with_items:
     - rsync
     - strace
@@ -28,13 +28,13 @@
 - service: name=sendmail
            state=started
            enabled=yes
-  sudo: yes
+  become: yes
 
 - name: set up redmine user mail aliases
   lineinfile: >
     dest=/etc/aliases
     regexp="\b{{ redmine_owner }}"
     line="{{ redmine_owner }}: {{ redmine_mail_alias }}"
-  sudo: yes
+  become: yes
   notify: rebuild mail aliases