From 4bbc137159dccd305b5be60e82018f074646fc36 Mon Sep 17 00:00:00 2001 From: Mark Heiges Date: Wed, 20 Dec 2017 22:47:20 -0500 Subject: [PATCH] refactor task syntax to use yaml dictionary instead of key=value --- config.yml | 12 +- requirements.yml | 2 +- roles/easyredmine/handlers/main.yml | 10 +- .../easyredmine/tasks/attachments_storage.yml | 24 +-- roles/easyredmine/tasks/database.yml | 51 +++--- roles/easyredmine/tasks/firewall.yml | 45 +++--- roles/easyredmine/tasks/nginx.yml | 44 +++-- roles/easyredmine/tasks/redmine.yml | 151 ++++++++++-------- roles/easyredmine/tasks/system.yml | 18 ++- 9 files changed, 204 insertions(+), 153 deletions(-) diff --git a/config.yml b/config.yml index 3d81488..b4661d2 100644 --- a/config.yml +++ b/config.yml @@ -5,9 +5,9 @@ redmine_uid: '' redmine_owner_ssh_pub_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvijH8y7CL9TxWCucjgXRa2q3l0Nc9JW7/SAFHVgt/FYClenS0DMN0nGm1I4z2mtftt8gHz5f6PNqyvfc3F0JcOqiuH9qP79FQ6c8rDmqQEqOuBrufPX11y/9IESIJ0aQ5feQP+WooR6bo/O7BFJS005S3foA/iLphf+smLrW44k= mheiges@sapote.local - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBKXyFF/K1AT52FGrq5Z27guGgHDELy8W8NInAgrDQZQP+U5ORs9wB8SsuD8vyhYy3G2Tz8xAKCxWcFHvuNDv4VIg8D6ge7VMdWHGtbS8UC153dK3mMQ+CMTgJsezqgk0j4/ot7LaQ6yurb8t27TOHeqEdHyB5O/eL6pYntsKqEWQ== mguidry@uga.edu -do_database_management: True -do_redmine_db_import: True # no import unless do_database_management is also true -do_redmine_installer: True +do_database_management: yes +do_redmine_db_import: yes # no import unless do_database_management is also yes +do_redmine_installer: yes remote_scratch_path: /vagrant/scratch nginx_pem: redmine.vm-rsa.pem installer_package_name: easyredmine_2016_stable_u2072_v2016_08_08___2018_00_08_.zip @@ -30,11 +30,11 @@ smtp_domain: smtpdomain smtp_username: smtpuser smtp_password: smtppassword smtp_authentication: plain -smtp_enable_starttls: true +smtp_enable_starttls: yes smtp_openssl_verify_mode: peer swap_add_mb: 512 ruby_version: 2.4.1 -is_production_vm: False +is_production_vm: no redmine_files_nfs_mount: '' # /mnt/redminefiles redmine_files_nfs_source: '' # 171.26.20.75:/srv/easyredmine _redmine_db_import_file: /tmp/redmine_dump.sql @@ -46,5 +46,5 @@ rvm1_rubies: - 'ruby-{{ ruby_version }}' rvm1_bundler_install: yes rvm1_install_path: '/home/{{ redmine_owner }}/.rvm' -rvm1_rvm_check_for_updates: False +rvm1_rvm_check_for_updates: no rvm1_user: '{{ redmine_owner }}' diff --git a/requirements.yml b/requirements.yml index 6d61266..5f5d151 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,2 +1,2 @@ -- src: rvm_io.ruby \ No newline at end of file +- src: rvm_io.ruby diff --git a/roles/easyredmine/handlers/main.yml b/roles/easyredmine/handlers/main.yml index 14b2956..49353db 100644 --- a/roles/easyredmine/handlers/main.yml +++ b/roles/easyredmine/handlers/main.yml @@ -2,13 +2,15 @@ # handlers file for easyredmine - name: restart nginx - service: name=nginx - state=restarted + service: + name: nginx + state: restarted become: yes - name: restart firewalld - service: name=firewalld - state=restarted + service: + name: firewalld + state: restarted become: yes - name: rebuild mail aliases diff --git a/roles/easyredmine/tasks/attachments_storage.yml b/roles/easyredmine/tasks/attachments_storage.yml index 332a172..d0de79c 100644 --- a/roles/easyredmine/tasks/attachments_storage.yml +++ b/roles/easyredmine/tasks/attachments_storage.yml @@ -7,20 +7,22 @@ # Be sure the UID for the redmine user matches with the # NFS server -- file: path='{{ redmine_files_nfs_mount }}' - state=directory +- file: + path: '{{ redmine_files_nfs_mount }}' + state: directory become: yes -- mount: name='{{ redmine_files_nfs_mount }}' - src='{{ redmine_files_nfs_source }}' - fstype=nfs - opts=rsize=32768,wsize=32768,tcp,hard,nointr - state=mounted +- mount: + name: '{{ redmine_files_nfs_mount }}' + src: '{{ redmine_files_nfs_source }}' + fstype: nfs + opts: rsize=32768,wsize=32768,tcp,hard,nointr + state: mounted become: yes - name: set attachments_storage_path in configuration.yml - lineinfile: > - dest='{{ redmine_root_dir }}/config/configuration.yml' - regexp='\s*attachments_storage_path:' - line=' attachments_storage_path: {{ redmine_files_nfs_mount }}' + lineinfile: + dest: '{{ redmine_root_dir }}/config/configuration.yml' + regexp: '\s*attachments_storage_path:' + line: ' attachments_storage_path: {{ redmine_files_nfs_mount }}' notify: restart nginx \ No newline at end of file diff --git a/roles/easyredmine/tasks/database.yml b/roles/easyredmine/tasks/database.yml index 6ea62dc..661dfc5 100644 --- a/roles/easyredmine/tasks/database.yml +++ b/roles/easyredmine/tasks/database.yml @@ -1,5 +1,6 @@ - name: install mysql, mariadb packages - yum: name='{{ item }}' + yum: + name: '{{ item }}' become: yes with_items: - mysql-devel @@ -7,16 +8,18 @@ - MySQL-python -- service: name='{{ redmine_db_service_provider }}' - state=started - enabled=yes +- service: + name: '{{ redmine_db_service_provider }}' + state: started + enabled: yes become: yes -- mysql_db: name='{{ redmine_db_name }}' - state=present - encoding=utf8 - login_user='{{ mysql_admin_login }}' - login_password='{{ mysql_admin_password }}' +- mysql_db: + name: '{{ redmine_db_name }}' + state: present + encoding: utf8 + login_user: '{{ mysql_admin_login }}' + login_password: '{{ mysql_admin_password }}' become: yes register: redmine_db_created @@ -29,28 +32,32 @@ creates: '{{ _redmine_db_import_file }}' when: do_redmine_db_import == True -- stat: path='{{ _redmine_db_import_success }}' +- stat: + path: '{{ _redmine_db_import_success }}' register: redmine_db_import_done when: do_redmine_db_import == True - name: import database - mysql_db: name='{{ redmine_db_name }}' - state=import - target='{{ _redmine_db_import_file }}' - login_user='{{ mysql_admin_login }}' - login_password='{{ mysql_admin_password }}' + mysql_db: + name: '{{ redmine_db_name }}' + state: import + target: '{{ _redmine_db_import_file }}' + login_user: '{{ mysql_admin_login }}' + login_password: '{{ mysql_admin_password }}' register: redmine_db_import when: do_redmine_db_import == True and (redmine_db_import_done.stat.exists == False or redmine_db_created|changed) -- file: path='{{ _redmine_db_import_success }}' - state=touch +- file: + path: '{{ _redmine_db_import_success }}' + state: touch when: do_redmine_db_import == True and redmine_db_import_done.stat.exists == False and redmine_db_import|success - name: create redmine db user - mysql_user: name='{{ redmine_db_user }}' - password='{{ redmine_db_password }}' - append_privs=yes - priv='{{ redmine_db_name }}.*:ALL' - state=present + mysql_user: + name: '{{ redmine_db_user }}' + password: '{{ redmine_db_password }}' + append_privs: yes + priv: '{{ redmine_db_name }}.*:ALL' + state: present become: yes diff --git a/roles/easyredmine/tasks/firewall.yml b/roles/easyredmine/tasks/firewall.yml index 83ce020..76bdd39 100644 --- a/roles/easyredmine/tasks/firewall.yml +++ b/roles/easyredmine/tasks/firewall.yml @@ -1,24 +1,28 @@ -- service: name=firewalld - state=started - enabled=yes +- service: + name: firewalld + state: started + enabled: yes become: yes -- firewalld: service=https - permanent=true - state=enabled +- firewalld: + service: https + permanent: true + state: enabled become: yes notify: restart firewalld -- firewalld: service=http - permanent=true - state=enabled +- firewalld: + service: http + permanent: true + state: enabled become: yes notify: restart firewalld -- firewalld: rich_rule='rule service name="ssh" family="ipv4" source address="{{ item }}" accept' - permanent=true - state=enabled +- firewalld: + rich_rule: 'rule service name="ssh" family="ipv4" source address="{{ item }}" accept' + permanent: true + state: enabled with_items: - 128.192.75.0/24 - 192.168.0.0/16 @@ -28,16 +32,18 @@ notify: restart firewalld when: is_production_vm == True -- firewalld: service=ssh - permanent=true - state=disabled +- firewalld: + service: ssh + permanent: true + state: disabled become: yes notify: restart firewalld when: is_production_vm == True - name: define new icmp types for timestamp responses - copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml' - src='{{ item }}.xml' + copy: + dest: '/etc/firewalld/icmptypes/{{ item }}.xml' + src: '{{ item }}.xml' become: yes with_items: - timestamp-reply @@ -56,6 +62,7 @@ notify: restart firewalld - name: restart firewalld - service: name=firewalld - state=restarted + service: + name: firewalld + state: restarted become: yes diff --git a/roles/easyredmine/tasks/nginx.yml b/roles/easyredmine/tasks/nginx.yml index 58a5dbc..6203e7f 100644 --- a/roles/easyredmine/tasks/nginx.yml +++ b/roles/easyredmine/tasks/nginx.yml @@ -1,8 +1,10 @@ -- get_url: url=https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo - dest=/etc/yum.repos.d/passenger.repo +- get_url: + url: https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo + dest: /etc/yum.repos.d/passenger.repo become: yes -- rpm_key: key=https://packagecloud.io/gpg.key +- rpm_key: + key: https://packagecloud.io/gpg.key become: yes # this makecache is mostly because I can not find any other way to fully @@ -14,17 +16,20 @@ become: yes changed_when: False -- yum: name=epel-release +- yum: + name: epel-release become: yes - name: install nginx, passenger - yum: name='{{ item }}' + yum: + name: '{{ item }}' become: yes with_items: - nginx - passenger -- stat: path='{{ dharam_pem_path }}' +- stat: + path: '{{ dharam_pem_path }}' register: dharam_pem # https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score @@ -34,27 +39,32 @@ notify: restart nginx when: dharam_pem.stat.exists == False -- template: dest='/etc/nginx/conf.d/easyredmine.conf' - src=easyredmine.conf.j2 +- template: + dest: '/etc/nginx/conf.d/easyredmine.conf' + src: easyredmine.conf.j2 become: yes notify: restart nginx -- template: dest='/etc/nginx/nginx.conf' - src=nginx.conf.j2 +- template: + dest: '/etc/nginx/nginx.conf' + src: nginx.conf.j2 become: yes notify: restart nginx -- template: dest=/etc/nginx/conf.d/passenger.conf - src=passenger.conf.j2 +- template: + dest: /etc/nginx/conf.d/passenger.conf + src: passenger.conf.j2 become: yes notify: restart nginx -- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem' - src='{{ nginx_pem }}' +- copy: + dest: '/etc/pki/tls/certs/{{ ansible_fqdn }}.pem' + src: '{{ nginx_pem }}' become: yes notify: restart nginx -- service: name=nginx - state=started - enabled=yes +- service: + name: nginx + state: started + enabled: yes become: yes diff --git a/roles/easyredmine/tasks/redmine.yml b/roles/easyredmine/tasks/redmine.yml index 082b04a..1bebee4 100644 --- a/roles/easyredmine/tasks/redmine.yml +++ b/roles/easyredmine/tasks/redmine.yml @@ -1,5 +1,6 @@ - name: install redmine package depdendencies - yum: name='{{ item }}' + yum: + name: '{{ item }}' become: yes with_items: - mysql-devel @@ -17,45 +18,51 @@ # these gems are not user_install but the RVM path is for local redmine # user so installations are localized to rvm1_install_path (e.g. ~/.rvm) - name: install redmine-installer gem in selected RVM environment - gem: name='{{ item.name }}' - user_install=no - version='{{ item.version }}' - executable='{{ rvm1_install_path }}/wrappers/default/gem' # RVM's version + gem: + name: '{{ item.name }}' + user_install: no + version: '{{ item.version }}' + executable: '{{ rvm1_install_path }}/wrappers/default/gem' # RVM's version become: no with_items: - { name: redmine-installer, version: '' } - name: installer package is present? - stat: path='{{ installer_package_path }}' + stat: + path: '{{ installer_package_path }}' register: has_installer_package become: no changed_when: false - name: download installer - get_url: url='{{ installer_package_url }}' - dest='{{ remote_scratch_path }}' - mode=0640 - force=no + get_url: + url: '{{ installer_package_url }}' + dest: '{{ remote_scratch_path }}' + mode: 0640 + force: no when: has_installer_package.stat.exists == False become: no - name: add redmine installation wrapper script - template: dest='{{ _redmine_install_wrapper }}' - src=install_wrapper.j2 - mode=750 + template: + dest: '{{ _redmine_install_wrapper }}' + src: install_wrapper.j2 + mode: 0750 become: no - name: delete contents of redmine root directory - file: path='{{ redmine_root_dir }}' - state=absent + file: + path: '{{ redmine_root_dir }}' + state: absent become: yes when: redmine_db_created is defined and redmine_db_created|changed - name: make installation directory - file: path='{{ redmine_root_dir }}' - state=directory - owner='{{ redmine_owner }}' - mode=755 + file: + path: '{{ redmine_root_dir }}' + state: directory + owner: '{{ redmine_owner }}' + mode: 0755 become: yes register: mk_redmine_root_dir @@ -66,55 +73,63 @@ become: no - name: install ebrc_settings.rake - copy: dest='{{ redmine_root_dir }}/lib/tasks/ebrc_settings.rake' - src='ebrc_settings.rake' - owner='{{ redmine_owner }}' + copy: + dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_settings.rake' + src: 'ebrc_settings.rake' + owner: '{{ redmine_owner }}' become: yes - name: install ebrc_tasks.rake - copy: dest='{{ redmine_root_dir }}/lib/tasks/ebrc_tasks.rake' - src='ebrc_tasks.rake' - owner='{{ redmine_owner }}' + copy: + dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_tasks.rake' + src: 'ebrc_tasks.rake' + owner: '{{ redmine_owner }}' become: yes - name: install additional_environment.rb - copy: dest='{{ redmine_root_dir }}/config/additional_environment.rb' - src='additional_environment.rb' - owner='{{ redmine_owner }}' + copy: + dest: '{{ redmine_root_dir }}/config/additional_environment.rb' + src: 'additional_environment.rb' + owner: '{{ redmine_owner }}' become: yes notify: restart nginx - name: create public/assets dir - file: path='{{ redmine_root_dir }}/public/assets' - state=directory - owner='{{ redmine_owner }}' - mode=0755 + file: + path: '{{ redmine_root_dir }}/public/assets' + state: directory + owner: '{{ redmine_owner }}' + mode: 0755 become: yes - name: install custom login background image - copy: dest='{{ item }}' - src='{{ easyredmine_login_bg_img }}' - owner='{{ redmine_owner }}' + copy: + dest: '{{ item }}' + src: '{{ easyredmine_login_bg_img }}' + owner: '{{ redmine_owner }}' with_items: - '{{ redmine_root_dir }}/public/plugin_assets/easy_extensions/images/login-bg.jpg' - '{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}' become: yes - name: create maintenance dir - file: path='/usr/share/nginx/html/easyredmine' - state=directory - owner='{{ redmine_owner }}' - mode=0755 + file: + path: '/usr/share/nginx/html/easyredmine' + state: directory + owner: '{{ redmine_owner }}' + mode: 0755 become: yes - name: install maintenance.html - copy: dest=/usr/share/nginx/html/easyredmine/maintenance.html_ - src=maintenance.html_ - owner='{{ redmine_owner }}' + copy: + dest: /usr/share/nginx/html/easyredmine/maintenance.html_ + src: maintenance.html_ + owner: '{{ redmine_owner }}' become: yes - name: restrict config permissions - file: path='{{ redmine_root_dir }}/config' - mode=0770 + file: + path: '{{ redmine_root_dir }}/config' + mode: 0770 - name: Configuring Redmine with eupath preferences command: 'rake redmine:ebrc_settings RAILS_ENV=production' @@ -124,40 +139,46 @@ when: do_redmine_installer == True - name: adding run_tasks crontab - cron: name="redmine tasks" - minute="*/15" - job='cd {{ redmine_root_dir }} && {{ rvm1_install_path }}/wrappers/default/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null' - user='{{ redmine_owner }}' + cron: + name: "redmine tasks" + minute: "*/15" + job: 'cd {{ redmine_root_dir }} && {{ rvm1_install_path }}/wrappers/default/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null' + user: '{{ redmine_owner }}' become: yes - name: add redmine IMAP fetch script - template: dest='{{ redmine_root_dir }}/script/redmine_receive_imap' - src=redmine_receive_imap.j2 - mode=750 + template: + dest: '{{ redmine_root_dir }}/script/redmine_receive_imap' + src: redmine_receive_imap.j2 + mode: 0750 become: no - name: add redmine repository fetch script - template: dest='{{ redmine_root_dir }}/script/redmine_fetch_changesets' - src=redmine_fetch_changesets.j2 - mode=750 + template: + dest: '{{ redmine_root_dir }}/script/redmine_fetch_changesets' + src: redmine_fetch_changesets.j2 + mode: 0750 become: no - name: adding redmine_receive_imap crontab - cron: name="fetch from imap" - minute="*/5" - job="({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap" - user='{{ redmine_owner }}' + cron: + name: "fetch from imap" + minute: "*/5" + job: "({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap" + user: '{{ redmine_owner }}' become: yes - name: adding redmine_fetch_changesets crontab - cron: name="fetch from repository" - minute="*/5" - job="({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets" - user='{{ redmine_owner }}' + cron: + name: "fetch from repository" + minute: "*/5" + job: "({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets" + user: '{{ redmine_owner }}' become: yes - name: adding logrotate - template: dest='/etc/logrotate.d/redmine' - src=redmine_logrotate.j2 - mode=0644 + template: + dest: '/etc/logrotate.d/redmine' + src: redmine_logrotate.j2 + mode: 0644 become: yes diff --git a/roles/easyredmine/tasks/system.yml b/roles/easyredmine/tasks/system.yml index 107ee44..2d3fec4 100644 --- a/roles/easyredmine/tasks/system.yml +++ b/roles/easyredmine/tasks/system.yml @@ -2,7 +2,8 @@ - import_tasks: addswap.yml - name: install system tools - yum: name='{{ item }}' + yum: + name: '{{ item }}' become: yes with_items: - rsync @@ -26,16 +27,17 @@ - screen - mlocate -- service: name=sendmail - state=started - enabled=yes +- service: + name: sendmail + state: started + enabled: yes become: yes - name: set up redmine user mail aliases - lineinfile: > - dest=/etc/aliases - regexp="\b{{ redmine_owner }}" - line="{{ redmine_owner }}: {{ redmine_mail_alias }}" + lineinfile: + dest: /etc/aliases + regexp: "^{{ redmine_owner }}" + line: "{{ redmine_owner }}: {{ redmine_mail_alias }}" become: yes notify: rebuild mail aliases