1
0
mirror of https://github.com/krislamo/vagrant-easyredmine synced 2024-12-16 07:20:36 +00:00

refactor task syntax to use yaml dictionary instead of key=value

This commit is contained in:
Mark Heiges 2017-12-20 22:47:20 -05:00
parent bd0a241c6d
commit 4bbc137159
9 changed files with 204 additions and 153 deletions

View File

@ -5,9 +5,9 @@ redmine_uid: ''
redmine_owner_ssh_pub_keys: redmine_owner_ssh_pub_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvijH8y7CL9TxWCucjgXRa2q3l0Nc9JW7/SAFHVgt/FYClenS0DMN0nGm1I4z2mtftt8gHz5f6PNqyvfc3F0JcOqiuH9qP79FQ6c8rDmqQEqOuBrufPX11y/9IESIJ0aQ5feQP+WooR6bo/O7BFJS005S3foA/iLphf+smLrW44k= mheiges@sapote.local - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvijH8y7CL9TxWCucjgXRa2q3l0Nc9JW7/SAFHVgt/FYClenS0DMN0nGm1I4z2mtftt8gHz5f6PNqyvfc3F0JcOqiuH9qP79FQ6c8rDmqQEqOuBrufPX11y/9IESIJ0aQ5feQP+WooR6bo/O7BFJS005S3foA/iLphf+smLrW44k= mheiges@sapote.local
- ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBKXyFF/K1AT52FGrq5Z27guGgHDELy8W8NInAgrDQZQP+U5ORs9wB8SsuD8vyhYy3G2Tz8xAKCxWcFHvuNDv4VIg8D6ge7VMdWHGtbS8UC153dK3mMQ+CMTgJsezqgk0j4/ot7LaQ6yurb8t27TOHeqEdHyB5O/eL6pYntsKqEWQ== mguidry@uga.edu - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBKXyFF/K1AT52FGrq5Z27guGgHDELy8W8NInAgrDQZQP+U5ORs9wB8SsuD8vyhYy3G2Tz8xAKCxWcFHvuNDv4VIg8D6ge7VMdWHGtbS8UC153dK3mMQ+CMTgJsezqgk0j4/ot7LaQ6yurb8t27TOHeqEdHyB5O/eL6pYntsKqEWQ== mguidry@uga.edu
do_database_management: True do_database_management: yes
do_redmine_db_import: True # no import unless do_database_management is also true do_redmine_db_import: yes # no import unless do_database_management is also yes
do_redmine_installer: True do_redmine_installer: yes
remote_scratch_path: /vagrant/scratch remote_scratch_path: /vagrant/scratch
nginx_pem: redmine.vm-rsa.pem nginx_pem: redmine.vm-rsa.pem
installer_package_name: easyredmine_2016_stable_u2072_v2016_08_08___2018_00_08_.zip installer_package_name: easyredmine_2016_stable_u2072_v2016_08_08___2018_00_08_.zip
@ -30,11 +30,11 @@ smtp_domain: smtpdomain
smtp_username: smtpuser smtp_username: smtpuser
smtp_password: smtppassword smtp_password: smtppassword
smtp_authentication: plain smtp_authentication: plain
smtp_enable_starttls: true smtp_enable_starttls: yes
smtp_openssl_verify_mode: peer smtp_openssl_verify_mode: peer
swap_add_mb: 512 swap_add_mb: 512
ruby_version: 2.4.1 ruby_version: 2.4.1
is_production_vm: False is_production_vm: no
redmine_files_nfs_mount: '' # /mnt/redminefiles redmine_files_nfs_mount: '' # /mnt/redminefiles
redmine_files_nfs_source: '' # 171.26.20.75:/srv/easyredmine redmine_files_nfs_source: '' # 171.26.20.75:/srv/easyredmine
_redmine_db_import_file: /tmp/redmine_dump.sql _redmine_db_import_file: /tmp/redmine_dump.sql
@ -46,5 +46,5 @@ rvm1_rubies:
- 'ruby-{{ ruby_version }}' - 'ruby-{{ ruby_version }}'
rvm1_bundler_install: yes rvm1_bundler_install: yes
rvm1_install_path: '/home/{{ redmine_owner }}/.rvm' rvm1_install_path: '/home/{{ redmine_owner }}/.rvm'
rvm1_rvm_check_for_updates: False rvm1_rvm_check_for_updates: no
rvm1_user: '{{ redmine_owner }}' rvm1_user: '{{ redmine_owner }}'

View File

@ -2,13 +2,15 @@
# handlers file for easyredmine # handlers file for easyredmine
- name: restart nginx - name: restart nginx
service: name=nginx service:
state=restarted name: nginx
state: restarted
become: yes become: yes
- name: restart firewalld - name: restart firewalld
service: name=firewalld service:
state=restarted name: firewalld
state: restarted
become: yes become: yes
- name: rebuild mail aliases - name: rebuild mail aliases

View File

@ -7,20 +7,22 @@
# Be sure the UID for the redmine user matches with the # Be sure the UID for the redmine user matches with the
# NFS server # NFS server
- file: path='{{ redmine_files_nfs_mount }}' - file:
state=directory path: '{{ redmine_files_nfs_mount }}'
state: directory
become: yes become: yes
- mount: name='{{ redmine_files_nfs_mount }}' - mount:
src='{{ redmine_files_nfs_source }}' name: '{{ redmine_files_nfs_mount }}'
fstype=nfs src: '{{ redmine_files_nfs_source }}'
opts=rsize=32768,wsize=32768,tcp,hard,nointr fstype: nfs
state=mounted opts: rsize=32768,wsize=32768,tcp,hard,nointr
state: mounted
become: yes become: yes
- name: set attachments_storage_path in configuration.yml - name: set attachments_storage_path in configuration.yml
lineinfile: > lineinfile:
dest='{{ redmine_root_dir }}/config/configuration.yml' dest: '{{ redmine_root_dir }}/config/configuration.yml'
regexp='\s*attachments_storage_path:' regexp: '\s*attachments_storage_path:'
line=' attachments_storage_path: {{ redmine_files_nfs_mount }}' line: ' attachments_storage_path: {{ redmine_files_nfs_mount }}'
notify: restart nginx notify: restart nginx

View File

@ -1,5 +1,6 @@
- name: install mysql, mariadb packages - name: install mysql, mariadb packages
yum: name='{{ item }}' yum:
name: '{{ item }}'
become: yes become: yes
with_items: with_items:
- mysql-devel - mysql-devel
@ -7,16 +8,18 @@
- MySQL-python - MySQL-python
- service: name='{{ redmine_db_service_provider }}' - service:
state=started name: '{{ redmine_db_service_provider }}'
enabled=yes state: started
enabled: yes
become: yes become: yes
- mysql_db: name='{{ redmine_db_name }}' - mysql_db:
state=present name: '{{ redmine_db_name }}'
encoding=utf8 state: present
login_user='{{ mysql_admin_login }}' encoding: utf8
login_password='{{ mysql_admin_password }}' login_user: '{{ mysql_admin_login }}'
login_password: '{{ mysql_admin_password }}'
become: yes become: yes
register: redmine_db_created register: redmine_db_created
@ -29,28 +32,32 @@
creates: '{{ _redmine_db_import_file }}' creates: '{{ _redmine_db_import_file }}'
when: do_redmine_db_import == True when: do_redmine_db_import == True
- stat: path='{{ _redmine_db_import_success }}' - stat:
path: '{{ _redmine_db_import_success }}'
register: redmine_db_import_done register: redmine_db_import_done
when: do_redmine_db_import == True when: do_redmine_db_import == True
- name: import database - name: import database
mysql_db: name='{{ redmine_db_name }}' mysql_db:
state=import name: '{{ redmine_db_name }}'
target='{{ _redmine_db_import_file }}' state: import
login_user='{{ mysql_admin_login }}' target: '{{ _redmine_db_import_file }}'
login_password='{{ mysql_admin_password }}' login_user: '{{ mysql_admin_login }}'
login_password: '{{ mysql_admin_password }}'
register: redmine_db_import register: redmine_db_import
when: do_redmine_db_import == True and (redmine_db_import_done.stat.exists == False or redmine_db_created|changed) when: do_redmine_db_import == True and (redmine_db_import_done.stat.exists == False or redmine_db_created|changed)
- file: path='{{ _redmine_db_import_success }}' - file:
state=touch path: '{{ _redmine_db_import_success }}'
state: touch
when: do_redmine_db_import == True and redmine_db_import_done.stat.exists == False and redmine_db_import|success when: do_redmine_db_import == True and redmine_db_import_done.stat.exists == False and redmine_db_import|success
- name: create redmine db user - name: create redmine db user
mysql_user: name='{{ redmine_db_user }}' mysql_user:
password='{{ redmine_db_password }}' name: '{{ redmine_db_user }}'
append_privs=yes password: '{{ redmine_db_password }}'
priv='{{ redmine_db_name }}.*:ALL' append_privs: yes
state=present priv: '{{ redmine_db_name }}.*:ALL'
state: present
become: yes become: yes

View File

@ -1,24 +1,28 @@
- service: name=firewalld - service:
state=started name: firewalld
enabled=yes state: started
enabled: yes
become: yes become: yes
- firewalld: service=https - firewalld:
permanent=true service: https
state=enabled permanent: true
state: enabled
become: yes become: yes
notify: restart firewalld notify: restart firewalld
- firewalld: service=http - firewalld:
permanent=true service: http
state=enabled permanent: true
state: enabled
become: yes become: yes
notify: restart firewalld notify: restart firewalld
- firewalld: rich_rule='rule service name="ssh" family="ipv4" source address="{{ item }}" accept' - firewalld:
permanent=true rich_rule: 'rule service name="ssh" family="ipv4" source address="{{ item }}" accept'
state=enabled permanent: true
state: enabled
with_items: with_items:
- 128.192.75.0/24 - 128.192.75.0/24
- 192.168.0.0/16 - 192.168.0.0/16
@ -28,16 +32,18 @@
notify: restart firewalld notify: restart firewalld
when: is_production_vm == True when: is_production_vm == True
- firewalld: service=ssh - firewalld:
permanent=true service: ssh
state=disabled permanent: true
state: disabled
become: yes become: yes
notify: restart firewalld notify: restart firewalld
when: is_production_vm == True when: is_production_vm == True
- name: define new icmp types for timestamp responses - name: define new icmp types for timestamp responses
copy: dest='/etc/firewalld/icmptypes/{{ item }}.xml' copy:
src='{{ item }}.xml' dest: '/etc/firewalld/icmptypes/{{ item }}.xml'
src: '{{ item }}.xml'
become: yes become: yes
with_items: with_items:
- timestamp-reply - timestamp-reply
@ -56,6 +62,7 @@
notify: restart firewalld notify: restart firewalld
- name: restart firewalld - name: restart firewalld
service: name=firewalld service:
state=restarted name: firewalld
state: restarted
become: yes become: yes

View File

@ -1,8 +1,10 @@
- get_url: url=https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo - get_url:
dest=/etc/yum.repos.d/passenger.repo url: https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
dest: /etc/yum.repos.d/passenger.repo
become: yes become: yes
- rpm_key: key=https://packagecloud.io/gpg.key - rpm_key:
key: https://packagecloud.io/gpg.key
become: yes become: yes
# this makecache is mostly because I can not find any other way to fully # this makecache is mostly because I can not find any other way to fully
@ -14,17 +16,20 @@
become: yes become: yes
changed_when: False changed_when: False
- yum: name=epel-release - yum:
name: epel-release
become: yes become: yes
- name: install nginx, passenger - name: install nginx, passenger
yum: name='{{ item }}' yum:
name: '{{ item }}'
become: yes become: yes
with_items: with_items:
- nginx - nginx
- passenger - passenger
- stat: path='{{ dharam_pem_path }}' - stat:
path: '{{ dharam_pem_path }}'
register: dharam_pem register: dharam_pem
# https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score # https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score
@ -34,27 +39,32 @@
notify: restart nginx notify: restart nginx
when: dharam_pem.stat.exists == False when: dharam_pem.stat.exists == False
- template: dest='/etc/nginx/conf.d/easyredmine.conf' - template:
src=easyredmine.conf.j2 dest: '/etc/nginx/conf.d/easyredmine.conf'
src: easyredmine.conf.j2
become: yes become: yes
notify: restart nginx notify: restart nginx
- template: dest='/etc/nginx/nginx.conf' - template:
src=nginx.conf.j2 dest: '/etc/nginx/nginx.conf'
src: nginx.conf.j2
become: yes become: yes
notify: restart nginx notify: restart nginx
- template: dest=/etc/nginx/conf.d/passenger.conf - template:
src=passenger.conf.j2 dest: /etc/nginx/conf.d/passenger.conf
src: passenger.conf.j2
become: yes become: yes
notify: restart nginx notify: restart nginx
- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem' - copy:
src='{{ nginx_pem }}' dest: '/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
src: '{{ nginx_pem }}'
become: yes become: yes
notify: restart nginx notify: restart nginx
- service: name=nginx - service:
state=started name: nginx
enabled=yes state: started
enabled: yes
become: yes become: yes

View File

@ -1,5 +1,6 @@
- name: install redmine package depdendencies - name: install redmine package depdendencies
yum: name='{{ item }}' yum:
name: '{{ item }}'
become: yes become: yes
with_items: with_items:
- mysql-devel - mysql-devel
@ -17,45 +18,51 @@
# these gems are not user_install but the RVM path is for local redmine # these gems are not user_install but the RVM path is for local redmine
# user so installations are localized to rvm1_install_path (e.g. ~/.rvm) # user so installations are localized to rvm1_install_path (e.g. ~/.rvm)
- name: install redmine-installer gem in selected RVM environment - name: install redmine-installer gem in selected RVM environment
gem: name='{{ item.name }}' gem:
user_install=no name: '{{ item.name }}'
version='{{ item.version }}' user_install: no
executable='{{ rvm1_install_path }}/wrappers/default/gem' # RVM's version version: '{{ item.version }}'
executable: '{{ rvm1_install_path }}/wrappers/default/gem' # RVM's version
become: no become: no
with_items: with_items:
- { name: redmine-installer, version: '' } - { name: redmine-installer, version: '' }
- name: installer package is present? - name: installer package is present?
stat: path='{{ installer_package_path }}' stat:
path: '{{ installer_package_path }}'
register: has_installer_package register: has_installer_package
become: no become: no
changed_when: false changed_when: false
- name: download installer - name: download installer
get_url: url='{{ installer_package_url }}' get_url:
dest='{{ remote_scratch_path }}' url: '{{ installer_package_url }}'
mode=0640 dest: '{{ remote_scratch_path }}'
force=no mode: 0640
force: no
when: has_installer_package.stat.exists == False when: has_installer_package.stat.exists == False
become: no become: no
- name: add redmine installation wrapper script - name: add redmine installation wrapper script
template: dest='{{ _redmine_install_wrapper }}' template:
src=install_wrapper.j2 dest: '{{ _redmine_install_wrapper }}'
mode=750 src: install_wrapper.j2
mode: 0750
become: no become: no
- name: delete contents of redmine root directory - name: delete contents of redmine root directory
file: path='{{ redmine_root_dir }}' file:
state=absent path: '{{ redmine_root_dir }}'
state: absent
become: yes become: yes
when: redmine_db_created is defined and redmine_db_created|changed when: redmine_db_created is defined and redmine_db_created|changed
- name: make installation directory - name: make installation directory
file: path='{{ redmine_root_dir }}' file:
state=directory path: '{{ redmine_root_dir }}'
owner='{{ redmine_owner }}' state: directory
mode=755 owner: '{{ redmine_owner }}'
mode: 0755
become: yes become: yes
register: mk_redmine_root_dir register: mk_redmine_root_dir
@ -66,55 +73,63 @@
become: no become: no
- name: install ebrc_settings.rake - name: install ebrc_settings.rake
copy: dest='{{ redmine_root_dir }}/lib/tasks/ebrc_settings.rake' copy:
src='ebrc_settings.rake' dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_settings.rake'
owner='{{ redmine_owner }}' src: 'ebrc_settings.rake'
owner: '{{ redmine_owner }}'
become: yes become: yes
- name: install ebrc_tasks.rake - name: install ebrc_tasks.rake
copy: dest='{{ redmine_root_dir }}/lib/tasks/ebrc_tasks.rake' copy:
src='ebrc_tasks.rake' dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_tasks.rake'
owner='{{ redmine_owner }}' src: 'ebrc_tasks.rake'
owner: '{{ redmine_owner }}'
become: yes become: yes
- name: install additional_environment.rb - name: install additional_environment.rb
copy: dest='{{ redmine_root_dir }}/config/additional_environment.rb' copy:
src='additional_environment.rb' dest: '{{ redmine_root_dir }}/config/additional_environment.rb'
owner='{{ redmine_owner }}' src: 'additional_environment.rb'
owner: '{{ redmine_owner }}'
become: yes become: yes
notify: restart nginx notify: restart nginx
- name: create public/assets dir - name: create public/assets dir
file: path='{{ redmine_root_dir }}/public/assets' file:
state=directory path: '{{ redmine_root_dir }}/public/assets'
owner='{{ redmine_owner }}' state: directory
mode=0755 owner: '{{ redmine_owner }}'
mode: 0755
become: yes become: yes
- name: install custom login background image - name: install custom login background image
copy: dest='{{ item }}' copy:
src='{{ easyredmine_login_bg_img }}' dest: '{{ item }}'
owner='{{ redmine_owner }}' src: '{{ easyredmine_login_bg_img }}'
owner: '{{ redmine_owner }}'
with_items: with_items:
- '{{ redmine_root_dir }}/public/plugin_assets/easy_extensions/images/login-bg.jpg' - '{{ redmine_root_dir }}/public/plugin_assets/easy_extensions/images/login-bg.jpg'
- '{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}' - '{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}'
become: yes become: yes
- name: create maintenance dir - name: create maintenance dir
file: path='/usr/share/nginx/html/easyredmine' file:
state=directory path: '/usr/share/nginx/html/easyredmine'
owner='{{ redmine_owner }}' state: directory
mode=0755 owner: '{{ redmine_owner }}'
mode: 0755
become: yes become: yes
- name: install maintenance.html - name: install maintenance.html
copy: dest=/usr/share/nginx/html/easyredmine/maintenance.html_ copy:
src=maintenance.html_ dest: /usr/share/nginx/html/easyredmine/maintenance.html_
owner='{{ redmine_owner }}' src: maintenance.html_
owner: '{{ redmine_owner }}'
become: yes become: yes
- name: restrict config permissions - name: restrict config permissions
file: path='{{ redmine_root_dir }}/config' file:
mode=0770 path: '{{ redmine_root_dir }}/config'
mode: 0770
- name: Configuring Redmine with eupath preferences - name: Configuring Redmine with eupath preferences
command: 'rake redmine:ebrc_settings RAILS_ENV=production' command: 'rake redmine:ebrc_settings RAILS_ENV=production'
@ -124,40 +139,46 @@
when: do_redmine_installer == True when: do_redmine_installer == True
- name: adding run_tasks crontab - name: adding run_tasks crontab
cron: name="redmine tasks" cron:
minute="*/15" name: "redmine tasks"
job='cd {{ redmine_root_dir }} && {{ rvm1_install_path }}/wrappers/default/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null' minute: "*/15"
user='{{ redmine_owner }}' job: 'cd {{ redmine_root_dir }} && {{ rvm1_install_path }}/wrappers/default/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null'
user: '{{ redmine_owner }}'
become: yes become: yes
- name: add redmine IMAP fetch script - name: add redmine IMAP fetch script
template: dest='{{ redmine_root_dir }}/script/redmine_receive_imap' template:
src=redmine_receive_imap.j2 dest: '{{ redmine_root_dir }}/script/redmine_receive_imap'
mode=750 src: redmine_receive_imap.j2
mode: 0750
become: no become: no
- name: add redmine repository fetch script - name: add redmine repository fetch script
template: dest='{{ redmine_root_dir }}/script/redmine_fetch_changesets' template:
src=redmine_fetch_changesets.j2 dest: '{{ redmine_root_dir }}/script/redmine_fetch_changesets'
mode=750 src: redmine_fetch_changesets.j2
mode: 0750
become: no become: no
- name: adding redmine_receive_imap crontab - name: adding redmine_receive_imap crontab
cron: name="fetch from imap" cron:
minute="*/5" name: "fetch from imap"
job="({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap" minute: "*/5"
user='{{ redmine_owner }}' job: "({{ redmine_root_dir }}/script/redmine_receive_imap 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_receive_imap"
user: '{{ redmine_owner }}'
become: yes become: yes
- name: adding redmine_fetch_changesets crontab - name: adding redmine_fetch_changesets crontab
cron: name="fetch from repository" cron:
minute="*/5" name: "fetch from repository"
job="({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets" minute: "*/5"
user='{{ redmine_owner }}' job: "({{ redmine_root_dir }}/script/redmine_fetch_changesets 2>&1 | sed '/install RDoc/d') >> {{ redmine_root_dir }}/log/redmine_fetch_changesets"
user: '{{ redmine_owner }}'
become: yes become: yes
- name: adding logrotate - name: adding logrotate
template: dest='/etc/logrotate.d/redmine' template:
src=redmine_logrotate.j2 dest: '/etc/logrotate.d/redmine'
mode=0644 src: redmine_logrotate.j2
mode: 0644
become: yes become: yes

View File

@ -2,7 +2,8 @@
- import_tasks: addswap.yml - import_tasks: addswap.yml
- name: install system tools - name: install system tools
yum: name='{{ item }}' yum:
name: '{{ item }}'
become: yes become: yes
with_items: with_items:
- rsync - rsync
@ -26,16 +27,17 @@
- screen - screen
- mlocate - mlocate
- service: name=sendmail - service:
state=started name: sendmail
enabled=yes state: started
enabled: yes
become: yes become: yes
- name: set up redmine user mail aliases - name: set up redmine user mail aliases
lineinfile: > lineinfile:
dest=/etc/aliases dest: /etc/aliases
regexp="\b{{ redmine_owner }}" regexp: "^{{ redmine_owner }}"
line="{{ redmine_owner }}: {{ redmine_mail_alias }}" line: "{{ redmine_owner }}: {{ redmine_mail_alias }}"
become: yes become: yes
notify: rebuild mail aliases notify: rebuild mail aliases