diff --git a/roles/easyredmine/tasks/attachments_storage.yml b/roles/easyredmine/tasks/attachments_storage.yml index d0de79c..0c76262 100644 --- a/roles/easyredmine/tasks/attachments_storage.yml +++ b/roles/easyredmine/tasks/attachments_storage.yml @@ -7,12 +7,14 @@ # Be sure the UID for the redmine user matches with the # NFS server -- file: +- name: ensure NFS mount dir for Redmine files + file: path: '{{ redmine_files_nfs_mount }}' state: directory become: yes -- mount: +- name: mount dir for Redmine files + mount: name: '{{ redmine_files_nfs_mount }}' src: '{{ redmine_files_nfs_source }}' fstype: nfs diff --git a/roles/easyredmine/tasks/database.yml b/roles/easyredmine/tasks/database.yml index 661dfc5..eda7aa0 100644 --- a/roles/easyredmine/tasks/database.yml +++ b/roles/easyredmine/tasks/database.yml @@ -7,14 +7,15 @@ - mariadb-server - MySQL-python - -- service: +- name: manage MySql/MariaDB database service + service: name: '{{ redmine_db_service_provider }}' state: started enabled: yes become: yes -- mysql_db: +- name: create mysql/mariadb database + mysql_db: name: '{{ redmine_db_name }}' state: present encoding: utf8 @@ -32,7 +33,8 @@ creates: '{{ _redmine_db_import_file }}' when: do_redmine_db_import == True -- stat: +- name: check for successful database import file + stat: path: '{{ _redmine_db_import_success }}' register: redmine_db_import_done when: do_redmine_db_import == True @@ -47,7 +49,8 @@ register: redmine_db_import when: do_redmine_db_import == True and (redmine_db_import_done.stat.exists == False or redmine_db_created|changed) -- file: +- name: create successful database import file + file: path: '{{ _redmine_db_import_success }}' state: touch when: do_redmine_db_import == True and redmine_db_import_done.stat.exists == False and redmine_db_import|success diff --git a/roles/easyredmine/tasks/firewall.yml b/roles/easyredmine/tasks/firewall.yml index 76bdd39..8574987 100644 --- a/roles/easyredmine/tasks/firewall.yml +++ b/roles/easyredmine/tasks/firewall.yml @@ -1,25 +1,29 @@ -- service: +- name: manage firewalld service + service: name: firewalld state: started enabled: yes become: yes -- firewalld: +- name: enable https in firewalld + firewalld: service: https permanent: true state: enabled become: yes notify: restart firewalld -- firewalld: +- name: enable http in firewalld + firewalld: service: http permanent: true state: enabled become: yes notify: restart firewalld -- firewalld: +- name: enable ssh rule in firewalld + firewalld: rich_rule: 'rule service name="ssh" family="ipv4" source address="{{ item }}" accept' permanent: true state: enabled @@ -32,7 +36,8 @@ notify: restart firewalld when: is_production_vm == True -- firewalld: +- name: disable ssh service in firewalld + firewalld: service: ssh permanent: true state: disabled diff --git a/roles/easyredmine/tasks/nginx.yml b/roles/easyredmine/tasks/nginx.yml index 6203e7f..c3f38cc 100644 --- a/roles/easyredmine/tasks/nginx.yml +++ b/roles/easyredmine/tasks/nginx.yml @@ -1,9 +1,11 @@ -- get_url: +- name: set up Passenger YUM repo + get_url: url: https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo dest: /etc/yum.repos.d/passenger.repo become: yes -- rpm_key: +- name: install gpg key for Passenger YUM repo + rpm_key: key: https://packagecloud.io/gpg.key become: yes @@ -12,11 +14,13 @@ # sufficient. # The use of /usr/bin/env is a hack to avoid Ansible's "Consider using # yum module..." warnings when it sees 'yum' as the primary command. -- command: /usr/bin/env yum -q makecache -y --disablerepo='*' --enablerepo='passenger*' +- name: yum makecache + command: /usr/bin/env yum -q makecache -y --disablerepo='*' --enablerepo='passenger*' become: yes changed_when: False -- yum: +- name: install epel-release + yum: name: epel-release become: yes @@ -28,7 +32,8 @@ - nginx - passenger -- stat: +- name: check for dharam pem file + stat: path: '{{ dharam_pem_path }}' register: dharam_pem @@ -39,31 +44,36 @@ notify: restart nginx when: dharam_pem.stat.exists == False -- template: +- name: install easyredmine.conf to Nginx + template: dest: '/etc/nginx/conf.d/easyredmine.conf' src: easyredmine.conf.j2 become: yes notify: restart nginx -- template: +- name: install nginx.conf to Nginx + template: dest: '/etc/nginx/nginx.conf' src: nginx.conf.j2 become: yes notify: restart nginx -- template: +- name: install passenger.conf to Nginx + template: dest: /etc/nginx/conf.d/passenger.conf src: passenger.conf.j2 become: yes notify: restart nginx -- copy: +- name: install TLS cert + copy: dest: '/etc/pki/tls/certs/{{ ansible_fqdn }}.pem' src: '{{ nginx_pem }}' become: yes notify: restart nginx -- service: +- name: manage Nginx service + service: name: nginx state: started enabled: yes diff --git a/roles/easyredmine/tasks/redmine.yml b/roles/easyredmine/tasks/redmine.yml index 1bebee4..f3ee3c5 100644 --- a/roles/easyredmine/tasks/redmine.yml +++ b/roles/easyredmine/tasks/redmine.yml @@ -7,6 +7,7 @@ - unzip - rubygems - ruby-devel + - libuuid-devel - zlib-devel - openssl-devel - gcc-c++ @@ -77,6 +78,7 @@ dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_settings.rake' src: 'ebrc_settings.rake' owner: '{{ redmine_owner }}' + when: do_redmine_installer == True become: yes - name: install ebrc_tasks.rake @@ -84,6 +86,7 @@ dest: '{{ redmine_root_dir }}/lib/tasks/ebrc_tasks.rake' src: 'ebrc_tasks.rake' owner: '{{ redmine_owner }}' + when: do_redmine_installer == True become: yes - name: install additional_environment.rb @@ -92,6 +95,7 @@ src: 'additional_environment.rb' owner: '{{ redmine_owner }}' become: yes + when: do_redmine_installer == True notify: restart nginx - name: create public/assets dir @@ -100,6 +104,7 @@ state: directory owner: '{{ redmine_owner }}' mode: 0755 + when: do_redmine_installer == True become: yes - name: install custom login background image @@ -110,6 +115,7 @@ with_items: - '{{ redmine_root_dir }}/public/plugin_assets/easy_extensions/images/login-bg.jpg' - '{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}' + when: do_redmine_installer == True become: yes - name: create maintenance dir @@ -130,6 +136,7 @@ file: path: '{{ redmine_root_dir }}/config' mode: 0770 + when: do_redmine_installer == True - name: Configuring Redmine with eupath preferences command: 'rake redmine:ebrc_settings RAILS_ENV=production' @@ -144,6 +151,7 @@ minute: "*/15" job: 'cd {{ redmine_root_dir }} && {{ rvm1_install_path }}/wrappers/default/bundle exec rake easyproject:scheduler:run_tasks RAILS_ENV=production > /dev/null' user: '{{ redmine_owner }}' + when: do_redmine_installer == True become: yes - name: add redmine IMAP fetch script @@ -151,6 +159,7 @@ dest: '{{ redmine_root_dir }}/script/redmine_receive_imap' src: redmine_receive_imap.j2 mode: 0750 + when: do_redmine_installer == True become: no - name: add redmine repository fetch script @@ -158,6 +167,7 @@ dest: '{{ redmine_root_dir }}/script/redmine_fetch_changesets' src: redmine_fetch_changesets.j2 mode: 0750 + when: do_redmine_installer == True become: no - name: adding redmine_receive_imap crontab diff --git a/roles/easyredmine/tasks/system.yml b/roles/easyredmine/tasks/system.yml index 2d3fec4..1d85d82 100644 --- a/roles/easyredmine/tasks/system.yml +++ b/roles/easyredmine/tasks/system.yml @@ -27,7 +27,8 @@ - screen - mlocate -- service: +- name: manage sendmail service + service: name: sendmail state: started enabled: yes