Replace the include module with include_tasks or import_tasks

The behaviour of the `include` module is badly defined (it try to choose
between statically importing the tasks and dynamically including them)
and can cause problems depending on any number of constraints (mostly if
it choose the wrong behaviour).

Replace it with the `import_tasks` (always statically import tasks) unless
the `include` is in a loop in which case we replace it with
`include_tasks` (always dynamically include tasks).

CHANGELOG.md

@@ -33,6 +33,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * generate-ldif: Correct generated entries for php-fpm in containers
 * redis: Remount /usr with RW before adding nagios plugin
 * postfix: Do not send mails through milters a second time after amavis (in packmail)
+* Replace use of the `include` module with the `import_tasks` or `include_tasks` module to prevent bug due to faulty behaviour choice on the part of ansible
 
 ### Removed
 

apache/tasks/auth.yml

@@ -12,7 +12,7 @@
     - apache
 
 - name: Load IP whitelist task
-  include: ip_whitelist.yml
+  import_tasks: ip_whitelist.yml
 
 - name: include private IP whitelist for server-status
   lineinfile:

apache/tasks/main.yml

@@ -109,7 +109,7 @@
   tags:
     - apache
 
-- include: auth.yml
+- import_tasks: auth.yml
   tags:
   - apache
 
@@ -134,7 +134,7 @@
   tags:
     - apache
 
-- include: server_status.yml
+- import_tasks: server_status.yml
   tags:
     - apache
 
@@ -199,12 +199,12 @@
   tags:
     - apache
 
-- include: log2mail.yml
+- import_tasks: log2mail.yml
   when: apache_log2mail_include
   tags:
     - apache
 
-- include: munin.yml
+- import_tasks: munin.yml
   when: apache_munin_include | bool
   tags:
     - apache

apt/tasks/main.yml

@@ -9,31 +9,31 @@
     - apt
 
 - name: Custom configuration
-  include: config.yml
+  import_tasks: config.yml
   when: apt_config | bool
   tags:
     - apt
 
 - name: Install basics repositories
-  include: basics.yml
+  import_tasks: basics.yml
   when: apt_install_basics | bool
   tags:
     - apt
 
 - name: Install APT Backports repository
-  include: backports.yml
+  import_tasks: backports.yml
   when: apt_install_backports | bool
   tags:
     - apt
 
 - name: Install Evolix Public APT repository
-  include: evolix_public.yml
+  import_tasks: evolix_public.yml
   when: apt_install_evolix_public | bool
   tags:
     - apt
 
 - name: Install check for packages marked hold
-  include: hold_packages.yml
+  import_tasks: hold_packages.yml
   when: apt_install_hold_packages | bool
   tags:
     - apt

bind/tasks/main.yml

@@ -126,4 +126,4 @@
     force: yes
   notify: restart bind
 
-- include: munin.yml
+- import_tasks: munin.yml

certbot/tasks/main.yml

@@ -8,18 +8,18 @@
     msg: only compatible with Debian 9+
 
 - name: Install legacy script on Debian 8
-  include: install-legacy.yml
+  import_tasks: install-legacy.yml
   when:
     - ansible_distribution == "Debian"
     - ansible_distribution_major_version is version('9', '<')
 
 - name: Install package on Debian 9+
-  include: install-package.yml
+  import_tasks: install-package.yml
   when:
     - ansible_distribution == "Debian"
     - ansible_distribution_major_version is version('9', '>=')
 
-- include: acme-challenge.yml
+- import_tasks: acme-challenge.yml
 
 - name: Deploy hooks are present
   copy:

docker-host/tasks/main.yml

@@ -24,7 +24,7 @@
     update_cache: no
     filename: docker.list
 
-- include: jessie_backports.yml
+- import_tasks: jessie_backports.yml
   when: ansible_distribution_release == 'jessie'
 
 - name: Add Docker's official GPG key

dovecot/tasks/main.yml

@@ -78,7 +78,7 @@
   tags:
   - dovecot
 
-- include: munin.yml
+- import_tasks: munin.yml
   tags:
   - dovecot
 

drbd/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: nagios.yml
+- import_tasks: nagios.yml

elasticsearch/tasks/main.yml

@@ -1,21 +1,21 @@
 ---
 
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: configuration.yml
+- import_tasks: configuration.yml
 
-- include: bootstrap_checks.yml
+- import_tasks: bootstrap_checks.yml
 
-- include: tmpdir.yml
+- import_tasks: tmpdir.yml
 
-- include: datadir.yml
+- import_tasks: datadir.yml
 
-- include: logs.yml
+- import_tasks: logs.yml
 
-- include: additional_scripts.yml
+- import_tasks: additional_scripts.yml
 
-- include: plugin_head.yml
+- import_tasks: plugin_head.yml
   when: elasticsearch_plugin_head | bool
 
-- include: curator.yml
+- import_tasks: curator.yml
   when: elasticsearch_curator | bool

etc-git/tasks/main.yml

@@ -21,7 +21,7 @@
   tags:
     - etc-git
 
-- include: repository.yml
+- import_tasks: repository.yml
   vars:
     repository_path: "/etc"
     gitignore_items:
@@ -38,7 +38,7 @@
     path: /usr/share/scripts
   register: _usr_share_scripts
 
-- include: repository.yml
+- import_tasks: repository.yml
   vars:
     repository_path: "/usr/share/scripts"
     gitignore_items: []

evoacme/tasks/main.yml

@@ -8,16 +8,16 @@
     msg: only compatible with Debian >= 9
   when: not (evoacme_disable_debian_check | bool)
 
-- include: certbot.yml
+- import_tasks: certbot.yml
 
-- include: permissions.yml
+- import_tasks: permissions.yml
 
 # Enable this task if you want to deploy hooks
-# - include: evoacme_hook.yml
+# - include_tasks: evoacme_hook.yml
 #   vars:
 #     hook_name: "{{ item }}"
 #   loop: []
 
-- include: conf.yml
+- import_tasks: conf.yml
 
-- include: scripts.yml
+- import_tasks: scripts.yml

evobackup-client/tasks/main.yml

@@ -1,26 +1,26 @@
 ---
 
-- include: "ssh_key.yml"
+- import_tasks: "ssh_key.yml"
   tags:
     - evobackup_client
     - evobackup_client_backup_ssh_key
 
-- include: "jail.yml"
+- import_tasks: "jail.yml"
   tags:
     - evobackup_client
     - evobackup_client_jail
 
-- include: "upload_scripts.yml"
+- import_tasks: "upload_scripts.yml"
   tags:
     - evobackup_client
     - evobackup_client_backup_scripts
 
-- include: "open_ssh_ports.yml"
+- import_tasks: "open_ssh_ports.yml"
   tags:
     - evobackup_client
     - evobackup_client_backup_firewall
 
-- include: "verify_ssh.yml"
+- import_tasks: "verify_ssh.yml"
   tags:
     - evobackup_client
     - evobackup_client_backup_hosts

evocheck/tasks/main.yml

@@ -7,7 +7,7 @@
     - evocheck_force_install is defined
     - evocheck_force_install == "package"
 
-- include: install.yml
+- import_tasks: install.yml
 
-- include: cron.yml
+- import_tasks: cron.yml
   when: evocheck_update_crontab | bool

evolinux-base/tasks/main.yml

@@ -23,27 +23,27 @@
   when: evolinux_etcgit_include | bool
 
 - name: /etc/evolinux base
-  include: etc-evolinux.yml
+  import_tasks: etc-evolinux.yml
   when: evolinux_etcevolinux_include | bool
 
 - name: Hostname
-  include: hostname.yml
+  import_tasks: hostname.yml
   when: evolinux_hostname_include | bool
 
 - name: Kernel tuning
-  include: kernel.yml
+  import_tasks: kernel.yml
   when: evolinux_kernel_include | bool
 
 - name: Fstab configuration
-  include: fstab.yml
+  import_tasks: fstab.yml
   when: evolinux_fstab_include | bool
 
 - name: Packages
-  include: packages.yml
+  import_tasks: packages.yml
   when: evolinux_packages_include | bool
 
 - name: System settings
-  include: system.yml
+  import_tasks: system.yml
   when: evolinux_system_include | bool
 
 - name: Minifirewall
@@ -57,7 +57,7 @@
   when: evolinux_evomaintenance_include | bool
 
 - name: SSH configuration
-  include: ssh.yml
+  import_tasks: ssh.yml
   when: evolinux_ssh_include | bool
 
 ### disabled because of a memory leak
@@ -67,41 +67,41 @@
 #   when: evolinux_users_include
 
 - name: Root user configuration
-  include: root.yml
+  import_tasks: root.yml
   when: evolinux_root_include | bool
 
 - name: Postfix
-  include: postfix.yml
+  import_tasks: postfix.yml
   when: evolinux_postfix_include | bool
 
 - name: Logs management
-  include: logs.yml
+  import_tasks: logs.yml
   when: evolinux_logs_include | bool
 
 - name: Default index page
-  include: default_www.yml
+  import_tasks: default_www.yml
   when: evolinux_default_www_include | bool
 
 - name: Hardware drivers and tools
-  include: hardware.yml
+  import_tasks: hardware.yml
   when: evolinux_hardware_include | bool
 
 - name: Customize for Online.net
-  include: provider_online.yml
+  import_tasks: provider_online.yml
   when: evolinux_provider_online_include | bool
 
 - name: Customize for Orange FCE
-  include: provider_orange_fce.yml
+  import_tasks: provider_orange_fce.yml
   when: evolinux_provider_orange_fce_include | bool
 
 - name: Override Log2mail service
-  include: log2mail.yml
+  import_tasks: log2mail.yml
   when: evolinux_log2mail_include | bool
 
-- include: motd.yml
+- import_tasks: motd.yml
   when: evolinux_motd_include | bool
 
-- include: utils.yml
+- import_tasks: utils.yml
 
 - name: Munin
   include_role:
@@ -133,6 +133,6 @@
     name: evolix/generate-ldif
   when: evolinux_generateldif_include | bool
 
-- include: top.yml
+- import_tasks: top.yml
 
-- include: htop.yml
+- import_tasks: htop.yml

evolinux-users/tasks/main.yml

@@ -12,15 +12,15 @@
   when: evolinux_users | length == 0
 
 - name: Create user accounts
-  include: user.yml
+  include_tasks: user.yml
   vars:
     user: "{{ item.value }}"
   loop: "{{ evolinux_users | dict2items }}"
   when: evolinux_users | length > 0
 
 - name: Configure sudo
-  include: sudo.yml
+  import_tasks: sudo.yml
 
 - name: Configure SSH
-  include: ssh.yml
+  import_tasks: ssh.yml
   when: evolinux_users | length > 0

evolinux-users/tasks/ssh.yml

@@ -40,12 +40,12 @@
     var: ssh_allowusers
     verbosity: 1
 
-- include: ssh_allowgroups.yml
+- import_tasks: ssh_allowgroups.yml
   when:
     - ssh_allowgroups
     - not ssh_allowusers
 
-- include: ssh_allowusers.yml
+- include_tasks: ssh_allowusers.yml
   vars:
     user: "{{ item.value }}"
   loop: "{{ evolinux_users | dict2items }}"

evolinux-users/tasks/sudo.yml

@@ -1,6 +1,6 @@
 ---
 
-- include: sudo_jessie.yml
+- include_tasks: sudo_jessie.yml
   vars:
     user: "{{ item.value }}"
   loop: "{{ evolinux_users | dict2items }}"
@@ -10,9 +10,9 @@
 
 
 - block:
-  - include: sudo_stretch_common.yml
+  - import_tasks: sudo_stretch_common.yml
 
-  - include: sudo_stretch_user.yml
+  - include_tasks: sudo_stretch_user.yml
     vars:
       user: "{{ item.value }}"
     loop: "{{ evolinux_users | dict2items }}"

evomaintenance/tasks/main.yml

@@ -1,24 +1,24 @@
 ---
 
-- include: install_package_debian.yml
+- import_tasks: install_package_debian.yml
   when:
     - not (evomaintenance_install_vendor | bool)
     - ansible_distribution == "Debian"
 
-- include: install_vendor_debian.yml
+- import_tasks: install_vendor_debian.yml
   when:
     - evomaintenance_install_vendor | bool
     - ansible_distribution == "Debian"
 
-- include: install_vendor_other.yml
+- import_tasks: install_vendor_other.yml
   when:
     - evomaintenance_install_vendor | bool
     - ansible_distribution != "Debian"
 
 
-- include: config.yml
+- import_tasks: config.yml
 
-- include: minifirewall.yml
+- import_tasks: minifirewall.yml
   when:
     - evomaintenance_hook_db | bool
     - ansible_distribution == "Debian"

fail2ban/handlers/main.yml

@@ -3,8 +3,11 @@
   service:
     name: fail2ban
     state: restarted
+  tags:
+    - fail2ban
 
 - name: restart munin-node
   service:
     name: munin-node
     state: restarted
+  tags: fail2ban

fail2ban/tasks/main.yml

@@ -31,7 +31,7 @@
     - fail2ban
 
 - name: Include ignoredips update task
-  include: ip_whitelist.yml
+  import_tasks: ip_whitelist.yml
   when: fail2ban_force_update_ignore_ips | bool
   tags:
     - fail2ban

haproxy/tasks/main.yml

@@ -83,7 +83,7 @@
     - config
     - update-config
 
-- include: packages_backports.yml
+- import_tasks: packages_backports.yml
   when: haproxy_backports | bool
 
 - name: Install HAProxy package
@@ -134,4 +134,4 @@
     - haproxy
     - logrotate
 
-- include: munin.yml
+- import_tasks: munin.yml

java/tasks/main.yml

@@ -3,8 +3,8 @@
 #     msg: "This role support only java 8 for now !"
 #   when: java_version != 8
 
-- include: openjdk.yml
+- import_tasks: openjdk.yml
   when: java_alternative == 'openjdk'
 
-- include: oracle.yml
+- import_tasks: oracle.yml
   when: java_alternative == 'oracle'

kibana/tasks/main.yml

@@ -136,7 +136,7 @@
 #       - optimize
 #       - data
 
-- include: proxy_nginx.yml
+- import_tasks: proxy_nginx.yml
   when: kibana_proxy_nginx | bool
   tags:
     - kibana

kvm-host/tasks/main.yml

@@ -5,12 +5,12 @@
   when: kvm_install_drbd
 
 ## TODO: check why it's disabled
-- include: ssh.yml
+- import_tasks: ssh.yml
 
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: images.yml
+- import_tasks: images.yml
 
-- include: tools.yml
+- import_tasks: tools.yml

ldap/tasks/main.yml

@@ -16,11 +16,11 @@
   notify: restart slapd
 
 - name: ldapvirc file
-  include: ldapvirc.yml
+  import_tasks: ldapvirc.yml
 
 - name: nagios config file for LDAP
-  include: nagios.yml
+  import_tasks: nagios.yml
 
 - name: initialize database
-  include: init.yml
+  import_tasks: init.yml
   when: not root_ldapvirc_path.stat.exists

logstash/tasks/main.yml

@@ -105,6 +105,6 @@
     var: logstash_template
     verbosity: 1
 
-- include: logs.yml
+- import_tasks: logs.yml
 
-- include: tmpdir.yml
+- import_tasks: tmpdir.yml

lxc-php/tasks/main.yml

@@ -9,22 +9,22 @@
     name: "{{ lxc_php_version }}"
     container_command: "apt-get update"
 
-- include: "php56.yml"
+- import_tasks: "php56.yml"
   when: lxc_php_version == "php56"
 
-- include: "php70.yml"
+- import_tasks: "php70.yml"
   when: lxc_php_version == "php70"
 
-- include: "php73.yml"
+- import_tasks: "php73.yml"
   when: lxc_php_version == "php73"
 
-- include: "php74.yml"
+- import_tasks: "php74.yml"
   when: lxc_php_version == "php74"
 
-- include: "php80.yml"
+- import_tasks: "php80.yml"
   when: lxc_php_version == "php80"
 
-- include: "php81.yml"
+- import_tasks: "php81.yml"
   when: lxc_php_version == "php81"
 
-- include: "misc.yml"
+- import_tasks: "misc.yml"

lxc-php/tasks/php56.yml

@@ -17,4 +17,4 @@
   loop_control:
     loop_var: line_item
 
-- include: "mail_ssmtp.yml"
+- import_tasks: "mail_ssmtp.yml"

lxc-php/tasks/php70.yml

@@ -17,4 +17,4 @@
   loop_control:
     loop_var: line_item
 
-- include: "mail_opensmtpd.yml"
+- import_tasks: "mail_opensmtpd.yml"

lxc-php/tasks/php73.yml

@@ -17,4 +17,4 @@
   loop_control:
     loop_var: line_item
 
-- include: "mail_opensmtpd.yml"
+- import_tasks: "mail_opensmtpd.yml"

lxc-php/tasks/php74.yml

@@ -23,4 +23,4 @@
   loop_control:
     loop_var: line_item
 
-- include: "mail_opensmtpd.yml"
+- import_tasks: "mail_opensmtpd.yml"

lxc-php/tasks/php80.yml

@@ -60,4 +60,4 @@
   loop_control:
     loop_var: line_item
 
-- include: "mail_opensmtpd.yml"
+- import_tasks: "mail_opensmtpd.yml"

lxc/tasks/main.yml

@@ -50,7 +50,7 @@
   failed_when: "check_var.rc == 0"
 
 - name: Create containers
-  include: create-container.yml
+  include_tasks: create-container.yml
   vars:
     name: "{{ item.name }}"
     release: "{{ item.release }}"

memcached/tasks/main.yml

@@ -69,6 +69,6 @@
     - memcached
   when: memcached_instance_name | length > 0
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml

minifirewall/tasks/main.yml

@@ -9,16 +9,16 @@
     msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
   when: minifirewall_main_file is defined
 
-- include: install.yml
+- import_tasks: install.yml
 
-- include: config.yml
+- import_tasks: config.yml
   when: minifirewall_update_config | bool
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
 
-- include: activate.yml
+- import_tasks: activate.yml
 
-- include: tail.yml
+- import_tasks: tail.yml
   when: minifirewall_tail_included | bool
 
 - name: Force restart minifirewall

mongodb/tasks/main.yml

@@ -1,13 +1,13 @@
 ---
 
-- include: main_jessie.yml
+- import_tasks: main_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: main_stretch.yml
+- import_tasks: main_stretch.yml
   when: ansible_distribution_release == "stretch"
 
-- include: main_buster.yml
+- import_tasks: main_buster.yml
   when: ansible_distribution_release == "buster"
 
-- include: main_bullseye.yml
+- import_tasks: main_bullseye.yml
   when: ansible_distribution_major_version is version('11', '>=')

mysql-oracle/tasks/main.yml

@@ -3,20 +3,20 @@
 - set_fact:
     mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
 
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: users.yml
+- import_tasks: users.yml
 
-- include: config.yml
+- import_tasks: config.yml
 
-- include: datadir.yml
+- import_tasks: datadir.yml
 
-- include: tmpdir.yml
+- import_tasks: tmpdir.yml
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: log2mail.yml
+- import_tasks: log2mail.yml
 
-- include: utils.yml
+- import_tasks: utils.yml

mysql/tasks/main.yml

@@ -4,44 +4,44 @@
   set_fact:
     mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
 
-- include: packages_stretch.yml
+- import_tasks: packages_stretch.yml
   when: ansible_distribution_major_version is version('9', '>=')
 
-- include: packages_jessie.yml
+- import_tasks: packages_jessie.yml
   when: ansible_distribution_release == "jessie"
 
 ## There is nothing to do with users on Debian 11 - yet we need a /root/.my.cnf for compatibility
-- include: users_bullseye.yml
+- import_tasks: users_bullseye.yml
   when: ansible_distribution_release == "bullseye"
 
-- include: users_buster.yml
+- import_tasks: users_buster.yml
   when: ansible_distribution_release == "buster"
 
-- include: users_stretch.yml
+- import_tasks: users_stretch.yml
   when: ansible_distribution_release == "stretch"
 
-- include: users_jessie.yml
+- import_tasks: users_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: config_stretch.yml
+- import_tasks: config_stretch.yml
   when: ansible_distribution_major_version is version('9', '>=')
 
-- include: config_jessie.yml
+- import_tasks: config_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: replication.yml
+- import_tasks: replication.yml
   when: mysql_replication | bool
 
-- include: datadir.yml
+- import_tasks: datadir.yml
 
-- include: logdir.yml
+- import_tasks: logdir.yml
 
-- include: tmpdir.yml
+- import_tasks: tmpdir.yml
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: log2mail.yml
+- import_tasks: log2mail.yml
 
-- include: utils.yml
+- import_tasks: utils.yml

networkd-to-ifconfig/tasks/main.yml

@@ -21,10 +21,10 @@
     set_fact:
       eni_interface_name: "{{ ansible_default_ipv4.interface }}"
 
-  - include: set_facts_from_systemd.yml
+  - import_tasks: set_facts_from_systemd.yml
     when: systemd_network_file.stat.exists
 
-  - include: set_facts_from_ansible.yml
+  - import_tasks: set_facts_from_ansible.yml
     when: not systemd_network_file.stat.exists
 
   - name: Check config (IPv4)

newrelic/tasks/main.yml

@@ -1,9 +1,9 @@
 ---
 
-- include: sources.yml
+- import_tasks: sources.yml
 
-- include: php.yml
+- import_tasks: php.yml
   when: newrelic_php | bool
 
-- include: sysmond.yml
+- import_tasks: sysmond.yml
   when: newrelic_sysmond | bool

nginx/tasks/main.yml

@@ -8,9 +8,9 @@
     msg: "Nginx minimal mode has been set, using minimal mode."
   when: nginx_minimal | bool
 
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: server_status_read.yml
+- import_tasks: server_status_read.yml
   tags:
     - nginx
 
@@ -64,7 +64,7 @@
     - ips
 
 - name: Include IP address whitelist task
-  include: ip_whitelist.yml
+  import_tasks: ip_whitelist.yml
 
 - name: Copy evolinux_server_custom 
   copy:
@@ -134,7 +134,7 @@
   tags:
     - nginx
 
-- include: server_status_write.yml
+- import_tasks: server_status_write.yml
   tags:
     - nginx
 
@@ -155,16 +155,16 @@
     - nginx
     - munin
 
-- include: munin_vhost.yml
+- import_tasks: munin_vhost.yml
   when: stat_munin_node.stat.exists
   tags:
     - nginx
     - munin
 
-- include: munin_graphs.yml
+- import_tasks: munin_graphs.yml
   when: stat_munin_node.stat.exists
   tags:
     - nginx
     - munin
 
-- include: logrotate.yml
+- import_tasks: logrotate.yml

nginx/tasks/packages.yml

@@ -4,7 +4,7 @@
     nginx_default_package_name: nginx-light
   when: nginx_minimal | bool
 
-- include: packages_backports.yml
+- import_tasks: packages_backports.yml
   when: nginx_backports | bool
 
 # TODO: install "nginx" + only necessary modules, instead of "nginx-full"

nodejs/tasks/main.yml

@@ -61,5 +61,5 @@
     - packages
     - nodejs
 
-- include: yarn.yml
+- import_tasks: yarn.yml
   when: nodejs_install_yarn | bool

openvpn/tasks/main.yml

@@ -6,10 +6,10 @@
     msg: "Only compatible with Debian and OpenBSD"
 
 - name: Include Debian version
-  include: debian.yml
+  import_tasks: debian.yml
   when: ansible_distribution == "Debian"
 
 - name: Include OpenBSD version
-  include: openbsd.yml
+  import_tasks: openbsd.yml
   when: ansible_distribution == "OpenBSD"
 

packweb-apache/tasks/main.yml

@@ -82,13 +82,13 @@
     regexp: '^DIR_MODE='
     line: 'DIR_MODE=0750'
 
-- include: apache.yml
+- import_tasks: apache.yml
 
-- include: phpmyadmin.yml
+- import_tasks: phpmyadmin.yml
 
-- include: awstats.yml
+- import_tasks: awstats.yml
 
-- include: fhs_retrictions.yml
+- import_tasks: fhs_retrictions.yml
   when: packweb_fhs_retrictions | bool
 
 - name: Periodically cache ftp directory sizes for ftpadmin.sh
@@ -97,5 +97,5 @@
     special_time: daily
     job: "/usr/share/scripts/evoadmin/stats.sh"
 
-- include: multiphp.yml
+- import_tasks: multiphp.yml
   when: packweb_multiphp_versions | length > 0

percona/tasks/main.yml

@@ -61,5 +61,5 @@
     update_cache: yes
   when: percona__apt_config_deb is changed
 
-- include: xtrabackup.yml
+- import_tasks: xtrabackup.yml
   when: percona__install_xtrabackup | bool

php/tasks/main.yml

@@ -7,14 +7,14 @@
       - ansible_distribution_major_version is version('11', '<=')
     msg: This is only compatible with Debian 8 → 11
 
-- include: main_jessie.yml
+- import_tasks: main_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: main_stretch.yml
+- import_tasks: main_stretch.yml
   when: ansible_distribution_release == "stretch"
 
-- include: main_buster.yml
+- import_tasks: main_buster.yml
   when: ansible_distribution_release == "buster"
 
-- include: main_bullseye.yml
+- import_tasks: main_bullseye.yml
   when: ansible_distribution_release == "bullseye"

php/tasks/main_bullseye.yml

@@ -34,7 +34,7 @@
       - composer
       - libphp-phpmailer
 
-- include: sury_pre.yml
+- import_tasks: sury_pre.yml
   when: php_sury_enable
 
 - name: "Install PHP packages (Debian 11)"
@@ -68,13 +68,13 @@
     - /etc/php
     - /etc/php/7.4
 
-- include: config_cli.yml
+- import_tasks: config_cli.yml
 - name: "Enforce permissions on PHP cli directory (Debian 11)"
   file:
     dest: /etc/php/7.4/cli
     mode: "0755"
 
-- include: config_fpm.yml
+- import_tasks: config_fpm.yml
   when: php_fpm_enable
 
 - name: "Enforce permissions on PHP fpm directory (Debian 11)"
@@ -83,7 +83,7 @@
     mode: "0755"
   when: php_fpm_enable
 
-- include: config_apache.yml
+- import_tasks: config_apache.yml
   when: php_apache_enable
 
 - name: "Enforce permissions on PHP apache2 directory (Debian 11)"
@@ -92,5 +92,5 @@
     mode: "0755"
   when: php_apache_enable
 
-- include: sury_post.yml
+- import_tasks: sury_post.yml
   when: php_sury_enable

php/tasks/main_buster.yml

@@ -35,7 +35,7 @@
       - composer
       - libphp-phpmailer
 
-- include: sury_pre.yml
+- import_tasks: sury_pre.yml
   when: php_sury_enable | bool
 
 - name: "Install PHP packages (Debian 10)"
@@ -69,13 +69,13 @@
     - /etc/php
     - /etc/php/7.3
 
-- include: config_cli.yml
+- import_tasks: config_cli.yml
 - name: "Enforce permissions on PHP cli directory (Debian 10)"
   file:
     dest: /etc/php/7.3/cli
     mode: "0755"
 
-- include: config_fpm.yml
+- import_tasks: config_fpm.yml
   when: php_fpm_enable | bool
 
 - name: "Enforce permissions on PHP fpm directory (Debian 10)"
@@ -84,7 +84,7 @@
     mode: "0755"
   when: php_fpm_enable | bool
 
-- include: config_apache.yml
+- import_tasks: config_apache.yml
   when: php_apache_enable | bool
 
 - name: "Enforce permissions on PHP apache2 directory (Debian 10)"
@@ -93,5 +93,5 @@
     mode: "0755"
   when: php_apache_enable | bool
 
-- include: sury_post.yml
+- import_tasks: sury_post.yml
   when: php_sury_enable | bool

php/tasks/main_jessie.yml

@@ -57,14 +57,14 @@
     dest: /etc/php5
     mode: "0755"
 
-- include: config_cli.yml
+- import_tasks: config_cli.yml
 
 - name: Enforce permissions on PHP cli directory (Debian 8)
   file:
     dest: /etc/php5/cli
     mode: "0755"
 
-- include: config_fpm.yml
+- import_tasks: config_fpm.yml
   when: php_fpm_enable | bool
 
 - name: Enforce permissions on PHP fpm directory (Debian 8)
@@ -73,7 +73,7 @@
     mode: "0755"
   when: php_fpm_enable | bool
 
-- include: config_apache.yml
+- import_tasks: config_apache.yml
   when: php_apache_enable | bool
 
 - name: Enforce permissions on PHP apache2 directory (Debian 8)

php/tasks/main_stretch.yml

@@ -35,7 +35,7 @@
       - composer
       - libphp-phpmailer
 
-- include: sury_pre.yml
+- import_tasks: sury_pre.yml
   when: php_sury_enable | bool
 
 - name: "Install PHP packages (Debian 9)"
@@ -69,14 +69,14 @@
     - /etc/php
     - /etc/php/7.0
 
-- include: config_cli.yml
+- import_tasks: config_cli.yml
 
 - name: "Enforce permissions on PHP cli directory (Debian 9)"
   file:
     dest: /etc/php/7.0/cli
     mode: "0755"
 
-- include: config_fpm.yml
+- import_tasks: config_fpm.yml
   when: php_fpm_enable | bool
 
 - name: "Enforce permissions on PHP fpm directory (Debian 9)"
@@ -85,7 +85,7 @@
     mode: "0755"
   when: php_fpm_enable | bool
 
-- include: config_apache.yml
+- import_tasks: config_apache.yml
   when: php_apache_enable | bool
 
 - name: "Enforce permissions on PHP apache2 directory (Debian 9)"
@@ -94,5 +94,5 @@
     mode: "0755"
   when: php_apache_enable | bool
 
-- include: sury_post.yml
+- import_tasks: sury_post.yml
   when: php_sury_enable | bool

postfix/tasks/main.yml

@@ -1,12 +1,12 @@
 ---
 
-- include: common.yml
+- import_tasks: common.yml
 
-- include: minimal.yml
+- import_tasks: minimal.yml
   when: not (postfix_packmail | bool)
 
-- include: packmail.yml
+- import_tasks: packmail.yml
   when: postfix_packmail | bool
 
-- include: slow_transport.yml
+- import_tasks: slow_transport.yml
   when: postfix_slow_transport_include | bool

postgresql/tasks/main.yml

@@ -1,25 +1,25 @@
 ---
-- include: locales.yml
+- import_tasks: locales.yml
 
-- include: packages_jessie.yml
+- import_tasks: packages_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: packages_stretch.yml
+- import_tasks: packages_stretch.yml
   when: ansible_distribution_release == "stretch"
 
-- include: packages_buster.yml
+- import_tasks: packages_buster.yml
   when: ansible_distribution_release == "buster"
 
-- include: packages_bullseye.yml
+- import_tasks: packages_bullseye.yml
   when: ansible_distribution_major_version is version('11', '>=')
 
-- include: config.yml
+- import_tasks: config.yml
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
 
-- include: munin.yml
+- import_tasks: munin.yml
 
-- include: logrotate.yml
+- import_tasks: logrotate.yml
 
-- include: postgis.yml
+- import_tasks: postgis.yml
   when: postgresql_install_postgis | bool

postgresql/tasks/packages_bullseye.yml

@@ -5,7 +5,7 @@
     postgresql_version: '13'
   when: postgresql_version is none or postgresql_version | length == 0
 
-- include: pgdg-repo.yml
+- import_tasks: pgdg-repo.yml
   when: postgresql_version != '13'
 
 - name: Install postgresql package

postgresql/tasks/packages_buster.yml

@@ -5,7 +5,7 @@
     postgresql_version: '11'
   when: postgresql_version is none or postgresql_version | length == 0
 
-- include: pgdg-repo.yml
+- import_tasks: pgdg-repo.yml
   when: postgresql_version != '11'
 
 - name: Install postgresql package

postgresql/tasks/packages_jessie.yml

@@ -5,7 +5,7 @@
     postgresql_version: '9.4'
   when: postgresql_version is none or postgresql_version | length == 0
 
-- include: pgdg-repo.yml
+- import_tasks: pgdg-repo.yml
   when: postgresql_version != '9.4'
 
 - name: Install postgresql package

postgresql/tasks/packages_stretch.yml

@@ -5,7 +5,7 @@
     postgresql_version: '9.6'
   when: postgresql_version is none or postgresql_version | length == 0
 
-- include: pgdg-repo.yml
+- import_tasks: pgdg-repo.yml
   when: postgresql_version != '9.6'
 
 - name: Install postgresql package

proftpd/tasks/accounts.yml

@@ -1,5 +1,5 @@
 ---
-- include: accounts_password.yml
+- include_tasks: accounts_password.yml
   when: item.password is undefined
   loop: "{{ proftpd_accounts }}"
   tags:

proftpd/tasks/main.yml

@@ -79,5 +79,5 @@
   tags:
     - proftpd
 
-- include: accounts.yml
+- import_tasks: accounts.yml
   when: proftpd_accounts | length > 0

rabbitmq/tasks/main.yml

@@ -34,7 +34,7 @@
   tags:
     - nrpe
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
   when: nrpe_evolix_config.stat.exists
 
 - name: is Munin present ?
@@ -45,5 +45,5 @@
   tags:
     - nrpe
 
-- include: munin.yml
+- import_tasks: munin.yml
   when: etc_munin_directory.stat.exists

redis/tasks/main.yml

@@ -56,11 +56,11 @@
   when: redis_instance_name is defined
 
 - name: configure Redis for default mode
-  include: default-server.yml
+  import_tasks: default-server.yml
   when: redis_instance_name is not defined
 
 - name: configure Redis for instance mode
-  include: instance-server.yml
+  import_tasks: instance-server.yml
   when: redis_instance_name is defined
 
 - name: Is Munin installed
@@ -72,7 +72,7 @@
     - munin
 
 - name: configure Munin for default mode
-  include: default-munin.yml
+  import_tasks: default-munin.yml
   when:
     - _munin_installed.stat.exists
     - _munin_installed.stat.isdir
@@ -82,7 +82,7 @@
     - munin
 
 - name: configure Munin for instance mode
-  include: instance-munin.yml
+  import_tasks: instance-munin.yml
   when:
     - _munin_installed.stat.exists
     - _munin_installed.stat.isdir
@@ -100,7 +100,7 @@
     - log2mail
 
 - name: configure log2mail for default mode
-  include: default-log2mail.yml
+  import_tasks: default-log2mail.yml
   when:
     - _log2mail_installed.stat.exists
     - _log2mail_installed.stat.isdir
@@ -110,7 +110,7 @@
     - log2mail
 
 - name: configure log2mail for instance mode
-  include: instance-log2mail.yml
+  import_tasks: instance-log2mail.yml
   when:
     - _log2mail_installed.stat.exists
     - _log2mail_installed.stat.isdir
@@ -128,7 +128,7 @@
     - redis
     - nrpe
 
-- include: nrpe.yml
+- import_tasks: nrpe.yml
   when: nrpe_evolix_config.stat.exists
   tags:
     - redis

redmine/tasks/main.yml

@@ -1,13 +1,13 @@
 ---
-- include: packages.yml
+- import_tasks: packages.yml
-- include: syslog.yml
+- import_tasks: syslog.yml
-- include: user.yml
+- import_tasks: user.yml
 - include_role:
     name: evolix/rbenv
   vars:
     - username: "{{ redmine_user }}"
-- include: config.yml
+- import_tasks: config.yml
-- include: mysql.yml
+- import_tasks: mysql.yml
-- include: source.yml
+- import_tasks: source.yml
-- include: release.yml
+- import_tasks: release.yml
-- include: nginx.yml
+- import_tasks: nginx.yml

squid/tasks/main.yml

@@ -152,15 +152,15 @@
   notify: "reload squid"
   when: ansible_distribution_major_version is version('9', '>=')
 
-- include: systemd.yml
+- import_tasks: systemd.yml
   when: ansible_distribution_major_version is version('10', '>=')
 
-- include: logrotate_jessie.yml
+- import_tasks: logrotate_jessie.yml
   when: ansible_distribution_release == "jessie"
 
-- include: logrotate_stretch.yml
+- import_tasks: logrotate_stretch.yml
   when: ansible_distribution_major_version is version('9', '>=')
 
-- include: minifirewall.yml
+- import_tasks: minifirewall.yml
 
-- include: log2mail.yml
+- import_tasks: log2mail.yml

ssl/tasks/main.yml

@@ -39,5 +39,5 @@
   tags:
     - ssl
 
-- include: haproxy.yml
+- import_tasks: haproxy.yml
   when: haproxy_check.rc == 0

tomcat-instance/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
-- include: check.yml
+- import_tasks: check.yml
-- include: user.yml
+- import_tasks: user.yml
-- include: systemd.yml
+- import_tasks: systemd.yml
-- include: alias.yml
+- import_tasks: alias.yml
-- include: bootstrap.yml
+- import_tasks: bootstrap.yml

tomcat/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: nagios.yml
+- import_tasks: nagios.yml

varnish/tasks/main.yml

@@ -126,4 +126,4 @@
     - config
     - update-config
 
-- include: munin.yml
+- import_tasks: munin.yml

webapps/evoadmin-mail/tasks/main.yml

@@ -15,12 +15,12 @@
   tags:
     - evoadmin-mail
 
-- include: ssl.yml
+- import_tasks: ssl.yml
 
-- include: apache.yml
+- import_tasks: apache.yml
   when: evoadminmail_webserver == "apache"
 
-- include: nginx.yml
+- import_tasks: nginx.yml
   when: evoadminmail_webserver == "nginx"
 
 - name: enable evoadmin-mail link in default site index

webapps/evoadmin-web/tasks/main.yml

@@ -5,17 +5,17 @@
     msg: Please configure var evoadmin_contact_email
   when: evoadmin_contact_email is none or evoadmin_contact_email | length == 0
 
-- include: packages.yml
+- import_tasks: packages.yml
 
-- include: user.yml
+- import_tasks: user.yml
 
-- include: config.yml
+- import_tasks: config.yml
 
-- include: ssl.yml
+- import_tasks: ssl.yml
 
-- include: web.yml
+- import_tasks: web.yml
 
-- include: ftp.yml
+- import_tasks: ftp.yml
 
 - name: enable evoadmin-web link in default site index
   blockinfile:

webapps/nextcloud/tasks/main.yml

@@ -41,12 +41,12 @@
     - nextcloud
   when: ansible_python_version is version('3', '>=')
 
-- include: user.yml
+- import_tasks: user.yml
 
-- include: archive.yml
+- import_tasks: archive.yml
 
-- include: vhost.yml
+- import_tasks: vhost.yml
 
-- include: mysql.yml
+- import_tasks: mysql.yml
 
-- include: config.yml
+- import_tasks: config.yml