forked from evolix/ansible-roles
Replace the include
module with include_tasks
or import_tasks
The behaviour of the `include` module is badly defined (it try to choose between statically importing the tasks and dynamically including them) and can cause problems depending on any number of constraints (mostly if it choose the wrong behaviour). Replace it with the `import_tasks` (always statically import tasks) unless the `include` is in a loop in which case we replace it with `include_tasks` (always dynamically include tasks).
This commit is contained in:
parent
ef50defc0a
commit
956ecd4700
|
@ -33,6 +33,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* generate-ldif: Correct generated entries for php-fpm in containers
|
* generate-ldif: Correct generated entries for php-fpm in containers
|
||||||
* redis: Remount /usr with RW before adding nagios plugin
|
* redis: Remount /usr with RW before adding nagios plugin
|
||||||
* postfix: Do not send mails through milters a second time after amavis (in packmail)
|
* postfix: Do not send mails through milters a second time after amavis (in packmail)
|
||||||
|
* Replace use of the `include` module with the `import_tasks` or `include_tasks` module to prevent bug due to faulty behaviour choice on the part of ansible
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Load IP whitelist task
|
- name: Load IP whitelist task
|
||||||
include: ip_whitelist.yml
|
import_tasks: ip_whitelist.yml
|
||||||
|
|
||||||
- name: include private IP whitelist for server-status
|
- name: include private IP whitelist for server-status
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
|
|
@ -109,7 +109,7 @@
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: auth.yml
|
- import_tasks: auth.yml
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
|
@ -134,7 +134,7 @@
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: server_status.yml
|
- import_tasks: server_status.yml
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
|
@ -199,12 +199,12 @@
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: log2mail.yml
|
- import_tasks: log2mail.yml
|
||||||
when: apache_log2mail_include
|
when: apache_log2mail_include
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
when: apache_munin_include | bool
|
when: apache_munin_include | bool
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -9,31 +9,31 @@
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Custom configuration
|
- name: Custom configuration
|
||||||
include: config.yml
|
import_tasks: config.yml
|
||||||
when: apt_config | bool
|
when: apt_config | bool
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Install basics repositories
|
- name: Install basics repositories
|
||||||
include: basics.yml
|
import_tasks: basics.yml
|
||||||
when: apt_install_basics | bool
|
when: apt_install_basics | bool
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Install APT Backports repository
|
- name: Install APT Backports repository
|
||||||
include: backports.yml
|
import_tasks: backports.yml
|
||||||
when: apt_install_backports | bool
|
when: apt_install_backports | bool
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Install Evolix Public APT repository
|
- name: Install Evolix Public APT repository
|
||||||
include: evolix_public.yml
|
import_tasks: evolix_public.yml
|
||||||
when: apt_install_evolix_public | bool
|
when: apt_install_evolix_public | bool
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
- name: Install check for packages marked hold
|
- name: Install check for packages marked hold
|
||||||
include: hold_packages.yml
|
import_tasks: hold_packages.yml
|
||||||
when: apt_install_hold_packages | bool
|
when: apt_install_hold_packages | bool
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
|
@ -126,4 +126,4 @@
|
||||||
force: yes
|
force: yes
|
||||||
notify: restart bind
|
notify: restart bind
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
|
@ -8,18 +8,18 @@
|
||||||
msg: only compatible with Debian 9+
|
msg: only compatible with Debian 9+
|
||||||
|
|
||||||
- name: Install legacy script on Debian 8
|
- name: Install legacy script on Debian 8
|
||||||
include: install-legacy.yml
|
import_tasks: install-legacy.yml
|
||||||
when:
|
when:
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
- ansible_distribution_major_version is version('9', '<')
|
- ansible_distribution_major_version is version('9', '<')
|
||||||
|
|
||||||
- name: Install package on Debian 9+
|
- name: Install package on Debian 9+
|
||||||
include: install-package.yml
|
import_tasks: install-package.yml
|
||||||
when:
|
when:
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
- ansible_distribution_major_version is version('9', '>=')
|
- ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: acme-challenge.yml
|
- import_tasks: acme-challenge.yml
|
||||||
|
|
||||||
- name: Deploy hooks are present
|
- name: Deploy hooks are present
|
||||||
copy:
|
copy:
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
update_cache: no
|
update_cache: no
|
||||||
filename: docker.list
|
filename: docker.list
|
||||||
|
|
||||||
- include: jessie_backports.yml
|
- import_tasks: jessie_backports.yml
|
||||||
when: ansible_distribution_release == 'jessie'
|
when: ansible_distribution_release == 'jessie'
|
||||||
|
|
||||||
- name: Add Docker's official GPG key
|
- name: Add Docker's official GPG key
|
||||||
|
|
|
@ -78,7 +78,7 @@
|
||||||
tags:
|
tags:
|
||||||
- dovecot
|
- dovecot
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
tags:
|
tags:
|
||||||
- dovecot
|
- dovecot
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: nagios.yml
|
- import_tasks: nagios.yml
|
||||||
|
|
|
@ -1,21 +1,21 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: configuration.yml
|
- import_tasks: configuration.yml
|
||||||
|
|
||||||
- include: bootstrap_checks.yml
|
- import_tasks: bootstrap_checks.yml
|
||||||
|
|
||||||
- include: tmpdir.yml
|
- import_tasks: tmpdir.yml
|
||||||
|
|
||||||
- include: datadir.yml
|
- import_tasks: datadir.yml
|
||||||
|
|
||||||
- include: logs.yml
|
- import_tasks: logs.yml
|
||||||
|
|
||||||
- include: additional_scripts.yml
|
- import_tasks: additional_scripts.yml
|
||||||
|
|
||||||
- include: plugin_head.yml
|
- import_tasks: plugin_head.yml
|
||||||
when: elasticsearch_plugin_head | bool
|
when: elasticsearch_plugin_head | bool
|
||||||
|
|
||||||
- include: curator.yml
|
- import_tasks: curator.yml
|
||||||
when: elasticsearch_curator | bool
|
when: elasticsearch_curator | bool
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
tags:
|
tags:
|
||||||
- etc-git
|
- etc-git
|
||||||
|
|
||||||
- include: repository.yml
|
- import_tasks: repository.yml
|
||||||
vars:
|
vars:
|
||||||
repository_path: "/etc"
|
repository_path: "/etc"
|
||||||
gitignore_items:
|
gitignore_items:
|
||||||
|
@ -38,7 +38,7 @@
|
||||||
path: /usr/share/scripts
|
path: /usr/share/scripts
|
||||||
register: _usr_share_scripts
|
register: _usr_share_scripts
|
||||||
|
|
||||||
- include: repository.yml
|
- import_tasks: repository.yml
|
||||||
vars:
|
vars:
|
||||||
repository_path: "/usr/share/scripts"
|
repository_path: "/usr/share/scripts"
|
||||||
gitignore_items: []
|
gitignore_items: []
|
||||||
|
|
|
@ -8,16 +8,16 @@
|
||||||
msg: only compatible with Debian >= 9
|
msg: only compatible with Debian >= 9
|
||||||
when: not (evoacme_disable_debian_check | bool)
|
when: not (evoacme_disable_debian_check | bool)
|
||||||
|
|
||||||
- include: certbot.yml
|
- import_tasks: certbot.yml
|
||||||
|
|
||||||
- include: permissions.yml
|
- import_tasks: permissions.yml
|
||||||
|
|
||||||
# Enable this task if you want to deploy hooks
|
# Enable this task if you want to deploy hooks
|
||||||
# - include: evoacme_hook.yml
|
# - include_tasks: evoacme_hook.yml
|
||||||
# vars:
|
# vars:
|
||||||
# hook_name: "{{ item }}"
|
# hook_name: "{{ item }}"
|
||||||
# loop: []
|
# loop: []
|
||||||
|
|
||||||
- include: conf.yml
|
- import_tasks: conf.yml
|
||||||
|
|
||||||
- include: scripts.yml
|
- import_tasks: scripts.yml
|
||||||
|
|
|
@ -1,26 +1,26 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: "ssh_key.yml"
|
- import_tasks: "ssh_key.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_ssh_key
|
- evobackup_client_backup_ssh_key
|
||||||
|
|
||||||
- include: "jail.yml"
|
- import_tasks: "jail.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_jail
|
- evobackup_client_jail
|
||||||
|
|
||||||
- include: "upload_scripts.yml"
|
- import_tasks: "upload_scripts.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_scripts
|
- evobackup_client_backup_scripts
|
||||||
|
|
||||||
- include: "open_ssh_ports.yml"
|
- import_tasks: "open_ssh_ports.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_firewall
|
- evobackup_client_backup_firewall
|
||||||
|
|
||||||
- include: "verify_ssh.yml"
|
- import_tasks: "verify_ssh.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_hosts
|
- evobackup_client_backup_hosts
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
- evocheck_force_install is defined
|
- evocheck_force_install is defined
|
||||||
- evocheck_force_install == "package"
|
- evocheck_force_install == "package"
|
||||||
|
|
||||||
- include: install.yml
|
- import_tasks: install.yml
|
||||||
|
|
||||||
- include: cron.yml
|
- import_tasks: cron.yml
|
||||||
when: evocheck_update_crontab | bool
|
when: evocheck_update_crontab | bool
|
||||||
|
|
|
@ -23,27 +23,27 @@
|
||||||
when: evolinux_etcgit_include | bool
|
when: evolinux_etcgit_include | bool
|
||||||
|
|
||||||
- name: /etc/evolinux base
|
- name: /etc/evolinux base
|
||||||
include: etc-evolinux.yml
|
import_tasks: etc-evolinux.yml
|
||||||
when: evolinux_etcevolinux_include | bool
|
when: evolinux_etcevolinux_include | bool
|
||||||
|
|
||||||
- name: Hostname
|
- name: Hostname
|
||||||
include: hostname.yml
|
import_tasks: hostname.yml
|
||||||
when: evolinux_hostname_include | bool
|
when: evolinux_hostname_include | bool
|
||||||
|
|
||||||
- name: Kernel tuning
|
- name: Kernel tuning
|
||||||
include: kernel.yml
|
import_tasks: kernel.yml
|
||||||
when: evolinux_kernel_include | bool
|
when: evolinux_kernel_include | bool
|
||||||
|
|
||||||
- name: Fstab configuration
|
- name: Fstab configuration
|
||||||
include: fstab.yml
|
import_tasks: fstab.yml
|
||||||
when: evolinux_fstab_include | bool
|
when: evolinux_fstab_include | bool
|
||||||
|
|
||||||
- name: Packages
|
- name: Packages
|
||||||
include: packages.yml
|
import_tasks: packages.yml
|
||||||
when: evolinux_packages_include | bool
|
when: evolinux_packages_include | bool
|
||||||
|
|
||||||
- name: System settings
|
- name: System settings
|
||||||
include: system.yml
|
import_tasks: system.yml
|
||||||
when: evolinux_system_include | bool
|
when: evolinux_system_include | bool
|
||||||
|
|
||||||
- name: Minifirewall
|
- name: Minifirewall
|
||||||
|
@ -57,7 +57,7 @@
|
||||||
when: evolinux_evomaintenance_include | bool
|
when: evolinux_evomaintenance_include | bool
|
||||||
|
|
||||||
- name: SSH configuration
|
- name: SSH configuration
|
||||||
include: ssh.yml
|
import_tasks: ssh.yml
|
||||||
when: evolinux_ssh_include | bool
|
when: evolinux_ssh_include | bool
|
||||||
|
|
||||||
### disabled because of a memory leak
|
### disabled because of a memory leak
|
||||||
|
@ -67,41 +67,41 @@
|
||||||
# when: evolinux_users_include
|
# when: evolinux_users_include
|
||||||
|
|
||||||
- name: Root user configuration
|
- name: Root user configuration
|
||||||
include: root.yml
|
import_tasks: root.yml
|
||||||
when: evolinux_root_include | bool
|
when: evolinux_root_include | bool
|
||||||
|
|
||||||
- name: Postfix
|
- name: Postfix
|
||||||
include: postfix.yml
|
import_tasks: postfix.yml
|
||||||
when: evolinux_postfix_include | bool
|
when: evolinux_postfix_include | bool
|
||||||
|
|
||||||
- name: Logs management
|
- name: Logs management
|
||||||
include: logs.yml
|
import_tasks: logs.yml
|
||||||
when: evolinux_logs_include | bool
|
when: evolinux_logs_include | bool
|
||||||
|
|
||||||
- name: Default index page
|
- name: Default index page
|
||||||
include: default_www.yml
|
import_tasks: default_www.yml
|
||||||
when: evolinux_default_www_include | bool
|
when: evolinux_default_www_include | bool
|
||||||
|
|
||||||
- name: Hardware drivers and tools
|
- name: Hardware drivers and tools
|
||||||
include: hardware.yml
|
import_tasks: hardware.yml
|
||||||
when: evolinux_hardware_include | bool
|
when: evolinux_hardware_include | bool
|
||||||
|
|
||||||
- name: Customize for Online.net
|
- name: Customize for Online.net
|
||||||
include: provider_online.yml
|
import_tasks: provider_online.yml
|
||||||
when: evolinux_provider_online_include | bool
|
when: evolinux_provider_online_include | bool
|
||||||
|
|
||||||
- name: Customize for Orange FCE
|
- name: Customize for Orange FCE
|
||||||
include: provider_orange_fce.yml
|
import_tasks: provider_orange_fce.yml
|
||||||
when: evolinux_provider_orange_fce_include | bool
|
when: evolinux_provider_orange_fce_include | bool
|
||||||
|
|
||||||
- name: Override Log2mail service
|
- name: Override Log2mail service
|
||||||
include: log2mail.yml
|
import_tasks: log2mail.yml
|
||||||
when: evolinux_log2mail_include | bool
|
when: evolinux_log2mail_include | bool
|
||||||
|
|
||||||
- include: motd.yml
|
- import_tasks: motd.yml
|
||||||
when: evolinux_motd_include | bool
|
when: evolinux_motd_include | bool
|
||||||
|
|
||||||
- include: utils.yml
|
- import_tasks: utils.yml
|
||||||
|
|
||||||
- name: Munin
|
- name: Munin
|
||||||
include_role:
|
include_role:
|
||||||
|
@ -133,6 +133,6 @@
|
||||||
name: evolix/generate-ldif
|
name: evolix/generate-ldif
|
||||||
when: evolinux_generateldif_include | bool
|
when: evolinux_generateldif_include | bool
|
||||||
|
|
||||||
- include: top.yml
|
- import_tasks: top.yml
|
||||||
|
|
||||||
- include: htop.yml
|
- import_tasks: htop.yml
|
||||||
|
|
|
@ -12,15 +12,15 @@
|
||||||
when: evolinux_users | length == 0
|
when: evolinux_users | length == 0
|
||||||
|
|
||||||
- name: Create user accounts
|
- name: Create user accounts
|
||||||
include: user.yml
|
include_tasks: user.yml
|
||||||
vars:
|
vars:
|
||||||
user: "{{ item.value }}"
|
user: "{{ item.value }}"
|
||||||
loop: "{{ evolinux_users | dict2items }}"
|
loop: "{{ evolinux_users | dict2items }}"
|
||||||
when: evolinux_users | length > 0
|
when: evolinux_users | length > 0
|
||||||
|
|
||||||
- name: Configure sudo
|
- name: Configure sudo
|
||||||
include: sudo.yml
|
import_tasks: sudo.yml
|
||||||
|
|
||||||
- name: Configure SSH
|
- name: Configure SSH
|
||||||
include: ssh.yml
|
import_tasks: ssh.yml
|
||||||
when: evolinux_users | length > 0
|
when: evolinux_users | length > 0
|
||||||
|
|
|
@ -40,12 +40,12 @@
|
||||||
var: ssh_allowusers
|
var: ssh_allowusers
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
|
|
||||||
- include: ssh_allowgroups.yml
|
- import_tasks: ssh_allowgroups.yml
|
||||||
when:
|
when:
|
||||||
- ssh_allowgroups
|
- ssh_allowgroups
|
||||||
- not ssh_allowusers
|
- not ssh_allowusers
|
||||||
|
|
||||||
- include: ssh_allowusers.yml
|
- include_tasks: ssh_allowusers.yml
|
||||||
vars:
|
vars:
|
||||||
user: "{{ item.value }}"
|
user: "{{ item.value }}"
|
||||||
loop: "{{ evolinux_users | dict2items }}"
|
loop: "{{ evolinux_users | dict2items }}"
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: sudo_jessie.yml
|
- include_tasks: sudo_jessie.yml
|
||||||
vars:
|
vars:
|
||||||
user: "{{ item.value }}"
|
user: "{{ item.value }}"
|
||||||
loop: "{{ evolinux_users | dict2items }}"
|
loop: "{{ evolinux_users | dict2items }}"
|
||||||
|
@ -10,9 +10,9 @@
|
||||||
|
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- include: sudo_stretch_common.yml
|
- import_tasks: sudo_stretch_common.yml
|
||||||
|
|
||||||
- include: sudo_stretch_user.yml
|
- include_tasks: sudo_stretch_user.yml
|
||||||
vars:
|
vars:
|
||||||
user: "{{ item.value }}"
|
user: "{{ item.value }}"
|
||||||
loop: "{{ evolinux_users | dict2items }}"
|
loop: "{{ evolinux_users | dict2items }}"
|
||||||
|
|
|
@ -1,24 +1,24 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: install_package_debian.yml
|
- import_tasks: install_package_debian.yml
|
||||||
when:
|
when:
|
||||||
- not (evomaintenance_install_vendor | bool)
|
- not (evomaintenance_install_vendor | bool)
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
|
|
||||||
- include: install_vendor_debian.yml
|
- import_tasks: install_vendor_debian.yml
|
||||||
when:
|
when:
|
||||||
- evomaintenance_install_vendor | bool
|
- evomaintenance_install_vendor | bool
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
|
|
||||||
- include: install_vendor_other.yml
|
- import_tasks: install_vendor_other.yml
|
||||||
when:
|
when:
|
||||||
- evomaintenance_install_vendor | bool
|
- evomaintenance_install_vendor | bool
|
||||||
- ansible_distribution != "Debian"
|
- ansible_distribution != "Debian"
|
||||||
|
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
|
|
||||||
- include: minifirewall.yml
|
- import_tasks: minifirewall.yml
|
||||||
when:
|
when:
|
||||||
- evomaintenance_hook_db | bool
|
- evomaintenance_hook_db | bool
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
|
|
|
@ -3,8 +3,11 @@
|
||||||
service:
|
service:
|
||||||
name: fail2ban
|
name: fail2ban
|
||||||
state: restarted
|
state: restarted
|
||||||
|
tags:
|
||||||
|
- fail2ban
|
||||||
|
|
||||||
- name: restart munin-node
|
- name: restart munin-node
|
||||||
service:
|
service:
|
||||||
name: munin-node
|
name: munin-node
|
||||||
state: restarted
|
state: restarted
|
||||||
|
tags: fail2ban
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
- fail2ban
|
- fail2ban
|
||||||
|
|
||||||
- name: Include ignoredips update task
|
- name: Include ignoredips update task
|
||||||
include: ip_whitelist.yml
|
import_tasks: ip_whitelist.yml
|
||||||
when: fail2ban_force_update_ignore_ips | bool
|
when: fail2ban_force_update_ignore_ips | bool
|
||||||
tags:
|
tags:
|
||||||
- fail2ban
|
- fail2ban
|
||||||
|
|
|
@ -83,7 +83,7 @@
|
||||||
- config
|
- config
|
||||||
- update-config
|
- update-config
|
||||||
|
|
||||||
- include: packages_backports.yml
|
- import_tasks: packages_backports.yml
|
||||||
when: haproxy_backports | bool
|
when: haproxy_backports | bool
|
||||||
|
|
||||||
- name: Install HAProxy package
|
- name: Install HAProxy package
|
||||||
|
@ -134,4 +134,4 @@
|
||||||
- haproxy
|
- haproxy
|
||||||
- logrotate
|
- logrotate
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
# msg: "This role support only java 8 for now !"
|
# msg: "This role support only java 8 for now !"
|
||||||
# when: java_version != 8
|
# when: java_version != 8
|
||||||
|
|
||||||
- include: openjdk.yml
|
- import_tasks: openjdk.yml
|
||||||
when: java_alternative == 'openjdk'
|
when: java_alternative == 'openjdk'
|
||||||
|
|
||||||
- include: oracle.yml
|
- import_tasks: oracle.yml
|
||||||
when: java_alternative == 'oracle'
|
when: java_alternative == 'oracle'
|
||||||
|
|
|
@ -136,7 +136,7 @@
|
||||||
# - optimize
|
# - optimize
|
||||||
# - data
|
# - data
|
||||||
|
|
||||||
- include: proxy_nginx.yml
|
- import_tasks: proxy_nginx.yml
|
||||||
when: kibana_proxy_nginx | bool
|
when: kibana_proxy_nginx | bool
|
||||||
tags:
|
tags:
|
||||||
- kibana
|
- kibana
|
||||||
|
|
|
@ -5,12 +5,12 @@
|
||||||
when: kvm_install_drbd
|
when: kvm_install_drbd
|
||||||
|
|
||||||
## TODO: check why it's disabled
|
## TODO: check why it's disabled
|
||||||
- include: ssh.yml
|
- import_tasks: ssh.yml
|
||||||
|
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: images.yml
|
- import_tasks: images.yml
|
||||||
|
|
||||||
- include: tools.yml
|
- import_tasks: tools.yml
|
||||||
|
|
|
@ -16,11 +16,11 @@
|
||||||
notify: restart slapd
|
notify: restart slapd
|
||||||
|
|
||||||
- name: ldapvirc file
|
- name: ldapvirc file
|
||||||
include: ldapvirc.yml
|
import_tasks: ldapvirc.yml
|
||||||
|
|
||||||
- name: nagios config file for LDAP
|
- name: nagios config file for LDAP
|
||||||
include: nagios.yml
|
import_tasks: nagios.yml
|
||||||
|
|
||||||
- name: initialize database
|
- name: initialize database
|
||||||
include: init.yml
|
import_tasks: init.yml
|
||||||
when: not root_ldapvirc_path.stat.exists
|
when: not root_ldapvirc_path.stat.exists
|
|
@ -105,6 +105,6 @@
|
||||||
var: logstash_template
|
var: logstash_template
|
||||||
verbosity: 1
|
verbosity: 1
|
||||||
|
|
||||||
- include: logs.yml
|
- import_tasks: logs.yml
|
||||||
|
|
||||||
- include: tmpdir.yml
|
- import_tasks: tmpdir.yml
|
||||||
|
|
|
@ -9,22 +9,22 @@
|
||||||
name: "{{ lxc_php_version }}"
|
name: "{{ lxc_php_version }}"
|
||||||
container_command: "apt-get update"
|
container_command: "apt-get update"
|
||||||
|
|
||||||
- include: "php56.yml"
|
- import_tasks: "php56.yml"
|
||||||
when: lxc_php_version == "php56"
|
when: lxc_php_version == "php56"
|
||||||
|
|
||||||
- include: "php70.yml"
|
- import_tasks: "php70.yml"
|
||||||
when: lxc_php_version == "php70"
|
when: lxc_php_version == "php70"
|
||||||
|
|
||||||
- include: "php73.yml"
|
- import_tasks: "php73.yml"
|
||||||
when: lxc_php_version == "php73"
|
when: lxc_php_version == "php73"
|
||||||
|
|
||||||
- include: "php74.yml"
|
- import_tasks: "php74.yml"
|
||||||
when: lxc_php_version == "php74"
|
when: lxc_php_version == "php74"
|
||||||
|
|
||||||
- include: "php80.yml"
|
- import_tasks: "php80.yml"
|
||||||
when: lxc_php_version == "php80"
|
when: lxc_php_version == "php80"
|
||||||
|
|
||||||
- include: "php81.yml"
|
- import_tasks: "php81.yml"
|
||||||
when: lxc_php_version == "php81"
|
when: lxc_php_version == "php81"
|
||||||
|
|
||||||
- include: "misc.yml"
|
- import_tasks: "misc.yml"
|
||||||
|
|
|
@ -17,4 +17,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
- include: "mail_ssmtp.yml"
|
- import_tasks: "mail_ssmtp.yml"
|
||||||
|
|
|
@ -17,4 +17,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
- include: "mail_opensmtpd.yml"
|
- import_tasks: "mail_opensmtpd.yml"
|
||||||
|
|
|
@ -17,4 +17,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
- include: "mail_opensmtpd.yml"
|
- import_tasks: "mail_opensmtpd.yml"
|
||||||
|
|
|
@ -23,4 +23,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
- include: "mail_opensmtpd.yml"
|
- import_tasks: "mail_opensmtpd.yml"
|
||||||
|
|
|
@ -60,4 +60,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
- include: "mail_opensmtpd.yml"
|
- import_tasks: "mail_opensmtpd.yml"
|
||||||
|
|
|
@ -50,7 +50,7 @@
|
||||||
failed_when: "check_var.rc == 0"
|
failed_when: "check_var.rc == 0"
|
||||||
|
|
||||||
- name: Create containers
|
- name: Create containers
|
||||||
include: create-container.yml
|
include_tasks: create-container.yml
|
||||||
vars:
|
vars:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item.name }}"
|
||||||
release: "{{ item.release }}"
|
release: "{{ item.release }}"
|
||||||
|
|
|
@ -69,6 +69,6 @@
|
||||||
- memcached
|
- memcached
|
||||||
when: memcached_instance_name | length > 0
|
when: memcached_instance_name | length > 0
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
|
|
|
@ -9,16 +9,16 @@
|
||||||
msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
|
msg: "Variable minifirewall_main_file is deprecated and not configurable anymore."
|
||||||
when: minifirewall_main_file is defined
|
when: minifirewall_main_file is defined
|
||||||
|
|
||||||
- include: install.yml
|
- import_tasks: install.yml
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
when: minifirewall_update_config | bool
|
when: minifirewall_update_config | bool
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
|
|
||||||
- include: activate.yml
|
- import_tasks: activate.yml
|
||||||
|
|
||||||
- include: tail.yml
|
- import_tasks: tail.yml
|
||||||
when: minifirewall_tail_included | bool
|
when: minifirewall_tail_included | bool
|
||||||
|
|
||||||
- name: Force restart minifirewall
|
- name: Force restart minifirewall
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: main_jessie.yml
|
- import_tasks: main_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: main_stretch.yml
|
- import_tasks: main_stretch.yml
|
||||||
when: ansible_distribution_release == "stretch"
|
when: ansible_distribution_release == "stretch"
|
||||||
|
|
||||||
- include: main_buster.yml
|
- import_tasks: main_buster.yml
|
||||||
when: ansible_distribution_release == "buster"
|
when: ansible_distribution_release == "buster"
|
||||||
|
|
||||||
- include: main_bullseye.yml
|
- import_tasks: main_bullseye.yml
|
||||||
when: ansible_distribution_major_version is version('11', '>=')
|
when: ansible_distribution_major_version is version('11', '>=')
|
||||||
|
|
|
@ -3,20 +3,20 @@
|
||||||
- set_fact:
|
- set_fact:
|
||||||
mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
|
mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
|
||||||
|
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: users.yml
|
- import_tasks: users.yml
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
|
|
||||||
- include: datadir.yml
|
- import_tasks: datadir.yml
|
||||||
|
|
||||||
- include: tmpdir.yml
|
- import_tasks: tmpdir.yml
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: log2mail.yml
|
- import_tasks: log2mail.yml
|
||||||
|
|
||||||
- include: utils.yml
|
- import_tasks: utils.yml
|
||||||
|
|
|
@ -4,44 +4,44 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
|
mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
|
||||||
|
|
||||||
- include: packages_stretch.yml
|
- import_tasks: packages_stretch.yml
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: packages_jessie.yml
|
- import_tasks: packages_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
## There is nothing to do with users on Debian 11 - yet we need a /root/.my.cnf for compatibility
|
## There is nothing to do with users on Debian 11 - yet we need a /root/.my.cnf for compatibility
|
||||||
- include: users_bullseye.yml
|
- import_tasks: users_bullseye.yml
|
||||||
when: ansible_distribution_release == "bullseye"
|
when: ansible_distribution_release == "bullseye"
|
||||||
|
|
||||||
- include: users_buster.yml
|
- import_tasks: users_buster.yml
|
||||||
when: ansible_distribution_release == "buster"
|
when: ansible_distribution_release == "buster"
|
||||||
|
|
||||||
- include: users_stretch.yml
|
- import_tasks: users_stretch.yml
|
||||||
when: ansible_distribution_release == "stretch"
|
when: ansible_distribution_release == "stretch"
|
||||||
|
|
||||||
- include: users_jessie.yml
|
- import_tasks: users_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: config_stretch.yml
|
- import_tasks: config_stretch.yml
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: config_jessie.yml
|
- import_tasks: config_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: replication.yml
|
- import_tasks: replication.yml
|
||||||
when: mysql_replication | bool
|
when: mysql_replication | bool
|
||||||
|
|
||||||
- include: datadir.yml
|
- import_tasks: datadir.yml
|
||||||
|
|
||||||
- include: logdir.yml
|
- import_tasks: logdir.yml
|
||||||
|
|
||||||
- include: tmpdir.yml
|
- import_tasks: tmpdir.yml
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: log2mail.yml
|
- import_tasks: log2mail.yml
|
||||||
|
|
||||||
- include: utils.yml
|
- import_tasks: utils.yml
|
||||||
|
|
|
@ -21,10 +21,10 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
eni_interface_name: "{{ ansible_default_ipv4.interface }}"
|
eni_interface_name: "{{ ansible_default_ipv4.interface }}"
|
||||||
|
|
||||||
- include: set_facts_from_systemd.yml
|
- import_tasks: set_facts_from_systemd.yml
|
||||||
when: systemd_network_file.stat.exists
|
when: systemd_network_file.stat.exists
|
||||||
|
|
||||||
- include: set_facts_from_ansible.yml
|
- import_tasks: set_facts_from_ansible.yml
|
||||||
when: not systemd_network_file.stat.exists
|
when: not systemd_network_file.stat.exists
|
||||||
|
|
||||||
- name: Check config (IPv4)
|
- name: Check config (IPv4)
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: sources.yml
|
- import_tasks: sources.yml
|
||||||
|
|
||||||
- include: php.yml
|
- import_tasks: php.yml
|
||||||
when: newrelic_php | bool
|
when: newrelic_php | bool
|
||||||
|
|
||||||
- include: sysmond.yml
|
- import_tasks: sysmond.yml
|
||||||
when: newrelic_sysmond | bool
|
when: newrelic_sysmond | bool
|
||||||
|
|
|
@ -8,9 +8,9 @@
|
||||||
msg: "Nginx minimal mode has been set, using minimal mode."
|
msg: "Nginx minimal mode has been set, using minimal mode."
|
||||||
when: nginx_minimal | bool
|
when: nginx_minimal | bool
|
||||||
|
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: server_status_read.yml
|
- import_tasks: server_status_read.yml
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
|
@ -64,7 +64,7 @@
|
||||||
- ips
|
- ips
|
||||||
|
|
||||||
- name: Include IP address whitelist task
|
- name: Include IP address whitelist task
|
||||||
include: ip_whitelist.yml
|
import_tasks: ip_whitelist.yml
|
||||||
|
|
||||||
- name: Copy evolinux_server_custom
|
- name: Copy evolinux_server_custom
|
||||||
copy:
|
copy:
|
||||||
|
@ -134,7 +134,7 @@
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- include: server_status_write.yml
|
- import_tasks: server_status_write.yml
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
|
@ -155,16 +155,16 @@
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_vhost.yml
|
- import_tasks: munin_vhost.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_graphs.yml
|
- import_tasks: munin_graphs.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: logrotate.yml
|
- import_tasks: logrotate.yml
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
nginx_default_package_name: nginx-light
|
nginx_default_package_name: nginx-light
|
||||||
when: nginx_minimal | bool
|
when: nginx_minimal | bool
|
||||||
|
|
||||||
- include: packages_backports.yml
|
- import_tasks: packages_backports.yml
|
||||||
when: nginx_backports | bool
|
when: nginx_backports | bool
|
||||||
|
|
||||||
# TODO: install "nginx" + only necessary modules, instead of "nginx-full"
|
# TODO: install "nginx" + only necessary modules, instead of "nginx-full"
|
||||||
|
|
|
@ -61,5 +61,5 @@
|
||||||
- packages
|
- packages
|
||||||
- nodejs
|
- nodejs
|
||||||
|
|
||||||
- include: yarn.yml
|
- import_tasks: yarn.yml
|
||||||
when: nodejs_install_yarn | bool
|
when: nodejs_install_yarn | bool
|
||||||
|
|
|
@ -6,10 +6,10 @@
|
||||||
msg: "Only compatible with Debian and OpenBSD"
|
msg: "Only compatible with Debian and OpenBSD"
|
||||||
|
|
||||||
- name: Include Debian version
|
- name: Include Debian version
|
||||||
include: debian.yml
|
import_tasks: debian.yml
|
||||||
when: ansible_distribution == "Debian"
|
when: ansible_distribution == "Debian"
|
||||||
|
|
||||||
- name: Include OpenBSD version
|
- name: Include OpenBSD version
|
||||||
include: openbsd.yml
|
import_tasks: openbsd.yml
|
||||||
when: ansible_distribution == "OpenBSD"
|
when: ansible_distribution == "OpenBSD"
|
||||||
|
|
||||||
|
|
|
@ -82,13 +82,13 @@
|
||||||
regexp: '^DIR_MODE='
|
regexp: '^DIR_MODE='
|
||||||
line: 'DIR_MODE=0750'
|
line: 'DIR_MODE=0750'
|
||||||
|
|
||||||
- include: apache.yml
|
- import_tasks: apache.yml
|
||||||
|
|
||||||
- include: phpmyadmin.yml
|
- import_tasks: phpmyadmin.yml
|
||||||
|
|
||||||
- include: awstats.yml
|
- import_tasks: awstats.yml
|
||||||
|
|
||||||
- include: fhs_retrictions.yml
|
- import_tasks: fhs_retrictions.yml
|
||||||
when: packweb_fhs_retrictions | bool
|
when: packweb_fhs_retrictions | bool
|
||||||
|
|
||||||
- name: Periodically cache ftp directory sizes for ftpadmin.sh
|
- name: Periodically cache ftp directory sizes for ftpadmin.sh
|
||||||
|
@ -97,5 +97,5 @@
|
||||||
special_time: daily
|
special_time: daily
|
||||||
job: "/usr/share/scripts/evoadmin/stats.sh"
|
job: "/usr/share/scripts/evoadmin/stats.sh"
|
||||||
|
|
||||||
- include: multiphp.yml
|
- import_tasks: multiphp.yml
|
||||||
when: packweb_multiphp_versions | length > 0
|
when: packweb_multiphp_versions | length > 0
|
||||||
|
|
|
@ -61,5 +61,5 @@
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
when: percona__apt_config_deb is changed
|
when: percona__apt_config_deb is changed
|
||||||
|
|
||||||
- include: xtrabackup.yml
|
- import_tasks: xtrabackup.yml
|
||||||
when: percona__install_xtrabackup | bool
|
when: percona__install_xtrabackup | bool
|
||||||
|
|
|
@ -7,14 +7,14 @@
|
||||||
- ansible_distribution_major_version is version('11', '<=')
|
- ansible_distribution_major_version is version('11', '<=')
|
||||||
msg: This is only compatible with Debian 8 → 11
|
msg: This is only compatible with Debian 8 → 11
|
||||||
|
|
||||||
- include: main_jessie.yml
|
- import_tasks: main_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: main_stretch.yml
|
- import_tasks: main_stretch.yml
|
||||||
when: ansible_distribution_release == "stretch"
|
when: ansible_distribution_release == "stretch"
|
||||||
|
|
||||||
- include: main_buster.yml
|
- import_tasks: main_buster.yml
|
||||||
when: ansible_distribution_release == "buster"
|
when: ansible_distribution_release == "buster"
|
||||||
|
|
||||||
- include: main_bullseye.yml
|
- import_tasks: main_bullseye.yml
|
||||||
when: ansible_distribution_release == "bullseye"
|
when: ansible_distribution_release == "bullseye"
|
||||||
|
|
|
@ -34,7 +34,7 @@
|
||||||
- composer
|
- composer
|
||||||
- libphp-phpmailer
|
- libphp-phpmailer
|
||||||
|
|
||||||
- include: sury_pre.yml
|
- import_tasks: sury_pre.yml
|
||||||
when: php_sury_enable
|
when: php_sury_enable
|
||||||
|
|
||||||
- name: "Install PHP packages (Debian 11)"
|
- name: "Install PHP packages (Debian 11)"
|
||||||
|
@ -68,13 +68,13 @@
|
||||||
- /etc/php
|
- /etc/php
|
||||||
- /etc/php/7.4
|
- /etc/php/7.4
|
||||||
|
|
||||||
- include: config_cli.yml
|
- import_tasks: config_cli.yml
|
||||||
- name: "Enforce permissions on PHP cli directory (Debian 11)"
|
- name: "Enforce permissions on PHP cli directory (Debian 11)"
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.4/cli
|
dest: /etc/php/7.4/cli
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- include: config_fpm.yml
|
- import_tasks: config_fpm.yml
|
||||||
when: php_fpm_enable
|
when: php_fpm_enable
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP fpm directory (Debian 11)"
|
- name: "Enforce permissions on PHP fpm directory (Debian 11)"
|
||||||
|
@ -83,7 +83,7 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_fpm_enable
|
when: php_fpm_enable
|
||||||
|
|
||||||
- include: config_apache.yml
|
- import_tasks: config_apache.yml
|
||||||
when: php_apache_enable
|
when: php_apache_enable
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP apache2 directory (Debian 11)"
|
- name: "Enforce permissions on PHP apache2 directory (Debian 11)"
|
||||||
|
@ -92,5 +92,5 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_apache_enable
|
when: php_apache_enable
|
||||||
|
|
||||||
- include: sury_post.yml
|
- import_tasks: sury_post.yml
|
||||||
when: php_sury_enable
|
when: php_sury_enable
|
||||||
|
|
|
@ -35,7 +35,7 @@
|
||||||
- composer
|
- composer
|
||||||
- libphp-phpmailer
|
- libphp-phpmailer
|
||||||
|
|
||||||
- include: sury_pre.yml
|
- import_tasks: sury_pre.yml
|
||||||
when: php_sury_enable | bool
|
when: php_sury_enable | bool
|
||||||
|
|
||||||
- name: "Install PHP packages (Debian 10)"
|
- name: "Install PHP packages (Debian 10)"
|
||||||
|
@ -69,13 +69,13 @@
|
||||||
- /etc/php
|
- /etc/php
|
||||||
- /etc/php/7.3
|
- /etc/php/7.3
|
||||||
|
|
||||||
- include: config_cli.yml
|
- import_tasks: config_cli.yml
|
||||||
- name: "Enforce permissions on PHP cli directory (Debian 10)"
|
- name: "Enforce permissions on PHP cli directory (Debian 10)"
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.3/cli
|
dest: /etc/php/7.3/cli
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- include: config_fpm.yml
|
- import_tasks: config_fpm.yml
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP fpm directory (Debian 10)"
|
- name: "Enforce permissions on PHP fpm directory (Debian 10)"
|
||||||
|
@ -84,7 +84,7 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- include: config_apache.yml
|
- import_tasks: config_apache.yml
|
||||||
when: php_apache_enable | bool
|
when: php_apache_enable | bool
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP apache2 directory (Debian 10)"
|
- name: "Enforce permissions on PHP apache2 directory (Debian 10)"
|
||||||
|
@ -93,5 +93,5 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_apache_enable | bool
|
when: php_apache_enable | bool
|
||||||
|
|
||||||
- include: sury_post.yml
|
- import_tasks: sury_post.yml
|
||||||
when: php_sury_enable | bool
|
when: php_sury_enable | bool
|
||||||
|
|
|
@ -57,14 +57,14 @@
|
||||||
dest: /etc/php5
|
dest: /etc/php5
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- include: config_cli.yml
|
- import_tasks: config_cli.yml
|
||||||
|
|
||||||
- name: Enforce permissions on PHP cli directory (Debian 8)
|
- name: Enforce permissions on PHP cli directory (Debian 8)
|
||||||
file:
|
file:
|
||||||
dest: /etc/php5/cli
|
dest: /etc/php5/cli
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- include: config_fpm.yml
|
- import_tasks: config_fpm.yml
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- name: Enforce permissions on PHP fpm directory (Debian 8)
|
- name: Enforce permissions on PHP fpm directory (Debian 8)
|
||||||
|
@ -73,7 +73,7 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- include: config_apache.yml
|
- import_tasks: config_apache.yml
|
||||||
when: php_apache_enable | bool
|
when: php_apache_enable | bool
|
||||||
|
|
||||||
- name: Enforce permissions on PHP apache2 directory (Debian 8)
|
- name: Enforce permissions on PHP apache2 directory (Debian 8)
|
||||||
|
|
|
@ -35,7 +35,7 @@
|
||||||
- composer
|
- composer
|
||||||
- libphp-phpmailer
|
- libphp-phpmailer
|
||||||
|
|
||||||
- include: sury_pre.yml
|
- import_tasks: sury_pre.yml
|
||||||
when: php_sury_enable | bool
|
when: php_sury_enable | bool
|
||||||
|
|
||||||
- name: "Install PHP packages (Debian 9)"
|
- name: "Install PHP packages (Debian 9)"
|
||||||
|
@ -69,14 +69,14 @@
|
||||||
- /etc/php
|
- /etc/php
|
||||||
- /etc/php/7.0
|
- /etc/php/7.0
|
||||||
|
|
||||||
- include: config_cli.yml
|
- import_tasks: config_cli.yml
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP cli directory (Debian 9)"
|
- name: "Enforce permissions on PHP cli directory (Debian 9)"
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.0/cli
|
dest: /etc/php/7.0/cli
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- include: config_fpm.yml
|
- import_tasks: config_fpm.yml
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP fpm directory (Debian 9)"
|
- name: "Enforce permissions on PHP fpm directory (Debian 9)"
|
||||||
|
@ -85,7 +85,7 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_fpm_enable | bool
|
when: php_fpm_enable | bool
|
||||||
|
|
||||||
- include: config_apache.yml
|
- import_tasks: config_apache.yml
|
||||||
when: php_apache_enable | bool
|
when: php_apache_enable | bool
|
||||||
|
|
||||||
- name: "Enforce permissions on PHP apache2 directory (Debian 9)"
|
- name: "Enforce permissions on PHP apache2 directory (Debian 9)"
|
||||||
|
@ -94,5 +94,5 @@
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_apache_enable | bool
|
when: php_apache_enable | bool
|
||||||
|
|
||||||
- include: sury_post.yml
|
- import_tasks: sury_post.yml
|
||||||
when: php_sury_enable | bool
|
when: php_sury_enable | bool
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- include: common.yml
|
- import_tasks: common.yml
|
||||||
|
|
||||||
- include: minimal.yml
|
- import_tasks: minimal.yml
|
||||||
when: not (postfix_packmail | bool)
|
when: not (postfix_packmail | bool)
|
||||||
|
|
||||||
- include: packmail.yml
|
- import_tasks: packmail.yml
|
||||||
when: postfix_packmail | bool
|
when: postfix_packmail | bool
|
||||||
|
|
||||||
- include: slow_transport.yml
|
- import_tasks: slow_transport.yml
|
||||||
when: postfix_slow_transport_include | bool
|
when: postfix_slow_transport_include | bool
|
||||||
|
|
|
@ -1,25 +1,25 @@
|
||||||
---
|
---
|
||||||
- include: locales.yml
|
- import_tasks: locales.yml
|
||||||
|
|
||||||
- include: packages_jessie.yml
|
- import_tasks: packages_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: packages_stretch.yml
|
- import_tasks: packages_stretch.yml
|
||||||
when: ansible_distribution_release == "stretch"
|
when: ansible_distribution_release == "stretch"
|
||||||
|
|
||||||
- include: packages_buster.yml
|
- import_tasks: packages_buster.yml
|
||||||
when: ansible_distribution_release == "buster"
|
when: ansible_distribution_release == "buster"
|
||||||
|
|
||||||
- include: packages_bullseye.yml
|
- import_tasks: packages_bullseye.yml
|
||||||
when: ansible_distribution_major_version is version('11', '>=')
|
when: ansible_distribution_major_version is version('11', '>=')
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
||||||
- include: logrotate.yml
|
- import_tasks: logrotate.yml
|
||||||
|
|
||||||
- include: postgis.yml
|
- import_tasks: postgis.yml
|
||||||
when: postgresql_install_postgis | bool
|
when: postgresql_install_postgis | bool
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
postgresql_version: '13'
|
postgresql_version: '13'
|
||||||
when: postgresql_version is none or postgresql_version | length == 0
|
when: postgresql_version is none or postgresql_version | length == 0
|
||||||
|
|
||||||
- include: pgdg-repo.yml
|
- import_tasks: pgdg-repo.yml
|
||||||
when: postgresql_version != '13'
|
when: postgresql_version != '13'
|
||||||
|
|
||||||
- name: Install postgresql package
|
- name: Install postgresql package
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
postgresql_version: '11'
|
postgresql_version: '11'
|
||||||
when: postgresql_version is none or postgresql_version | length == 0
|
when: postgresql_version is none or postgresql_version | length == 0
|
||||||
|
|
||||||
- include: pgdg-repo.yml
|
- import_tasks: pgdg-repo.yml
|
||||||
when: postgresql_version != '11'
|
when: postgresql_version != '11'
|
||||||
|
|
||||||
- name: Install postgresql package
|
- name: Install postgresql package
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
postgresql_version: '9.4'
|
postgresql_version: '9.4'
|
||||||
when: postgresql_version is none or postgresql_version | length == 0
|
when: postgresql_version is none or postgresql_version | length == 0
|
||||||
|
|
||||||
- include: pgdg-repo.yml
|
- import_tasks: pgdg-repo.yml
|
||||||
when: postgresql_version != '9.4'
|
when: postgresql_version != '9.4'
|
||||||
|
|
||||||
- name: Install postgresql package
|
- name: Install postgresql package
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
postgresql_version: '9.6'
|
postgresql_version: '9.6'
|
||||||
when: postgresql_version is none or postgresql_version | length == 0
|
when: postgresql_version is none or postgresql_version | length == 0
|
||||||
|
|
||||||
- include: pgdg-repo.yml
|
- import_tasks: pgdg-repo.yml
|
||||||
when: postgresql_version != '9.6'
|
when: postgresql_version != '9.6'
|
||||||
|
|
||||||
- name: Install postgresql package
|
- name: Install postgresql package
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
- include: accounts_password.yml
|
- include_tasks: accounts_password.yml
|
||||||
when: item.password is undefined
|
when: item.password is undefined
|
||||||
loop: "{{ proftpd_accounts }}"
|
loop: "{{ proftpd_accounts }}"
|
||||||
tags:
|
tags:
|
||||||
|
|
|
@ -79,5 +79,5 @@
|
||||||
tags:
|
tags:
|
||||||
- proftpd
|
- proftpd
|
||||||
|
|
||||||
- include: accounts.yml
|
- import_tasks: accounts.yml
|
||||||
when: proftpd_accounts | length > 0
|
when: proftpd_accounts | length > 0
|
||||||
|
|
|
@ -34,7 +34,7 @@
|
||||||
tags:
|
tags:
|
||||||
- nrpe
|
- nrpe
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
when: nrpe_evolix_config.stat.exists
|
when: nrpe_evolix_config.stat.exists
|
||||||
|
|
||||||
- name: is Munin present ?
|
- name: is Munin present ?
|
||||||
|
@ -45,5 +45,5 @@
|
||||||
tags:
|
tags:
|
||||||
- nrpe
|
- nrpe
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
when: etc_munin_directory.stat.exists
|
when: etc_munin_directory.stat.exists
|
||||||
|
|
|
@ -56,11 +56,11 @@
|
||||||
when: redis_instance_name is defined
|
when: redis_instance_name is defined
|
||||||
|
|
||||||
- name: configure Redis for default mode
|
- name: configure Redis for default mode
|
||||||
include: default-server.yml
|
import_tasks: default-server.yml
|
||||||
when: redis_instance_name is not defined
|
when: redis_instance_name is not defined
|
||||||
|
|
||||||
- name: configure Redis for instance mode
|
- name: configure Redis for instance mode
|
||||||
include: instance-server.yml
|
import_tasks: instance-server.yml
|
||||||
when: redis_instance_name is defined
|
when: redis_instance_name is defined
|
||||||
|
|
||||||
- name: Is Munin installed
|
- name: Is Munin installed
|
||||||
|
@ -72,7 +72,7 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: configure Munin for default mode
|
- name: configure Munin for default mode
|
||||||
include: default-munin.yml
|
import_tasks: default-munin.yml
|
||||||
when:
|
when:
|
||||||
- _munin_installed.stat.exists
|
- _munin_installed.stat.exists
|
||||||
- _munin_installed.stat.isdir
|
- _munin_installed.stat.isdir
|
||||||
|
@ -82,7 +82,7 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- name: configure Munin for instance mode
|
- name: configure Munin for instance mode
|
||||||
include: instance-munin.yml
|
import_tasks: instance-munin.yml
|
||||||
when:
|
when:
|
||||||
- _munin_installed.stat.exists
|
- _munin_installed.stat.exists
|
||||||
- _munin_installed.stat.isdir
|
- _munin_installed.stat.isdir
|
||||||
|
@ -100,7 +100,7 @@
|
||||||
- log2mail
|
- log2mail
|
||||||
|
|
||||||
- name: configure log2mail for default mode
|
- name: configure log2mail for default mode
|
||||||
include: default-log2mail.yml
|
import_tasks: default-log2mail.yml
|
||||||
when:
|
when:
|
||||||
- _log2mail_installed.stat.exists
|
- _log2mail_installed.stat.exists
|
||||||
- _log2mail_installed.stat.isdir
|
- _log2mail_installed.stat.isdir
|
||||||
|
@ -110,7 +110,7 @@
|
||||||
- log2mail
|
- log2mail
|
||||||
|
|
||||||
- name: configure log2mail for instance mode
|
- name: configure log2mail for instance mode
|
||||||
include: instance-log2mail.yml
|
import_tasks: instance-log2mail.yml
|
||||||
when:
|
when:
|
||||||
- _log2mail_installed.stat.exists
|
- _log2mail_installed.stat.exists
|
||||||
- _log2mail_installed.stat.isdir
|
- _log2mail_installed.stat.isdir
|
||||||
|
@ -128,7 +128,7 @@
|
||||||
- redis
|
- redis
|
||||||
- nrpe
|
- nrpe
|
||||||
|
|
||||||
- include: nrpe.yml
|
- import_tasks: nrpe.yml
|
||||||
when: nrpe_evolix_config.stat.exists
|
when: nrpe_evolix_config.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- redis
|
- redis
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
- include: syslog.yml
|
- import_tasks: syslog.yml
|
||||||
- include: user.yml
|
- import_tasks: user.yml
|
||||||
- include_role:
|
- include_role:
|
||||||
name: evolix/rbenv
|
name: evolix/rbenv
|
||||||
vars:
|
vars:
|
||||||
- username: "{{ redmine_user }}"
|
- username: "{{ redmine_user }}"
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
- include: mysql.yml
|
- import_tasks: mysql.yml
|
||||||
- include: source.yml
|
- import_tasks: source.yml
|
||||||
- include: release.yml
|
- import_tasks: release.yml
|
||||||
- include: nginx.yml
|
- import_tasks: nginx.yml
|
||||||
|
|
|
@ -152,15 +152,15 @@
|
||||||
notify: "reload squid"
|
notify: "reload squid"
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: systemd.yml
|
- import_tasks: systemd.yml
|
||||||
when: ansible_distribution_major_version is version('10', '>=')
|
when: ansible_distribution_major_version is version('10', '>=')
|
||||||
|
|
||||||
- include: logrotate_jessie.yml
|
- import_tasks: logrotate_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- include: logrotate_stretch.yml
|
- import_tasks: logrotate_stretch.yml
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: minifirewall.yml
|
- import_tasks: minifirewall.yml
|
||||||
|
|
||||||
- include: log2mail.yml
|
- import_tasks: log2mail.yml
|
||||||
|
|
|
@ -39,5 +39,5 @@
|
||||||
tags:
|
tags:
|
||||||
- ssl
|
- ssl
|
||||||
|
|
||||||
- include: haproxy.yml
|
- import_tasks: haproxy.yml
|
||||||
when: haproxy_check.rc == 0
|
when: haproxy_check.rc == 0
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- include: check.yml
|
- import_tasks: check.yml
|
||||||
- include: user.yml
|
- import_tasks: user.yml
|
||||||
- include: systemd.yml
|
- import_tasks: systemd.yml
|
||||||
- include: alias.yml
|
- import_tasks: alias.yml
|
||||||
- include: bootstrap.yml
|
- import_tasks: bootstrap.yml
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: nagios.yml
|
- import_tasks: nagios.yml
|
||||||
|
|
|
@ -126,4 +126,4 @@
|
||||||
- config
|
- config
|
||||||
- update-config
|
- update-config
|
||||||
|
|
||||||
- include: munin.yml
|
- import_tasks: munin.yml
|
||||||
|
|
|
@ -15,12 +15,12 @@
|
||||||
tags:
|
tags:
|
||||||
- evoadmin-mail
|
- evoadmin-mail
|
||||||
|
|
||||||
- include: ssl.yml
|
- import_tasks: ssl.yml
|
||||||
|
|
||||||
- include: apache.yml
|
- import_tasks: apache.yml
|
||||||
when: evoadminmail_webserver == "apache"
|
when: evoadminmail_webserver == "apache"
|
||||||
|
|
||||||
- include: nginx.yml
|
- import_tasks: nginx.yml
|
||||||
when: evoadminmail_webserver == "nginx"
|
when: evoadminmail_webserver == "nginx"
|
||||||
|
|
||||||
- name: enable evoadmin-mail link in default site index
|
- name: enable evoadmin-mail link in default site index
|
||||||
|
|
|
@ -5,17 +5,17 @@
|
||||||
msg: Please configure var evoadmin_contact_email
|
msg: Please configure var evoadmin_contact_email
|
||||||
when: evoadmin_contact_email is none or evoadmin_contact_email | length == 0
|
when: evoadmin_contact_email is none or evoadmin_contact_email | length == 0
|
||||||
|
|
||||||
- include: packages.yml
|
- import_tasks: packages.yml
|
||||||
|
|
||||||
- include: user.yml
|
- import_tasks: user.yml
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
|
|
||||||
- include: ssl.yml
|
- import_tasks: ssl.yml
|
||||||
|
|
||||||
- include: web.yml
|
- import_tasks: web.yml
|
||||||
|
|
||||||
- include: ftp.yml
|
- import_tasks: ftp.yml
|
||||||
|
|
||||||
- name: enable evoadmin-web link in default site index
|
- name: enable evoadmin-web link in default site index
|
||||||
blockinfile:
|
blockinfile:
|
||||||
|
|
|
@ -41,12 +41,12 @@
|
||||||
- nextcloud
|
- nextcloud
|
||||||
when: ansible_python_version is version('3', '>=')
|
when: ansible_python_version is version('3', '>=')
|
||||||
|
|
||||||
- include: user.yml
|
- import_tasks: user.yml
|
||||||
|
|
||||||
- include: archive.yml
|
- import_tasks: archive.yml
|
||||||
|
|
||||||
- include: vhost.yml
|
- import_tasks: vhost.yml
|
||||||
|
|
||||||
- include: mysql.yml
|
- import_tasks: mysql.yml
|
||||||
|
|
||||||
- include: config.yml
|
- import_tasks: config.yml
|
||||||
|
|
Loading…
Reference in a new issue