From 62f31f519e499917374a5a7a50b53954fe0f2278 Mon Sep 17 00:00:00 2001
From: Jeremy Dubois <jdubois@evolix.fr>
Date: Thu, 21 Jul 2022 16:46:24 +0200
Subject: [PATCH] base: loop over fstab entries instead of copying the same
 task for each entries

---
 CHANGELOG                          |   1 +
 roles/base/tasks/fstab.yml         | 138 -----------------------------
 roles/base/tasks/fstab_entries.yml |  21 +++++
 roles/base/tasks/fstab_entry.yml   |  36 ++++++++
 roles/base/tasks/main.yml          |   2 +-
 5 files changed, 59 insertions(+), 139 deletions(-)
 delete mode 100644 roles/base/tasks/fstab.yml
 create mode 100644 roles/base/tasks/fstab_entries.yml
 create mode 100644 roles/base/tasks/fstab_entry.yml

diff --git a/CHANGELOG b/CHANGELOG
index 07d6683..7b46a32 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -33,6 +33,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - update of tags for each tasks and ease the update of scripts
 - evocheck: execute evocheck without --cron the first of the month
 - etc-git: chmod 600 for local periodic files (daily, weekly, monthly)
+- base: loop over fstab entries instead of copying the same task for each entries
 
 ### Fixed
 
diff --git a/roles/base/tasks/fstab.yml b/roles/base/tasks/fstab.yml
deleted file mode 100644
index 75a53c2..0000000
--- a/roles/base/tasks/fstab.yml
+++ /dev/null
@@ -1,138 +0,0 @@
----
-- name: "Fetch fstab content"
-  command: "grep -v '^#' /etc/fstab"
-  check_mode: false
-  register: fstab_content
-  failed_when: false
-  changed_when: false
-  tags:
-    - fstab
-
-- name: "/ partition is customized - softdep"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/\s+ffs\s+rw)(.*)'
-    replace: '\1,softdep\2'
-  when:
-    - fstab_content.stdout | regex_search('\s/\s')
-    - not (fstab_content.stdout | regex_search('\s+/\s+ffs\s+rw,softdep'))
-  tags:
-    - fstab
-
-- name: "/ partition is customized - noatime"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/\s+ffs\s+rw)(\S*)(\s+.*)'
-    replace: '\1\2,noatime\3'
-  notify: remount / noatime
-  when:
-    - fstab_content.stdout | regex_search('\s/\s')
-    - not (fstab_content.stdout | regex_search('\s+/\s+ffs\s+rw\S*noatime'))
-  tags:
-    - fstab
-
-- name: "/var partition is customized - softdep"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/var\s+ffs\s+rw)(.*)'
-    replace: '\1,softdep\2'
-  when:
-    - fstab_content.stdout | regex_search('\s/var\s')
-    - not (fstab_content.stdout | regex_search('\s+/var\s+ffs\s+rw,softdep'))
-  tags:
-    - fstab
-
-- name: "/var partition is customized - noatime"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/var\s+ffs\s+rw)(\S*)(\s+.*)'
-    replace: '\1\2,noatime\3'
-  notify: remount /var noatime
-  when:
-    - fstab_content.stdout | regex_search('\s/var\s')
-    - not (fstab_content.stdout | regex_search('\s+/var\s+ffs\s+rw\S*noatime'))
-  tags:
-    - fstab
-
-- name: "/usr partition is customized - softdep"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/usr\s+ffs\s+rw)(.*)'
-    replace: '\1,softdep\2'
-  when:
-    - fstab_content.stdout | regex_search('\s/usr\s')
-    - not (fstab_content.stdout | regex_search('\s+/usr\s+ffs\s+rw,softdep'))
-  tags:
-    - fstab
-
-- name: "/usr partition is customized - noatime"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/usr\s+ffs\s+rw)(\S*)(\s+.*)'
-    replace: '\1\2,noatime\3'
-  notify: remount /usr noatime
-  when:
-    - fstab_content.stdout | regex_search('\s/usr\s')
-    - not (fstab_content.stdout | regex_search('\s+/usr\s+ffs\s+rw\S*noatime'))
-  tags:
-    - fstab
-
-- name: "/tmp partition is customized - noexec"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/tmp\s+ffs\s+rw(,softdep)*)(.*)'
-    replace: '\1,noexec\3'
-  notify: remount /tmp noexec
-  when:
-    - fstab_content.stdout | regex_search('\s/tmp\s')
-    - not (fstab_content.stdout
-      | regex_search('\s+/tmp\s+ffs\s+rw,(softdep,)*noexec'))
-  tags:
-    - fstab
-
-- name: "/tmp partition is customized - softdep"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/tmp\s+ffs\s+rw)(.*)'
-    replace: '\1,softdep\2'
-  when:
-    - fstab_content.stdout | regex_search('\s/tmp\s')
-    - not (fstab_content.stdout
-      | regex_search('\s+/tmp\s+ffs\s+rw,(noexec,)*softdep'))
-  tags:
-    - fstab
-
-- name: "/tmp partition is customized - noatime"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/tmp\s+ffs\s+rw)(\S*)(\s+.*)'
-    replace: '\1\2,noatime\3'
-  notify: remount /tmp noatime
-  when:
-    - fstab_content.stdout | regex_search('\s/tmp\s')
-    - not (fstab_content.stdout | regex_search('\s+/tmp\s+ffs\s+rw\S*noatime'))
-  tags:
-    - fstab
-
-- name: "/home partition is customized - softdep"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/home\s+ffs\s+rw)(.*)'
-    replace: '\1,softdep\2'
-  when:
-    - fstab_content.stdout | regex_search('\s/home\s')
-    - not (fstab_content.stdout | regex_search('\s+/home\s+ffs\s+rw,softdep'))
-  tags:
-    - fstab
-
-- name: "/home partition is customized - noatime"
-  replace:
-    dest: /etc/fstab
-    regexp: '([^#]\s+/home\s+ffs\s+rw)(\S*)(\s+.*)'
-    replace: '\1\2,noatime\3'
-  notify: remount /home noatime
-  when:
-    - fstab_content.stdout | regex_search('\s/home\s')
-    - not (fstab_content.stdout | regex_search('\s+/home\s+ffs\s+rw\S*noatime'))
-  tags:
-    - fstab
diff --git a/roles/base/tasks/fstab_entries.yml b/roles/base/tasks/fstab_entries.yml
new file mode 100644
index 0000000..e812051
--- /dev/null
+++ b/roles/base/tasks/fstab_entries.yml
@@ -0,0 +1,21 @@
+---
+- name: "Fetch fstab content"
+  command: "grep -v '^#' /etc/fstab"
+  check_mode: false
+  register: fstab_content
+  failed_when: false
+  changed_when: false
+  tags:
+    - fstab
+
+- include: fstab_entry.yml
+  vars:
+    fstab_path: "{{ item }}"
+  with_items:
+    - "/"
+    - "/var"
+    - "/usr"
+    - "/tmp"
+    - "/home"
+  tags:
+    - fstab
diff --git a/roles/base/tasks/fstab_entry.yml b/roles/base/tasks/fstab_entry.yml
new file mode 100644
index 0000000..b916d69
--- /dev/null
+++ b/roles/base/tasks/fstab_entry.yml
@@ -0,0 +1,36 @@
+---
+- name: "{{ fstab_path }} partition is customized - softdep"
+  replace:
+    dest: /etc/fstab
+    regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw)(.*)'
+    replace: '\1,softdep\2'
+  when:
+    - fstab_content.stdout | regex_search('\s' + fstab_path + '\s')
+    - not (fstab_content.stdout | regex_search('\s+' + fstab_path + '\s+ffs\s+rw,softdep'))
+  tags:
+    - fstab
+
+- name: "{{ fstab_path }} partition is customized - noatime"
+  replace:
+    dest: /etc/fstab
+    regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw)(\S*)(\s+.*)'
+    replace: '\1\2,noatime\3'
+  notify: remount {{ fstab_path }} noatime
+  when:
+    - fstab_content.stdout | regex_search('\s' + fstab_path + '\s')
+    - not (fstab_content.stdout | regex_search('\s+' + fstab_path + '\s+ffs\s+rw\S*noatime'))
+  tags:
+    - fstab
+
+- name: "{{ fstab_path }} partition is customized - noexec"
+  replace:
+    dest: /etc/fstab
+    regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw(,softdep)*)(.*)'
+    replace: '\1,noexec\3'
+  notify: remount {{ fstab_path }} noexec
+  when:
+    - fstab_path == "/tmp"
+    - fstab_content.stdout | regex_search('\s' + fstab_path + '\s')
+    - not (fstab_content.stdout | regex_search('\s+' + fstab_path + '\s+ffs\s+rw,(softdep,)*noexec'))
+  tags:
+    - fstab
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index c536ee0..2391d8e 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -9,6 +9,6 @@
 - include: evobackup.yml
 - include: newsyslog.yml
 - include: cron.yml
-- include: fstab.yml
+- include: fstab_entries.yml
 - include: ntp.yml
 - include: utils.yml