Revert "Add “when: not ansible_check_mode” to allow more --check"

This reverts commit fafff25c20.
This reverts commit e64471c5a8084f95a8e6f955d3fa918c55b8e846.

apache/handlers/main.yml

@@ -3,16 +3,13 @@
   service:
     name: apache2
     state: restarted
-  when: not ansible_check_mode
 
 - name: reload apache
   service:
     name: apache2
     state: reloaded
-  when: not ansible_check_mode
 
 - name: restart munin-node
   service:
     name: munin-node
     state: restarted
-  when: not ansible_check_mode

apache/tasks/auth.yml

@@ -22,7 +22,6 @@
     state: present
   tags:
     - apache
-  when: not ansible_check_mode
 
 - name: Copy private_htpasswd
   copy:
@@ -45,7 +44,6 @@
   notify: reload apache
   tags:
     - apache
-  when: not ansible_check_mode
 
 - name: remove user:pwd from private htpasswd
   lineinfile:
@@ -56,4 +54,3 @@
   notify: reload apache
   tags:
     - apache
-  when: not ansible_check_mode

apache/tasks/ip_whitelist.yml

@@ -10,7 +10,6 @@
   tags:
     - apache
     - ips
-  when: not ansible_check_mode
 
 - name: remove IP addresses from private IP whitelist
   lineinfile:

apache/tasks/log2mail.yml

@@ -6,7 +6,6 @@
     state: present
   tags:
     - apache
-  when: not ansible_check_mode
 
 - name: Add log2mail config for Apache segfaults
   template:

apache/tasks/main.yml

@@ -53,7 +53,6 @@
   notify: reload apache
   tags:
     - apache
-  when: not ansible_check_mode
 
 - name: basic modules are enabled
   apache2_module:
@@ -62,11 +61,10 @@
   loop:
     - cgi
   notify: reload apache
-  when:
-    - apache_mpm == "prefork" or apache_mpm == "itk"
-    - not ansible_check_mode
+  when: apache_mpm == "prefork" or apache_mpm == "itk"
   tags:
     - apache
+  when: not ansible_check_mode
 
 
 - name: Copy Apache defaults config file
@@ -133,11 +131,10 @@
     state: link
     force: yes
   notify: reload apache
-  when:
-    - apache_evolinux_default_enabled | bool
-    - not ansible_check_mode
+  when: apache_evolinux_default_enabled | bool
   tags:
     - apache
+  when: not ansible_check_mode
 
 - include: server_status.yml
   tags:
@@ -160,11 +157,10 @@
       ## Set umask for writing by Apache user.
       ## Set rights on files and directories written by Apache
       umask 007
-  when:
-    - envvar_grep_umask.rc != 0
-    - not ansible_check_mode
+  when: envvar_grep_umask.rc != 0
   tags:
     - apache
+  when: not ansible_check_mode
 
 - include_role:
     name: evolix/remount-usr
@@ -197,7 +193,6 @@
     replace: "{{ apache_logrotate_frequency }}"
   tags:
     - apache
-  when: not ansible_check_mode
 
 - name: "logrotate: rotate {{ apache_logrotate_rotate }}"
   replace:
@@ -206,7 +201,6 @@
     replace: '\1 {{ apache_logrotate_rotate }}'
   tags:
     - apache
-  when: not ansible_check_mode
 
 - include: log2mail.yml
   when: apache_log2mail_include

apache/tasks/munin.yml

@@ -23,7 +23,6 @@
   tags:
     - apache
     - munin
-  when: not ansible_check_mode
 
 - name: "Install fcgi packages for Munin graphs"
   apt:
@@ -44,7 +43,6 @@
   tags:
     - apache
     - munin
-  when: not ansible_check_mode
 
 - name: "Apache has access to /var/log/munin/"
   file:
@@ -53,4 +51,3 @@
   tags:
     - apache
     - munin
-  when: not ansible_check_mode

apache/tasks/server_status.yml

@@ -26,12 +26,10 @@
   changed_when: False
   check_mode: no
   register: new_apache_serverstatus_suffix
-  when: not ansible_check_mode
 
 - name: overwrite apache_serverstatus_suffix
   set_fact:
     apache_serverstatus_suffix: "{{ new_apache_serverstatus_suffix.stdout }}"
-  when: not ansible_check_mode
 
 - debug:
     var: apache_serverstatus_suffix
@@ -42,14 +40,12 @@
     dest: /var/www/index.html
     regexp: '__SERVERSTATUS_SUFFIX__'
     replace: "{{ apache_serverstatus_suffix }}"
-  when: not ansible_check_mode
 
 - name: add server-status suffix in default site index if missing
   replace:
     dest: /var/www/index.html
     regexp: '"/server-status-?"'
     replace: '"/server-status-{{ apache_serverstatus_suffix }}"'
-  when: not ansible_check_mode
 
 - name: add server-status suffix in default VHost
   replace:
@@ -57,14 +53,12 @@
     regexp: '<Location /server-status-?>'
     replace: '<Location /server-status-{{ apache_serverstatus_suffix }}>'
   notify: reload apache
-  when: not ansible_check_mode
 
 - name: Munin configuration has a section for apache
   lineinfile:
     dest: /etc/munin/plugin-conf.d/munin-node
     line: "[apache_*]"
     create: no
-  when: not ansible_check_mode
 
 - name: apache-status URL is configured for Munin
   lineinfile:
@@ -74,4 +68,3 @@
     insertafter: "[apache_*]"
     create: no
   notify: restart munin-node
-  when: not ansible_check_mode

etc-git/tasks/main.yml

@@ -8,7 +8,6 @@
     - etc-git
   when: 
     - ansible_distribution == "Debian"
-    - not ansible_check_mode
 
 - name: Install and configure utilities
   include: utils.yml
@@ -19,6 +18,4 @@
   include: repositories.yml
   tags:
     - etc-git
-  when:
-    - etc_git_config_repositories | bool
-    - not ansible_check_mode
+  when: etc_git_config_repositories | bool

etc-git/tasks/repositories.yml

@@ -34,4 +34,4 @@
     - _usr_share_scripts.stat.isdir
     - ansible_distribution_major_version is version('10', '>=')
   tags:
-    - etc-git
+    - etc-git

etc-git/tasks/repository.yml

@@ -22,7 +22,6 @@
     value: "root@{{ ansible_fqdn | default('localhost') }}"
   tags:
     - etc-git
-  when: not ansible_check_mode
 
 - name: "{{ repository_path }}/.git is restricted to root"
   file:
@@ -50,7 +49,6 @@
   loop: "{{ gitignore_items | default([]) }}"
   tags:
     - etc-git
-  when: not ansible_check_mode
 
 - name: "does {{ repository_path }}/ have any commit?"
   command: "git log"
@@ -72,4 +70,4 @@
   register: git_commit
   when: git_log.rc != 0 or (git_init is defined and git_init is changed)
   tags:
-    - etc-git
+    - etc-git

evoacme/handlers/main.yml

@@ -1,17 +1,14 @@
 - name: newaliases
   command: newaliases
-  when: not ansible_check_mode
 
 - name: Test Apache conf
   command: apache2ctl -t
   notify: "Reload Apache conf"
-  when: not ansible_check_mode
 
 - name: reload apache2
   service:
     name: apache2
     state: reloaded
-  when: not ansible_check_mode
 
 - name: apt update
   apt:
@@ -21,10 +18,8 @@
   service:
     name: squid3
     state: reloaded
-  when: not ansible_check_mode
 
 - name: reload squid
   service:
     name: squid
     state: reloaded
-  when: not ansible_check_mode

evocheck/tasks/exec.yml

@@ -10,8 +10,6 @@
 
 - debug:
     var: evocheck_run.stdout_lines
-  when:
-    - not ansible_check_mode
-    - evocheck_run.stdout | length > 0
+  when: evocheck_run.stdout | length > 0
   tags:
   - evocheck-exec

evolinux-base/tasks/default_www.yml

@@ -38,7 +38,6 @@
         owner: root
         group: ssl-cert
         mode: "0640"
-      when: not ansible_check_mode
 
     - name: Create certificate for default site
       command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt

evolinux-base/tasks/hardware.yml

@@ -43,9 +43,7 @@
     state: present
   tags:
     - packages
-  when:
-    - ansible_virtualization_role == "host"
-    - not ansible_check_mode
+  when: ansible_virtualization_role == "host"
 
 ## RAID
 # Dell and others: MegaRAID SAS
@@ -110,7 +108,6 @@
         name: ssacli
       tags:
         - packages
-      when: not ansible_check_mode
   when:
     - "'Hewlett-Packard Company Smart Array' in raidmodel.stdout"
     - "'Adaptec Smart Storage PQI' in raidmodel.stdout"
@@ -137,7 +134,6 @@
         state: present
       tags:
         - packages
-      when: not ansible_check_mode
 
     - name: cciss-vol-statusd init script is present (HP gen <10)
       template:
@@ -250,7 +246,6 @@
         allow_unauthenticated: yes
       tags:
         - packages
-      when: not ansible_check_mode
 
     - name: Configure packages for DELL/LSI hardware
       template:
@@ -268,7 +263,6 @@
       tags:
         - packages
         - config
-      when: not ansible_check_mode
   when:
     - "'MegaRAID' in raidmodel.stdout"
     - evolinux_packages_hardware_raid | bool

evolinux-base/tasks/log2mail.yml

@@ -16,7 +16,6 @@
     daemon-reload: yes
     state: started
     enabled: yes
-  when: not ansible_check_mode
 
 - name: log2mail config is present
   blockinfile:
@@ -33,5 +32,4 @@
   notify: restart log2mail
   tags:
     - log2mail
-  when: not ansible_check_mode
 

evolinux-base/tasks/packages.yml

@@ -89,9 +89,7 @@
   apt:
     name: serveur-base
     allow_unauthenticated: yes
-  when: 
-    - evolinux_packages_serveur_base | bool
-    - not ansible_check_mode
+  when: evolinux_packages_serveur_base | bool
 
 - name: Install/Update packages for Stretch and later
   apt:

evolinux-base/tasks/postfix.yml

@@ -20,7 +20,6 @@
   notify: reload postfix
   tags:
     - postfix
-  when: not ansible_check_mode
 
 - name: configure postfix mynetworks
   lineinfile:
@@ -31,7 +30,6 @@
   notify: reload postfix
   tags:
     - postfix
-  when: not ansible_check_mode
 
 - name: fetch users list
   shell: "set -o pipefail && getent passwd | cut -d':' -f 1 | grep -v root"
@@ -50,9 +48,7 @@
     line: "{{ item }}: root"
   loop: "{{ non_root_users_list.stdout_lines }}"
   notify: newaliases
-  when:
-    - evolinux_postfix_users_alias_root | bool
-    - not ansible_check_mode
+  when: evolinux_postfix_users_alias_root | bool
   tags:
     - postfix
 
@@ -69,9 +65,7 @@
     - error
     - bounce
   notify: newaliases
-  when:
-    - evolinux_postfix_mailer_alias_root | bool
-    - not ansible_check_mode
+  when: evolinux_postfix_mailer_alias_root | bool
   tags:
     - postfix
 
@@ -81,9 +75,7 @@
     regexp: "^root:"
     line: "root: {{ postfix_alias_email or general_alert_email | mandatory }}"
   notify: newaliases
-  when:
-    - evolinux_postfix_root_alias | bool
-    - not ansible_check_mode
+  when: evolinux_postfix_root_alias | bool
   tags:
     - postfix
 

evolinux-users/tasks/user.yml

@@ -160,9 +160,7 @@
     dest: '/home/{{ user.name }}/.profile'
     insertafter: EOF
     line: 'trap "sudo /usr/share/scripts/evomaintenance.sh" 0'
-  when:
-    - grep_profile_evomaintenance.rc != 0
-    - not ansible_check_mode
+  when: grep_profile_evomaintenance.rc != 0
 
 # SSH keys
 
@@ -194,6 +192,5 @@
   when:
     - user.ssh_keys is defined
     - user.ssh_keys | length > 0
-    - not ansible_check_mode
 
 - meta: flush_handlers

haproxy/handlers/main.yml

@@ -3,16 +3,13 @@
   service:
     name: haproxy
     state: reloaded
-  when: not ansible_check_mode
 
 - name: restart haproxy
   service:
     name: haproxy
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart munin-node
   service:
     name: munin-node
     state: restarted
-  when: not ansible_check_mode

haproxy/tasks/main.yml

@@ -123,7 +123,6 @@
   tags:
     - haproxy
     - logrotate
-  when: not ansible_check_mode
 
 - name: Rotate logs with nodelaycompress
   lineinfile:
@@ -134,7 +133,6 @@
   tags:
     - haproxy
     - logrotate
-  when: not ansible_check_mode
 
 - name: Set net.ipv4.ip_nonlocal_bind
   sysctl:

lxc-php/tasks/php74.yml

@@ -10,7 +10,6 @@
     dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
     regexp: 'bullseye/updates'
     replace: 'bullseye-security'
-  when: not ansible_check_mode
 
 - name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
   template:

lxc-php/tasks/php80.yml

@@ -10,7 +10,6 @@
     dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
     regexp: 'bullseye/updates'
     replace: 'bullseye-security'
-  when: not ansible_check_mode
 
 - name: "{{ lxc_php_version }} - Add sury repo"
   lineinfile:

lxc-php/tasks/php81.yml

@@ -10,7 +10,6 @@
     dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
     regexp: 'bullseye/updates'
     replace: 'bullseye-security'
-  when: not ansible_check_mode
 
 - name: "{{ lxc_php_version }} - Add sury repo"
   lineinfile:

lxc/tasks/create-container.yml

@@ -4,7 +4,6 @@
   changed_when: false
   check_mode: no
   register: container_exists
-  when: not ansible_check_mode
 
 - name: "Create container {{ name }}"
   lxc_container:
@@ -13,26 +12,20 @@
     template: debian
     state: stopped
     template_options: "--arch amd64 --release {{ release }}"
-  when:
-    - container_exists.stdout_lines | length == 0
-    - not ansible_check_mode
+  when: container_exists.stdout_lines | length == 0
 
 - name: "Disable network configuration inside container {{ name }}"
   replace:
     name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/networking"
     regexp: "^#CONFIGURE_INTERFACES=yes"
     replace: CONFIGURE_INTERFACES=no
-  when:
-    - lxc_network_type == "none"
-    - not ansible_check_mode
+  when: lxc_network_type == "none"
 
 - name: "Disable interface shut down on halt inside container {{ name }} (Jessie container)"
   lineinfile:
     name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/halt"
     line: "NETDOWN=no"
-  when:
-    - lxc_network_type == "none" and release == "jessie"
-    - not ansible_check_mode
+  when: lxc_network_type == "none" and release == "jessie"
 
 - name: "Make the container {{ name }} poweroff on SIGPWR sent by lxc-stop (Jessie container)"
   file:
@@ -51,16 +44,13 @@
   lineinfile:
     name: "/var/lib/lxc/{{ name }}/rootfs/etc/hosts"
     line: "127.0.0.1 {{ name }}"
-  when: not ansible_check_mode
 
 - name: "Fix permission on /dev for container {{ name }}"
   lineinfile:
     name: "/var/lib/lxc/{{ name }}/rootfs/etc/rc.local"
     line: "chmod 755 /dev"
     insertbefore: "^exit 0$"
-  when:
-    - release == 'jessie'
-    - not ansible_check_mode
+  when: release == 'jessie'
 
 - name: "Ensure that {{ name }} container is running"
   lxc_container:

lxc/tasks/main.yml

@@ -48,7 +48,6 @@
   changed_when: false
   check_mode: no
   register: check_fs_options
-  when: not ansible_check_mode
 
 - name: Check if options are correct
   assert:
@@ -57,7 +56,6 @@
       - "'noexec' not in check_fs_options.stdout"
       - "'nosuid' not in check_fs_options.stdout"
     msg: "LXC directory is in a filesystem with incompatible options"
-  when: not ansible_check_mode
 
 - name: Create containers
   include: create-container.yml

minifirewall/tasks/config.yml

@@ -30,7 +30,6 @@
     line: "# BEGIN ANSIBLE MANAGED BLOCK FOR IPS"
     insertbefore: '^# Main interface'
     create: no
-  when: not ansible_check_mode
 
 - name: End marker for IP addresses
   lineinfile:
@@ -38,7 +37,6 @@
     create: no
     line: "# END ANSIBLE MANAGED BLOCK FOR IPS"
     insertafter: '^PRIVILEGIEDIPS='
-  when: not ansible_check_mode
 
 - name: Verify that at least 1 trusted IP is provided
   assert:
@@ -86,7 +84,6 @@
       PRIVILEGIEDIPS='{{ minifirewall_privilegied_ips | join(' ') }}'
     create: no
   register: minifirewall_config_ips
-  when: not ansible_check_mode
 
 - name: Begin marker for ports
   lineinfile:
@@ -94,7 +91,6 @@
     line: "# BEGIN ANSIBLE MANAGED BLOCK FOR PORTS"
     insertbefore: '^# Protected services'
     create: no
-  when: not ansible_check_mode
 
 - name: End marker for ports
   lineinfile:
@@ -102,7 +98,6 @@
     line: "# END ANSIBLE MANAGED BLOCK FOR PORTS"
     insertafter: '^SERVICESUDP3='
     create: no
-  when: not ansible_check_mode
 
 - name: Configure ports
   blockinfile:
@@ -127,7 +122,6 @@
       SERVICESUDP3='{{ minifirewall_private_ports_udp | join(' ') }}'
     create: no
   register: minifirewall_config_ports
-  when: not ansible_check_mode
 
 - name: Configure DNSSERVEURS
   lineinfile:
@@ -199,9 +193,7 @@
     line: "PROXY='{{ minifirewall_proxy }}'"
     regexp: "PROXY=('|\").*('|\")"
     create: no
-  when:
-    - minifirewall_proxy is not none
-    - not ansible_check_mode
+  when: minifirewall_proxy is not none
 
 - name: Configure PROXYPORT
   lineinfile:
@@ -209,9 +201,7 @@
     line: "PROXYPORT='{{ minifirewall_proxyport }}'"
     regexp: "PROXYPORT=('|\").*('|\")"
     create: no
-  when:
-    - minifirewall_proxyport is not none
-    - not ansible_check_mode
+  when: minifirewall_proxyport is not none
 
 # Warning: keep double quotes for the value,
 # since we often reference a shell variable that needs to be interpolated
@@ -221,9 +211,7 @@
     line: "PROXYBYPASS=\"{{ minifirewall_proxybypass | join(' ') }}\""
     regexp: "PROXYBYPASS=('|\").*('|\")"
     create: no
-  when:
-    - minifirewall_proxyport is not none
-    - not ansible_check_mode
+  when: minifirewall_proxybypass is not none
 
 - name: Configure BACKUPSERVERS
   lineinfile:
@@ -231,9 +219,7 @@
     line: "BACKUPSERVERS='{{ minifirewall_backupservers | join(' ') }}'"
     regexp: "BACKUPSERVERS=('|\").*('|\")"
     create: no
-  when:
-    - minifirewall_backupservers is not none
-    - not ansible_check_mode
+  when: minifirewall_backupservers is not none
 
 - name: Configure SYSCTL_ICMP_ECHO_IGNORE_BROADCASTS
   lineinfile:

munin/handlers/main.yml

@@ -4,14 +4,12 @@
   service:
     name: munin-node
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart munin_node
   service:
     name: munin_node
     state: restarted
-  when: not ansible_check_mode
 
 - name: systemd daemon-reload
   systemd:
-    daemon_reload: yes
+    daemon_reload: yes

munin/tasks/main.yml

@@ -32,9 +32,7 @@
       removes: /var/lib/munin/localdomain
     notify: restart munin-node
 
-  when:
-    - not ansible_hostname == "localdomain"
-    - not ansible_check_mode
+  when: not ansible_hostname == "localdomain"
   tags:
     - munin
 
@@ -81,7 +79,6 @@
   notify: restart munin-node
   tags:
     - munin
-  when: not ansible_check_mode
 
 - name: Enable sensors_ plugin on dedicated hardware
   file:
@@ -95,7 +92,6 @@
   notify: restart munin-node
   tags:
     - munin
-  when: not ansible_check_mode
 
 - name: Enable ipmi_ plugin on dedicated hardware
   file:
@@ -109,7 +105,6 @@
     - temp
     - power
     - volts
-  when: not ansible_check_mode
 
 - name: adjustments for grsec kernel
   blockinfile:

mysql/tasks/datadir.yml

@@ -43,4 +43,3 @@
     - mysql_custom_datadir | length > 0
     - mysql_custom_datadir != mysql_current_real_datadir_test.stdout
     - not mysql_custom_datadir_test.stat.exists
-    - not ansible_check_mode

mysql/tasks/logdir.yml

@@ -43,4 +43,3 @@
     - mysql_custom_logdir | length > 0
     - mysql_custom_logdir != mysql_current_real_logdir_test.stdout
     - not mysql_custom_logdir_test.stat.exists
-    - not ansible_check_mode

mysql/tasks/packages_jessie.yml

@@ -42,7 +42,6 @@
   tags:
   - mysql
   - services
-  when: not ansible_check_mode
 
 - name: apg package is installed
   apt:

mysql/tasks/packages_stretch.yml

@@ -28,7 +28,6 @@
   tags:
   - mysql
   - services
-  when: not ansible_check_mode
 
 - name: apg package is installed
   apt:
@@ -58,4 +57,4 @@
   tags:
     - mysql
     - packages
-  when: ansible_python_version is version('3', '>=')
+  when: ansible_python_version is version('3', '>=')

mysql/tasks/utils.yml

@@ -155,9 +155,7 @@
     src: "{{ _mysql_scripts_dir }}/mysql-optimize.sh"
     dest: /etc/cron.{{ mysql_cron_optimize_frequency | mandatory }}/mysql-optimize.sh
     state: link
-  when:
-    - mysql_cron_optimize | bool
-    - not ansible_check_mode
+  when: mysql_cron_optimize | bool
   tags:
     - mysql
 
@@ -250,4 +248,4 @@
     mode: "0755"
     force: no
   tags:
-    - mysql
+    - mysql

nagios-nrpe/handlers/main.yml

@@ -4,10 +4,8 @@
   service:
     name: nagios-nrpe-server
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart nrpe
   service:
     name: nrpe
     state: restarted
-  when: not ansible_check_mode

ntpd/tasks/main.yml

@@ -21,4 +21,3 @@
   notify: restart ntp
   tags:
   - ntp
-  when: not ansible_check_mode

packweb-apache/tasks/apache.yml

@@ -14,9 +14,7 @@
     block: |
       # Used for Evoadmin-web
       export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-  when:
-    - envvar_grep_path.rc != 0
-    - not ansible_check_mode
+  when: envvar_grep_path.rc != 0
 
 - name: Additional packages are installed
   apt:
@@ -36,7 +34,6 @@
     - negotiation
     - alias
     - log_forensic
-  when: not ansible_check_mode
 
 - name: Copy Apache settings for modules
   copy:
@@ -63,4 +60,3 @@
   loop:
     - evolinux-evasive
     - evolinux-modsec
-  when: not ansible_check_mode

packweb-apache/tasks/awstats.yml

@@ -22,7 +22,6 @@
       AllowFullYearView=3
       ErrorMessages="An error occured. Contact your Administrator"
     mode: "0644"
-  when: not ansible_check_mode
 
 - name: Create conf-available/awstats-icon.conf file
   copy:
@@ -40,7 +39,6 @@
   register: command_result
   changed_when: "'Enabling' in command_result.stderr"
   notify: reload apache
-  when: not ansible_check_mode
 
 - name: Create awstats cron
   lineinfile:
@@ -48,7 +46,6 @@
     create: yes
     regexp: '-config=awstats'
     line: "10 */6 * * * root umask 033; [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache2/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null"
-  when: not ansible_check_mode
 
 - name: Comment default awstat cron's tasks
   lineinfile:
@@ -57,4 +54,3 @@
     line: '#\1'
     backrefs: yes
     state: present
-  when: not ansible_check_mode

packweb-apache/tasks/main.yml

@@ -26,7 +26,6 @@
     dest: /var/www/index.html
     line: '            <li><a href="/info.php">Infos PHP</a></li>'
     regexp: "Infos PHP"
-  when: not ansible_check_mode
 
 - name: install opcache.php
   copy:
@@ -39,7 +38,6 @@
     dest: /var/www/index.html
     line: '            <li><a href="/opcache.php">Infos OpCache PHP</a></li>'
     regexp: "Infos OpCache PHP"
-  when: not ansible_check_mode
 
 - name: Add elements to user account template
   file:
@@ -66,7 +64,6 @@
   loop:
     - access.log
     - error.log
-  when: not ansible_check_mode
 
 - name: "Install userlogrotate (jessie)"
   copy:

packweb-apache/tasks/multiphp.yml

@@ -5,7 +5,6 @@
     state: present
     name: proxy_fcgi
   notify: restart apache2
-  when: not ansible_check_mode
 
 - include_role:
     name: remount-usr

packweb-apache/tasks/phpmyadmin.yml

@@ -65,12 +65,10 @@
   changed_when: False
   check_mode: no
   register: new_packweb_phpmyadmin_suffix
-  when: not ansible_check_mode
 
 - name: overwrite packweb_phpmyadmin_suffix
   set_fact:
     packweb_phpmyadmin_suffix: "{{ new_packweb_phpmyadmin_suffix.stdout }}"
-  when: not ansible_check_mode
 
 - debug:
     var: packweb_phpmyadmin_suffix
@@ -88,18 +86,15 @@
           Require all denied
           Include /etc/apache2/ipaddr_whitelist.conf
       </Directory>
-  when: not ansible_check_mode
 
 - name: enable phpmyadmin link in default site index
   replace:
     dest: /var/www/index.html
     regexp:  '<!-- <li><a href="/phpmyadmin-__PHPMYADMIN_SUFFIX__/">Accès PhpMyAdmin</a></li> -->'
     replace: '     <li><a href="/phpmyadmin-__PHPMYADMIN_SUFFIX__/">Accès PhpMyAdmin</a></li>'
-  when: not ansible_check_mode
 
 - name: replace phpmyadmin suffix in default site index
   replace:
     dest: /var/www/index.html
     regexp: '__PHPMYADMIN_SUFFIX__'
     replace: "{{ packweb_phpmyadmin_suffix }}"
-  when: not ansible_check_mode

php/handlers/main.yml

@@ -4,28 +4,23 @@
   service:
     name: php5-fpm
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart php7.0-fpm
   service:
     name: php7.0-fpm
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart php7.3-fpm
   service:
     name: php7.3-fpm
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart php7.4-fpm
   service:
     name: php7.4-fpm
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart php8.1-fpm
   service:
     name: php8.1-fpm
     state: restarted
-  when: not ansible_check_mode

php/tasks/config_cli.yml

@@ -25,7 +25,6 @@
   file:
     dest: "{{ php_cli_custom_ini_file }}"
     mode: "0644"
-  when: not ansible_check_mode
 
 - name: "Set custom values for PHP to enable Symfony"
   ini_file:
@@ -36,6 +35,4 @@
     mode: "0644"
   loop:
     - { option: "date.timezone", value: "Europe/Paris" }
-  when:
-    - php_symfony_requirements | bool
-    - not ansible_check_mode
+  when: php_symfony_requirements | bool

php/tasks/main_bookworm.yml

@@ -79,14 +79,12 @@
   with_items:
     - /etc/php
     - /etc/php/{{ php_version }}
-  when: not ansible_check_mode
 
 - include: config_cli.yml
 - name: "Enforce permissions on PHP cli directory (Debian 12)"
   file:
     dest: /etc/php/{{ php_version }}/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_fpm.yml
   when: php_fpm_enable
@@ -95,9 +93,7 @@
   file:
     dest: /etc/php/{{ php_version }}/fpm
     mode: "0755"
-  when:
-    - php_fpm_enable
-    - not ansible_check_mode
+  when: php_fpm_enable
 
 - include: config_apache.yml
   when: php_apache_enable
@@ -106,9 +102,7 @@
   file:
     dest: /etc/php/{{ php_version }}/apache2
     mode: "0755"
-  when:
-    - php_apache_enable
-    - not ansible_check_mode
+  when: php_apache_enable
 
 - include: sury_post.yml
   when: php_sury_enable

php/tasks/main_bullseye.yml

@@ -68,14 +68,12 @@
   with_items:
     - /etc/php
     - /etc/php/7.4
-  when: not ansible_check_mode
 
 - include: config_cli.yml
 - name: "Enforce permissions on PHP cli directory (Debian 11)"
   file:
     dest: /etc/php/7.4/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_fpm.yml
   when: php_fpm_enable
@@ -84,9 +82,7 @@
   file:
     dest: /etc/php/7.4/fpm
     mode: "0755"
-  when: 
-    - php_fpm_enable
-    - not ansible_check_mode
+  when: php_fpm_enable
 
 - include: config_apache.yml
   when: php_apache_enable
@@ -95,9 +91,7 @@
   file:
     dest: /etc/php/7.4/apache2
     mode: "0755"
-  when: 
-    - php_apache_enable
-    - not ansible_check_mode
+  when: php_apache_enable
 
 - include: sury_post.yml
   when: php_sury_enable

php/tasks/main_buster.yml

@@ -68,14 +68,12 @@
   loop:
     - /etc/php
     - /etc/php/7.3
-  when: not ansible_check_mode
 
 - include: config_cli.yml
 - name: "Enforce permissions on PHP cli directory (Debian 10)"
   file:
     dest: /etc/php/7.3/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_fpm.yml
   when: php_fpm_enable | bool
@@ -84,9 +82,7 @@
   file:
     dest: /etc/php/7.3/fpm
     mode: "0755"
-  when:
-    - php_fpm_enable | bool
-    - not ansible_check_mode
+  when: php_fpm_enable | bool
 
 - include: config_apache.yml
   when: php_apache_enable | bool
@@ -95,9 +91,7 @@
   file:
     dest: /etc/php/7.3/apache2
     mode: "0755"
-  when:
-    - php_apache_enable | bool
-    - not ansible_check_mode
+  when: php_apache_enable | bool
 
 - include: sury_post.yml
   when: php_sury_enable | bool

php/tasks/main_jessie.yml

@@ -56,7 +56,6 @@
   file:
     dest: /etc/php5
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_cli.yml
 
@@ -64,7 +63,6 @@
   file:
     dest: /etc/php5/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_fpm.yml
   when: php_fpm_enable | bool
@@ -73,9 +71,7 @@
   file:
     dest: /etc/php5/fpm
     mode: "0755"
-  when:
-    - php_fpm_enable | bool
-    - not ansible_check_mode
+  when: php_fpm_enable | bool
 
 - include: config_apache.yml
   when: php_apache_enable | bool
@@ -84,6 +80,4 @@
   file:
     dest: /etc/php5/apache2
     mode: "0755"
-  when:
-    - php_apache_enable | bool
-    - not ansible_check_mode
+  when: php_apache_enable | bool

php/tasks/main_stretch.yml

@@ -68,7 +68,6 @@
   loop:
     - /etc/php
     - /etc/php/7.0
-  when: not ansible_check_mode
 
 - include: config_cli.yml
 
@@ -76,7 +75,6 @@
   file:
     dest: /etc/php/7.0/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - include: config_fpm.yml
   when: php_fpm_enable | bool
@@ -85,9 +83,7 @@
   file:
     dest: /etc/php/7.0/fpm
     mode: "0755"
-  when:
-    - php_fpm_enable | bool
-    - not ansible_check_mode
+  when: php_fpm_enable | bool
 
 - include: config_apache.yml
   when: php_apache_enable | bool
@@ -96,9 +92,7 @@
   file:
     dest: /etc/php/7.0/apache2
     mode: "0755"
-  when:
-    - php_apache_enable | bool
-    - not ansible_check_mode
+  when: php_apache_enable | bool
 
 - include: sury_post.yml
   when: php_sury_enable | bool

php/tasks/sury_post.yml

@@ -14,7 +14,6 @@
   file:
     dest: /etc/php/7.4/cli
     mode: "0755"
-  when: not ansible_check_mode
 
 - name: Symlink Evolix Apache config files from 7.4 to 7.0
   file:
@@ -31,9 +30,7 @@
   file:
     dest: /etc/php/7.4/apache2
     mode: "0755"
-  when:
-    - php_apache_enable | bool
-    - not ansible_check_mode
+  when: php_apache_enable | bool
 
 - name: Symlink Evolix FPM config files from 7.4 to 7.0
   file:
@@ -52,6 +49,4 @@
   file:
     dest: /etc/php/7.4/fpm
     mode: "0755"
-  when:
-    - php_fpm_enable | bool
-    - not ansible_check_mode
+  when: php_fpm_enable | bool

proftpd/handlers/main.yml

@@ -3,4 +3,3 @@
   service:
     name: proftpd
     state: restarted
-  when: not ansible_check_mode

proftpd/tasks/main.yml

@@ -70,7 +70,6 @@
   notify: restart proftpd
   tags:
     - proftpd
-  when: not ansible_check_mode
 
 - name: Put empty vpasswd file if missing
   copy:
@@ -93,7 +92,6 @@
   notify: restart proftpd
   tags:
     - proftpd
-  when: not ansible_check_mode
 
 - include: accounts.yml
   when: proftpd_accounts | length > 0

squid/handlers/main.yml

@@ -3,38 +3,31 @@
   service:
     name: munin-node
     state: restarted
-  when: not ansible_check_mode
 
 - name: restart squid