From 1c48df025c3147f47949e3fa215804537578e553 Mon Sep 17 00:00:00 2001 From: Victor LABORIE Date: Tue, 7 Nov 2017 12:18:02 +0100 Subject: [PATCH] Move /usr rw remount into remount-usr role --- apache/tasks/main.yml | 5 +++- apache/tasks/remount_usr_rw.yml | 12 ---------- drbd/tasks/nagios.yml | 19 ++------------- evoacme/tasks/certbot.yml | 18 ++------------ evocheck/tasks/install_local.yml | 3 ++- evocheck/tasks/remount_usr_rw.yml | 19 --------------- evolinux-base/tasks/remount_usr_rw.yml | 19 --------------- evolinux-base/tasks/system.yml | 3 ++- filebeat/tasks/main.yml | 24 ++----------------- generate-ldif/tasks/main.yml | 3 ++- generate-ldif/tasks/remount_usr_rw.yml | 19 --------------- kibana/tasks/main.yml | 12 ++-------- kibana/tasks/remount_usr_rw.yml | 19 --------------- kvm-host/tasks/main.yml | 17 ++----------- mysql/tasks/remount_usr_rw.yml | 19 --------------- mysql/tasks/utils.yml | 9 ++++--- nagios-nrpe/tasks/main.yml | 3 ++- nagios-nrpe/tasks/remount_usr_rw.yml | 19 --------------- opendkim/tasks/main.yml | 21 ++-------------- postfix/tasks/packmail.yml | 15 ++---------- redis/tasks/munin.yml | 21 ++++------------ remount-usr/handlers/main.yml | 6 +++++ remount-usr/tasks/main.yml | 16 +++++++++++++ spamassasin/tasks/main.yml | 15 ++---------- tomcat/tasks/nagios.yml | 17 ++----------- varnish/tasks/munin.yml | 4 +++- varnish/tasks/remount_usr_rw.yml | 19 --------------- .../evoadmin-mail/tasks/remount_usr_rw.yml | 15 ------------ webapps/evoadmin-mail/tasks/user.yml | 3 ++- webapps/evoadmin-web/tasks/remount_usr_rw.yml | 19 --------------- webapps/evoadmin-web/tasks/user.yml | 3 ++- 31 files changed, 69 insertions(+), 347 deletions(-) delete mode 100644 apache/tasks/remount_usr_rw.yml delete mode 100644 evocheck/tasks/remount_usr_rw.yml delete mode 100644 evolinux-base/tasks/remount_usr_rw.yml delete mode 100644 generate-ldif/tasks/remount_usr_rw.yml delete mode 100644 kibana/tasks/remount_usr_rw.yml delete mode 100644 mysql/tasks/remount_usr_rw.yml delete mode 100644 nagios-nrpe/tasks/remount_usr_rw.yml create mode 100644 remount-usr/handlers/main.yml create mode 100644 remount-usr/tasks/main.yml delete mode 100644 varnish/tasks/remount_usr_rw.yml delete mode 100644 webapps/evoadmin-mail/tasks/remount_usr_rw.yml delete mode 100644 webapps/evoadmin-web/tasks/remount_usr_rw.yml diff --git a/apache/tasks/main.yml b/apache/tasks/main.yml index 35ffcf44..3820fad2 100644 --- a/apache/tasks/main.yml +++ b/apache/tasks/main.yml @@ -131,7 +131,10 @@ tags: - apache -- include: remount_usr_rw.yml +- include_role: + name: remount-usr + tags: + - apache - name: "Install save_apache_status.sh" copy: diff --git a/apache/tasks/remount_usr_rw.yml b/apache/tasks/remount_usr_rw.yml deleted file mode 100644 index 1f6d064d..00000000 --- a/apache/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: update ansible_mounts facts - setup: - filter: ansible_mounts - -- name: mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: false - when: item.mount == '/usr' and item.options | match(".*ro.*") - with_items: "{{ ansible_mounts }}" diff --git a/drbd/tasks/nagios.yml b/drbd/tasks/nagios.yml index 5ce44d7c..91b06c57 100644 --- a/drbd/tasks/nagios.yml +++ b/drbd/tasks/nagios.yml @@ -8,23 +8,8 @@ tags: - drbd -- name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - register: usr_partition - check_mode: no - tags: - - drbd - -- name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 and nagios_plugins_dir.stat.exists +- include_role: + name: remount-usr tags: - drbd diff --git a/evoacme/tasks/certbot.yml b/evoacme/tasks/certbot.yml index 88f0eb5b..f01cc668 100644 --- a/evoacme/tasks/certbot.yml +++ b/evoacme/tasks/certbot.yml @@ -20,22 +20,8 @@ name: certbot state: latest -- name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - check_mode: no - - register: usr_partition - -- name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 +- include_role: + name: remount-usr - name: Remove certbot symlink for apt install file: diff --git a/evocheck/tasks/install_local.yml b/evocheck/tasks/install_local.yml index d98ce0ae..7c0580c1 100644 --- a/evocheck/tasks/install_local.yml +++ b/evocheck/tasks/install_local.yml @@ -1,5 +1,6 @@ --- -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: evocheck_bin_dir | search ("/usr") - name: Scripts dir is present diff --git a/evocheck/tasks/remount_usr_rw.yml b/evocheck/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/evocheck/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/evolinux-base/tasks/remount_usr_rw.yml b/evolinux-base/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/evolinux-base/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/evolinux-base/tasks/system.yml b/evolinux-base/tasks/system.yml index 6ffee396..4ef08fa3 100644 --- a/evolinux-base/tasks/system.yml +++ b/evolinux-base/tasks/system.yml @@ -33,7 +33,8 @@ # TODO : find a way to force the console-data configuration # non-interactively (like tzdata ↑) -- include: remount_usr_rw.yml +- include_role: + name: remount-usr - name: Ensure automagic vim conf is disabled lineinfile: diff --git a/filebeat/tasks/main.yml b/filebeat/tasks/main.yml index 5029d6d4..7938ce78 100644 --- a/filebeat/tasks/main.yml +++ b/filebeat/tasks/main.yml @@ -59,31 +59,11 @@ when: filebeat_logstash_plugin and logstash_plugin.stat.exists - block: - - name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - check_mode: no - register: usr_partition - - - name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 + - include_role: + name: remount-usr - name: Logstash plugin is installed command: /usr/share/logstash/bin/logstash-plugin install logstash-input-beats - - - name: /usr is remounted - command: mount -oremount /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 when: - filebeat_logstash_plugin - logstash_plugin.stat.exists diff --git a/generate-ldif/tasks/main.yml b/generate-ldif/tasks/main.yml index 03b9505e..35da06be 100644 --- a/generate-ldif/tasks/main.yml +++ b/generate-ldif/tasks/main.yml @@ -1,5 +1,6 @@ --- -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: general_scripts_dir | search("/usr") - name: "copy generateldif.sh" diff --git a/generate-ldif/tasks/remount_usr_rw.yml b/generate-ldif/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/generate-ldif/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/kibana/tasks/main.yml b/kibana/tasks/main.yml index 9e0d6ce6..475aa9ce 100644 --- a/kibana/tasks/main.yml +++ b/kibana/tasks/main.yml @@ -58,10 +58,8 @@ when: not ansible_check_mode - block: - - name: Remount /usr as writable - command: "mount -o remount,rw /usr" - args: - warn: no + - include_role: + name: remount-usr - name: Move kibana optimize directory shell: "mv /usr/share/kibana/optimize /var/lib/kibana/optimize && ln -s /var/lib/kibana/optimize /usr/share/kibana/optimize" @@ -69,11 +67,5 @@ creates: /var/lib/kibana/optimize notify: restart kibana - - name: Remount /usr as read-only - command: "mount -o remount /usr" - args: - warn: no - when: mount.rc == 0 and not mount.stdout_lines.0 | search("rw") - - include: proxy_nginx.yml when: kibana_proxy_nginx diff --git a/kibana/tasks/remount_usr_rw.yml b/kibana/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/kibana/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/kvm-host/tasks/main.yml b/kvm-host/tasks/main.yml index cb0040f4..9fc73e93 100644 --- a/kvm-host/tasks/main.yml +++ b/kvm-host/tasks/main.yml @@ -5,21 +5,8 @@ - include: packages.yml -- name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - check_mode: no - register: usr_partition - -- name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 +- include_role: + name: remount-usr - name: Copy add-vm script get_url: diff --git a/mysql/tasks/remount_usr_rw.yml b/mysql/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/mysql/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/mysql/tasks/utils.yml b/mysql/tasks/utils.yml index d0fe71a8..0f0ad068 100644 --- a/mysql/tasks/utils.yml +++ b/mysql/tasks/utils.yml @@ -48,7 +48,8 @@ # mysqltuner -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: (mysql_scripts_dir or general_scripts_dir) | search ("/usr") - name: Install mysqltuner @@ -71,7 +72,8 @@ # automatic optimizations -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: (mysql_scripts_dir or general_scripts_dir) | search ("/usr") - name: Optimize script for MySQL @@ -133,7 +135,8 @@ # my-add.sh -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: (mysql_scripts_dir or general_scripts_dir) | search ("/usr") - name: Install my-add.sh diff --git a/nagios-nrpe/tasks/main.yml b/nagios-nrpe/tasks/main.yml index b52d0425..d0298c6c 100644 --- a/nagios-nrpe/tasks/main.yml +++ b/nagios-nrpe/tasks/main.yml @@ -28,7 +28,8 @@ state: directory notify: restart nagios-nrpe-server -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: nagios_plugins_directory | search ("/usr") tags: - nagios-plugins diff --git a/nagios-nrpe/tasks/remount_usr_rw.yml b/nagios-nrpe/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/nagios-nrpe/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/opendkim/tasks/main.yml b/opendkim/tasks/main.yml index d491cd39..8c81b686 100644 --- a/opendkim/tasks/main.yml +++ b/opendkim/tasks/main.yml @@ -66,25 +66,8 @@ tags: - opendkim -- name: check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - register: usr_partition - check_mode: no - tags: - - opendkim - -- name: mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 - tags: - - opendkim +- include_role: + name: remount-usr - name: deploy opendkim-add.sh script copy: diff --git a/postfix/tasks/packmail.yml b/postfix/tasks/packmail.yml index 69d41581..3ffd096f 100644 --- a/postfix/tasks/packmail.yml +++ b/postfix/tasks/packmail.yml @@ -87,19 +87,8 @@ tags: - postfix -- name: update ansible_mounts facts - setup: - filter: ansible_mounts - tags: - - postfix - -- name: mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: false - when: item.mount == '/usr' and item.options | match(".*ro.*") - with_items: "{{ ansible_mounts }}" +- include_role: + name: remount-usr tags: - postfix diff --git a/redis/tasks/munin.yml b/redis/tasks/munin.yml index 74676e07..6837edb3 100644 --- a/redis/tasks/munin.yml +++ b/redis/tasks/munin.yml @@ -6,23 +6,10 @@ tags: - redis -- name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - check_mode: no - register: usr_partition - tags: redis - -- name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 - tags: redis +- include_role: + name: remount-usr + tags: + - redis - name: Create plugin directory file: diff --git a/remount-usr/handlers/main.yml b/remount-usr/handlers/main.yml new file mode 100644 index 00000000..c75bacb7 --- /dev/null +++ b/remount-usr/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: remount usr + command: mount -o remount /usr + failed_when: false + args: + warn: no diff --git a/remount-usr/tasks/main.yml b/remount-usr/tasks/main.yml new file mode 100644 index 00000000..40fddc30 --- /dev/null +++ b/remount-usr/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: check if /usr is a read-only partition + command: grep -E " /usr.*ro" /proc/mounts + args: + warn: no + changed_when: False + failed_when: False + check_mode: no + register: usr_partition + +- name: mount /usr in rw + command: mount -o remount,rw /usr + args: + warn: no + when: usr_partition.rc == 0 + notify: remount usr diff --git a/spamassasin/tasks/main.yml b/spamassasin/tasks/main.yml index 4f010650..939f235d 100644 --- a/spamassasin/tasks/main.yml +++ b/spamassasin/tasks/main.yml @@ -27,19 +27,8 @@ tags: - spamassassin -- name: update ansible_mounts facts - setup: - filter: ansible_mounts - tags: - - spamassassin - -- name: mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: false - when: item.mount == '/usr' and item.options | match(".*ro.*") - with_items: "{{ ansible_mounts }}" +- include_role: + name: remount-usr tags: - spamassassin diff --git a/tomcat/tasks/nagios.yml b/tomcat/tasks/nagios.yml index 01de5348..69c99810 100644 --- a/tomcat/tasks/nagios.yml +++ b/tomcat/tasks/nagios.yml @@ -4,21 +4,8 @@ name: monitoring-plugins state: present -- name: Check if /usr is a partition - shell: "mount | grep 'on /usr type'" - args: - warn: no - changed_when: False - failed_when: False - check_mode: no - register: usr_partition - -- name: Mount /usr in rw - command: mount -o remount,rw /usr - args: - warn: no - changed_when: False - when: usr_partition.rc == 0 +- include_role: + name: remount-usr - name: Create Nagios plugins dir file: diff --git a/varnish/tasks/munin.yml b/varnish/tasks/munin.yml index 1c2ad790..552c8a34 100644 --- a/varnish/tasks/munin.yml +++ b/varnish/tasks/munin.yml @@ -4,7 +4,9 @@ name: libxml-parser-perl tags: varnish -- include: remount_usr_rw.yml +- include_role: + name: remount-usr + tags: varnish - name: Create plugin directory file: diff --git a/varnish/tasks/remount_usr_rw.yml b/varnish/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/varnish/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/webapps/evoadmin-mail/tasks/remount_usr_rw.yml b/webapps/evoadmin-mail/tasks/remount_usr_rw.yml deleted file mode 100644 index 8c51aee2..00000000 --- a/webapps/evoadmin-mail/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: mount.rc == 0 and not mount.stdout_lines.0 | search("rw") - args: - warn: no diff --git a/webapps/evoadmin-mail/tasks/user.yml b/webapps/evoadmin-mail/tasks/user.yml index 7e4cb90c..5b267e72 100644 --- a/webapps/evoadmin-mail/tasks/user.yml +++ b/webapps/evoadmin-mail/tasks/user.yml @@ -86,7 +86,8 @@ group: "adm" mode: "0640" -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: evoadminmail_scripts_dir | search ("/usr") - name: "Create {{ evoadminmail_scripts_dir }}" diff --git a/webapps/evoadmin-web/tasks/remount_usr_rw.yml b/webapps/evoadmin-web/tasks/remount_usr_rw.yml deleted file mode 100644 index 60162607..00000000 --- a/webapps/evoadmin-web/tasks/remount_usr_rw.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get mount options for partitions - shell: "mount | grep 'on /usr type'" - args: - warn: no - register: mount - changed_when: False - failed_when: False - when: not ansible_check_mode - -- name: Remount /usr if it is a partition and it is not mounted in rw - command: "mount -o remount,rw /usr" - when: - - not ansible_check_mode - - mount.rc == 0 - - not mount.stdout_lines.0 | search("rw") - check_mode: yes - args: - warn: no diff --git a/webapps/evoadmin-web/tasks/user.yml b/webapps/evoadmin-web/tasks/user.yml index 4370070f..4070a52a 100644 --- a/webapps/evoadmin-web/tasks/user.yml +++ b/webapps/evoadmin-web/tasks/user.yml @@ -52,7 +52,8 @@ group: "{{ evoadmin_username }}" recurse: yes -- include: remount_usr_rw.yml +- include_role: + name: remount-usr when: evoadmin_scripts_dir | search ("/usr") - name: "Create {{ evoadmin_scripts_dir }}"