Use 'loop' syntax instead of 'with_items'

CHANGELOG.md

@@ -19,7 +19,7 @@ The **patch** part changes incrementally at each release.
 
 ### Changed
 
-* Use 'loop' syntax instead of 'with_first_found'
+* Use 'loop' syntax instead of 'with_first_found/with_items'
 * apt: store keys in /etc/apt/trusted.gpg.d in ascii format
 * evolinux-base: copy GPG key instead of using apt-key
 * ntpd: Add leapfile configuration setting to ntpd on debian 10+

amazon-ec2/tasks/create-instance.yml

@@ -21,11 +21,11 @@
     groupname: launched-instances
     ansible_user: admin
     ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
-  with_items: "{{ec2.instances}}"
+  loop: "{{ec2.instances}}"
 
 - debug:
     msg: "Your newly created instance is reachable at: {{item.public_dns_name}}"
-  with_items: "{{ec2.instances}}"
+  loop: "{{ec2.instances}}"
 
 - name: Wait for SSH to come up on all instances (give up after 2m)
   wait_for:
@@ -33,4 +33,4 @@
     host: "{{item.public_dns_name}}"
     port: 22
     timeout: 120
-  with_items: "{{ec2.instances}}"
+  loop: "{{ec2.instances}}"

apache/tasks/auth.yml

@@ -40,7 +40,7 @@
     dest: /etc/apache2/private_htpasswd
     line: "{{ item }}"
     state: present
-  with_items: "{{ apache_private_htpasswd_present }}"
+  loop: "{{ apache_private_htpasswd_present }}"
   notify: reload apache
   tags:
     - apache
@@ -50,7 +50,7 @@
     dest: /etc/apache2/private_htpasswd
     line: "{{ item }}"
     state: absent
-  with_items: "{{ apache_private_htpasswd_absent }}"
+  loop: "{{ apache_private_htpasswd_absent }}"
   notify: reload apache
   tags:
     - apache

apache/tasks/ip_whitelist.yml

@@ -5,7 +5,7 @@
     dest: /etc/apache2/ipaddr_whitelist.conf
     line: "Require ip {{ item }}"
     state: present
-  with_items: "{{ apache_ipaddr_whitelist_present }}"
+  loop: "{{ apache_ipaddr_whitelist_present }}"
   notify: reload apache
   tags:
     - apache
@@ -16,7 +16,7 @@
     dest: /etc/apache2/ipaddr_whitelist.conf
     line: "Require ip {{ item }}"
     state: absent
-  with_items: "{{ apache_ipaddr_whitelist_absent }}"
+  loop: "{{ apache_ipaddr_whitelist_absent }}"
   notify: reload apache
   tags:
     - apache

apache/tasks/main.yml

@@ -42,7 +42,7 @@
   apache2_module:
     name: '{{ item }}'
     state: present
-  with_items:
+  loop:
     - rewrite
     - expires
     - headers
@@ -58,7 +58,7 @@
   apache2_module:
     name: '{{ item }}'
     state: present
-  with_items:
+  loop:
     - cgi
   notify: reload apache
   when: apache_mpm == "prefork" or apache_mpm == "itk"
@@ -102,7 +102,7 @@
   command: "a2enconf {{ item }}"
   register: command_result
   changed_when: "'Enabling' in command_result.stderr"
-  with_items:
+  loop:
     - z-evolinux-defaults.conf
     - zzz-evolinux-custom.conf
   notify: reload apache

apache/tasks/munin.yml

@@ -15,7 +15,7 @@
     src: "/usr/share/munin/plugins/{{ item }}"
     dest: "/etc/munin/plugins/{{ item }}"
     state: link
-  with_items:
+  loop:
     - apache_accesses
     - apache_processes
     - apache_volume

apt/tasks/basics.yml

@@ -14,7 +14,7 @@
   file:
     path: '{{ item }}'
     state: absent
-  with_items:
+  loop:
     - /etc/apt/sources.list.d/debian-security.list
     - /etc/apt/sources.list.d/debian-jessie.list
     - /etc/apt/sources.list.d/debian-stretch.list

apt/tasks/config.yml

@@ -8,7 +8,7 @@
     create: yes
     state: present
     mode: "0640"
-  with_items:
+  loop:
     - { line: "APT::Install-Recommends \"false\";", regexp: 'APT::Install-Recommends' }
     - { line: "APT::Install-Suggests \"false\";",   regexp: 'APT::Install-Suggests' }
     - { line: "APT::Periodic::Enable \"0\";",   regexp: 'APT::Periodic::Enable' }
@@ -23,7 +23,7 @@
     create: yes
     state: present
     mode: "0640"
-  with_items:
+  loop:
     - "DPkg::Pre-Invoke { \"df /tmp | grep -q /tmp && mount -oremount,exec /tmp || true\"; };"
     - "DPkg::Pre-Invoke { \"df /usr | grep -q /usr && mount -oremount,rw /usr || true\"; };"
     - "DPkg::Post-Invoke { \"df /tmp | grep -q /tmp && mount -oremount /tmp || true\"; };"

bind/tasks/munin.yml

@@ -14,7 +14,7 @@
     src: "/usr/share/munin/plugins/{{ item }}"
     dest: "/etc/munin/plugins/{{ item }}"
     state: link
-  with_items:
+  loop:
     - bind9
     - bind9_rndc
   notify: restart munin-node
@@ -30,7 +30,7 @@
     src: "/usr/share/munin/plugins/{{ item }}"
     dest: "/etc/munin/plugins/{{ item }}"
     state: link
-  with_items:
+  loop:
     - bind9
     - bind9_rndc
   notify: restart munin-node

clamav/tasks/main.yml

@@ -5,7 +5,7 @@
     question: "{{ item.key }}"
     value: "{{ item.value }}"
     vtype: "{{ item.type }}"
-  with_items:
+  loop:
   - { key: 'clamav-daemon/debconf', type: 'boolean', value: 'true' }
   - { key: 'clamav-daemon/MaxHTMLNormalize', type: 'string', value: '10M' }
   - { key: 'clamav-daemon/StatsPEDisabled', type: 'boolean', value: 'true' }
@@ -57,7 +57,7 @@
     question: "{{ item.key }}"
     value: "{{ item.value }}"
     vtype: "{{ item.type }}"
-  with_items:
+  loop:
   - { key: 'clamav-freshclam/autoupdate_freshclam', type: 'select', value: 'daemon' }
   - { key: 'clamav-freshclam/proxy_user', type: 'string', value: '' }
   - { key: 'clamav-freshclam/NotifyClamd', type: 'boolean', value: 'true' }

docker-host/tasks/main.yml

@@ -80,7 +80,7 @@
     src: "{{ item }}.j2"
     dest: "{{ docker_tls_path }}/{{ item }}"
     mode: "0744"
-  with_items:
+  loop:
     - shellpki.sh
     - openssl.cnf
   when: docker_tls_enabled

dovecot/tasks/main.yml

@@ -24,7 +24,7 @@
     line: "{{ item.key }} = {{ item.value }}"
     regexp: "^#*{{ item.key }}"
     state: present
-  with_items:
+  loop:
     - { key: 'hosts', value: '127.0.0.1' }
     - { key: 'auth_bind', value: 'yes' }
     - { key: 'ldap_version', value: 3 }

etc-git/tasks/repository.yml

@@ -46,7 +46,7 @@
   lineinfile:
     dest: "{{ repository_path }}/.gitignore"
     line: "{{ item }}"
-  with_items: "{{ gitignore_items | default([]) }}"
+  loop: "{{ gitignore_items | default([]) }}"
   tags:
     - etc-git
 

evoacme/tasks/conf.yml

@@ -4,7 +4,7 @@
     section: 'req'
     option: "{{ item.name }}"
     value: "{{ item.var }}"
-  with_items:
+  loop:
      - { name: 'default_bits', var: "{{ evoacme_ssl_key_size }}" }
      - { name: 'encrypt_key', var: 'yes' }
      - { name: 'distinguished_name', var: 'req_dn' }
@@ -16,7 +16,7 @@
     section: 'req_dn'
     option: "{{ item.name }}"
     value: "{{ item.var }}"
-  with_items:
+  loop:
      - { name: 'C', var: "{{ evoacme_ssl_ct }}" }
      - { name: 'ST', var: "{{ evoacme_ssl_state }}" }
      - { name: 'L', var: "{{ evoacme_ssl_loc }}" }

evoacme/tasks/scripts.yml

@@ -39,6 +39,6 @@
   file:
     path: "/usr/local/bin/{{ item }}"
     state: absent
-  with_items:
+  loop:
     - 'make-csr'
     - 'evoacme'

evobackup-client/tasks/open_ssh_ports.yml

@@ -14,7 +14,7 @@
     marker: "# {mark} {{ item.name }}"
     block: |
       /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
-  with_items: "{{ evobackup_client__hosts }}"
+  loop: "{{ evobackup_client__hosts }}"
   notify: restart minifirewall
   when: evobackup_client__minifirewall.stat.exists
   tags:

evolinux-base/tasks/kernel.yml

@@ -7,7 +7,7 @@
     sysctl_file: "{{ evolinux_kernel_sysctl_path }}"
     state: present
     reload: yes
-  with_items:
+  loop:
   - { name: kernel.panic_on_oops, value: 1 }
   - { name: kernel.panic, value: 60 }
   when: evolinux_kernel_reboot_after_panic
@@ -18,7 +18,7 @@
     sysctl_file: "{{ evolinux_kernel_sysctl_path }}"
     state: absent
     reload: yes
-  with_items:
+  loop:
   - kernel.panic_on_oops
   - kernel.panic
   when: not evolinux_kernel_reboot_after_panic
@@ -57,7 +57,7 @@
     sysctl_file: "{{ evolinux_kernel_sysctl_path }}"
     state: present
     reload: yes
-  with_items:
+  loop:
     - { name: "net.ipv4.ipfrag_low_thresh",   value: 196608 }
     - { name: "net.ipv6.ip6frag_low_thresh",  value: 196608 }
     - { name: "net.ipv4.ipfrag_high_thresh",  value: 262144 }

evolinux-base/tasks/packages.yml

@@ -128,7 +128,7 @@
     dest: /etc/apt/listchanges.conf
     regexp: '^{{ item.option }}\s*='
     line: "{{ item.option }}={{ item.value }}"
-  with_items:
+  loop:
     - { option: "confirm", value: "1" }
     - { option: "which",   value: "both" }
   when:

evolinux-base/tasks/postfix.yml

@@ -45,7 +45,7 @@
     dest: /etc/aliases
     regexp: "^{{ item }}:.*"
     line: "{{ item }}: root"
-  with_items: "{{ non_root_users_list.stdout_lines }}"
+  loop: "{{ non_root_users_list.stdout_lines }}"
   notify: newaliases
   when: evolinux_postfix_users_alias_root
   tags:
@@ -56,7 +56,7 @@
     dest: /etc/aliases
     regexp: "^{{ item }}:.*"
     line: "{{ item }}: root"
-  with_items:
+  loop:
     - postmaster
     - abuse
     - mailer-daemon

evolinux-base/tasks/provider_orange_fce.yml

@@ -5,7 +5,7 @@
     sysctl_file: /etc/sysctl.d/evolinux_fce.conf
     state: present
     reload: yes
-  with_items:
+  loop:
     - { name: net.ipv4.tcp_keepalive_time, value: 250 }
     - { name: net.ipv4.tcp_keepalive_intvl, value: 60 }
     - { name: net.ipv6.conf.all.disable_ipv6, value: 1 }

evolinux-base/tasks/root.yml

@@ -13,7 +13,7 @@
     line: "{{ item }}"
     create: yes
     state: present
-  with_items:
+  loop:
     - "export HISTCONTROL=$HISTCONTROL${HISTCONTROL+,}ignoreboth,erasedups"
     - "export HISTSIZE=65535"
     - "export HISTTIMEFORMAT=\"%c : \""
@@ -79,7 +79,7 @@
     line: "{{ item }}"
     create: yes
     state: present
-  with_items:
+  loop:
     - "syntax on"
     - "set background=dark"
     - "set expandtab"

evolinux-base/tasks/system.yml

@@ -13,7 +13,7 @@
     line: "{{ item }}"
     create: yes
     state: present
-  with_items:
+  loop:
     - "en_US.UTF-8 UTF-8"
     - "fr_FR ISO-8859-1"
     - "fr_FR.UTF-8 UTF-8"
@@ -112,7 +112,7 @@
     dest: /etc/crontab
     regexp:  "{{ item.regexp }}"
     replace: "{{ item.replace }}"
-  with_items:
+  loop:
   - { regexp: '^17((\s*\*){4})',         replace: '{{ 59|random(start=1) }}\1' }
   - { regexp: '^25\s*6((\s*\*){3})',     replace: '{{ 59|random(start=1) }} {{ [0,1,3,4,5,6,7]|random }}\1' }
   - { regexp: '^47\s*6((\s*\*){2}\s*7)', replace: '{{ 59|random(start=1) }} {{ [0,1,3,4,5,6,7]|random }}\1' }

evolinux-users/tasks/user.yml

@@ -120,7 +120,7 @@
 - name: "Secondary Unix groups are present"
   group:
     name: "{{ group }}"
-  with_items: "{{ user.groups }}"
+  loop: "{{ user.groups }}"
   loop_control:
     loop_var: group
   when:
@@ -184,7 +184,7 @@
     user: "{{ user.name }}"
     key: "{{ ssk_key }}"
     state: present
-  with_items: "{{ user.ssh_keys }}"
+  loop: "{{ user.ssh_keys }}"
   loop_control:
     loop_var: ssk_key
   when: user.ssh_keys is defined

evomaintenance/tasks/install_vendor_debian.yml

@@ -42,7 +42,7 @@
     mode: "{{ item.mode }}"
     force: yes
     backup: yes
-  with_items:
+  loop:
     - { src: 'evomaintenance.sh', dest: '/usr/share/scripts/', mode: '0700' }
     - { src: 'evomaintenance.tpl', dest: '/usr/share/scripts/', mode: '0600' }
   tags:

evomaintenance/tasks/install_vendor_openbsd.yml

@@ -28,7 +28,7 @@
     mode: "{{ item.mode }}"
     force: yes
     backup: yes
-  with_items:
+  loop:
     - { src: 'evomaintenance.sh', dest: '/usr/share/scripts/', mode: '0700' }
     - { src: 'evomaintenance.tpl', dest: '/usr/share/scripts/', mode: '0600' }
   tags:

evomaintenance/tasks/minifirewall.yml

@@ -12,7 +12,7 @@
     dest: /etc/default/minifirewall
     line: "/sbin/iptables -A INPUT -p tcp --sport 5432 --dport 1024:65535 -s {{ item }} -m state --state ESTABLISHED,RELATED -j ACCEPT"
     insertafter: "^# EvoMaintenance"
-  with_items: "{{ evomaintenance_hosts }}"
+  loop: "{{ evomaintenance_hosts }}"
   notify: "{{ minifirewall_restart_handler_name }}"
   when: minifirewall_default_file.stat.exists
   tags:

fail2ban/tasks/main.yml

@@ -9,7 +9,7 @@
     owner: root
     group: root
     mode: "0755"
-  with_items:
+  loop:
     - "/etc/fail2ban"
     - "/etc/fail2ban/filter.d"
   tags:
@@ -52,7 +52,7 @@
     src: "{{ item }}"
     dest: /etc/fail2ban/filter.d/
     mode: "0644"
-  with_items:
+  loop:
     - dovecot-evolix.conf
     - sasl-evolix.conf
     - wordpress-soft.conf

filebeat/tasks/main.yml

@@ -120,7 +120,7 @@
       regexp: '{{ item.regexp }}'
       line: '{{ item.line }}'
       insertafter: "output.elasticsearch:"
-    with_items:
+    loop:
       - { regexp: '^  #?username: .*', line: '  username: "{{ filebeat_elasticsearch_auth_username }}"' }
       - { regexp: '^  #?password: .*', line: '  password: "{{ filebeat_elasticsearch_auth_password }}"' }
     notify: restart filebeat

java/tasks/oracle.yml

@@ -13,7 +13,7 @@
     path: "{{ item }}"
     state: directory
     mode: "0777"
-  with_items:
+  loop:
   - /srv/java-package
   - /srv/java-package/src
   - /srv/java-package/tmp

kibana/tasks/main.yml

@@ -107,7 +107,7 @@
 #     args:
 #       creates: "/var/lib/kibana/{{ item }}"
 #     notify: restart kibana
-#     with_items:
+#     loop:
 #       - optimize
 #       - data
 

kvm-host/tasks/munin.yml

@@ -5,7 +5,7 @@
     url: "https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/libvirt/{{ item }}"
     dest: "/etc/munin/plugins/"
     mode: "0755"
-  with_items:
+  loop:
   - kvm_cpu
   - kvm_io
   - kvm_mem

kvm-host/tasks/ssh.yml

@@ -33,7 +33,7 @@
     special_time: "hourly"
     user: root
     job: "rsync -a --delete /etc/libvirt/qemu/ {{ hostvars[item]['ansible_hostname'] }}:/root/libvirt-{{ inventory_hostname }}/"
-  with_items:
+  loop:
     - "{{ groups['hypervisors'] }}"
   when: item != inventory_hostname
 
@@ -44,6 +44,6 @@
     special_time: "daily"
     user: root
     job: "virsh list | ssh {{ hostvars[item]['ansible_hostname'] }} 'cat >/root/libvirt-{{ inventory_hostname }}/virsh-list.txt'"
-  with_items:
+  loop:
     - "{{ groups['hypervisors'] }}"
   when: item != inventory_hostname

ldap/tasks/nagios.yml

@@ -47,7 +47,7 @@
     option: "{{ item.option }}"
     value: "{{ item.value }}"
     mode: "0640"
-  with_items:
+  loop:
     - { option: 'hostname', value: '127.0.0.1' }
     - { option: 'base', value: "{{ ldap_suffix }}" }
     - { option: 'bind', value: "cn=nagios,ou=ldapusers,{{ ldap_suffix }}" }
@@ -66,7 +66,7 @@
 # and set the variable
 - name: overwrite ldap_nagios_password (from file)
   set_fact:
-    ldap_nagios_password: "{{ lookup('ini', 'pass section=check_ldap file=/tmp/{{ inventory_hostname }}/etc/nagios/monitoring-plugins.ini') }}"
+    ldap_nagios_password: "{{ lookup('ini', 'pass section=check_ldap file=/tmp/{{ inventory_hostname }}/monitoring-plugins.ini') }}"
 
 - name: hash password for cn=nagios
   command: "slappasswd -s {{ ldap_nagios_password }}"

lxc-php/tasks/php56.yml

@@ -11,7 +11,7 @@
     dest: "{{ line_item }}"
     mode: "0644"
   notify: "Reload {{ lxc_php_version }}-fpm"
-  with_items:
+  loop:
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
   loop_control:

lxc-php/tasks/php70.yml

@@ -11,7 +11,7 @@
     dest: "{{ line_item }}"
     mode: "0644"
   notify: "Reload {{ lxc_php_version }}-fpm"
-  with_items:
+  loop:
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
   loop_control:

lxc-php/tasks/php73.yml

@@ -11,7 +11,7 @@
     dest: "{{ line_item }}"
     mode: "0644"
   notify: "Reload {{ lxc_php_version }}-fpm"
-  with_items:
+  loop:
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
   loop_control:

lxc-php/tasks/php74.yml

@@ -12,7 +12,7 @@
     state: present
     create: yes
     mode: "0644"
-  with_items:
+  loop:
     - "deb https://packages.sury.org/php/ buster main"
     - "deb http://pub.evolix.net/ buster-php74/"
 
@@ -44,7 +44,7 @@
     dest: "{{ line_item }}"
     mode: "0644"
   notify: "Reload {{ lxc_php_version }}-fpm"
-  with_items:
+  loop:
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.4/fpm/conf.d/z-evolinux-defaults.ini"
     - "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.4/cli/conf.d/z-evolinux-defaults.ini"
   loop_control:

lxc-solr/tasks/main.yml

@@ -8,9 +8,9 @@
     path: "/var/lib/lxc/{{ item.name }}/rootfs"
     state: directory
     mode: '0755'
-  with_items:
+  loop:
     - "{{ lxc_containers }}"
 
 - include: "solr.yml name={{item.name}} solr_version={{item.solr_version}} solr_port={{item.solr_port}}"
-  with_items:
+  loop:
     - "{{ lxc_containers }}"

memcached/tasks/munin.yml

@@ -26,7 +26,7 @@
       src: '/usr/share/munin/plugins/memcached_'
       dest: /etc/munin/plugins/{{ multi }}{{ item }}
       state: link
-    with_items:
+    loop:
       - memcached_bytes
       - memcached_counters
       - memcached_rates

metricbeat/tasks/main.yml

@@ -78,7 +78,7 @@
       regexp: '{{ item.regexp }}'
       line: '{{ item.line }}'
       insertafter: "output.elasticsearch:"
-    with_items:
+    loop:
       - { regexp: '^  #?username: .*', line: '  username: "{{ metricbeat_elasticsearch_auth_username }}"' }
       - { regexp: '^  #?password: .*', line: '  password: "{{ metricbeat_elasticsearch_auth_password }}"' }
     notify: restart metricbeat

minifirewall/tasks/config.yml

@@ -184,7 +184,7 @@
     dest: "{{ minifirewall_main_file }}"
     line: "/sbin/iptables -A INPUT -p tcp --sport 5432 --dport 1024:65535 -s {{ item }} -m state --state ESTABLISHED,RELATED -j ACCEPT"
     insertafter: "^# EvoMaintenance"
-  with_items: "{{ evomaintenance_hosts }}"
+  loop: "{{ evomaintenance_hosts }}"
 
 - name: remove minifirewall example rule for the evomaintenance
   lineinfile:

mongodb/tasks/main_buster.yml

@@ -57,7 +57,7 @@
     src: "munin/{{ item }}"
     dest: '/usr/local/share/munin/plugins/{{ item }}'
     force: yes
-  with_items:
+  loop:
     - mongo_btree
     - mongo_collections
     - mongo_conn
@@ -73,7 +73,7 @@
     src: '/usr/local/share/munin/plugins/{{ item }}'
     dest: /etc/munin/plugins/{{ item }}
     state: link
-  with_items:
+  loop:
     - mongo_btree
     - mongo_collections
     - mongo_conn

munin/tasks/main.yml

@@ -35,7 +35,7 @@
   file:
     path: '/etc/munin/plugins/{{ item }}'
     state: absent
-  with_items:
+  loop:
     - http_loadtime
     - exim_mailqueue
     - exim_mailstats
@@ -52,7 +52,7 @@
     src: "/usr/share/munin/plugins/{{ item }}"
     dest: "/etc/munin/plugins/{{ item }}"
     state: link
-  with_items:
+  loop:
     - meminfo
     - netstat_multi
     - tcp

mysql-oracle/tasks/munin.yml

@@ -22,7 +22,7 @@
       src: '/usr/share/munin/plugins/{{ item }}'
       dest: /etc/munin/plugins/{{ item }}
       state: link
-    with_items:
+    loop:
       - mysql_bytes
       - mysql_queries
       - mysql_slowqueries
@@ -34,7 +34,7 @@
       src: /usr/share/munin/plugins/mysql_
       dest: '/etc/munin/plugins/mysql_{{ item }}'
       state: link
-    with_items:
+    loop:
       - commands
       - connections
       - files_tables

mysql-oracle/tasks/nrpe.yml

@@ -44,7 +44,7 @@
       section: client
       option: '{{ item.option }}'
       value: '{{ item.value }}'
-    with_items:
+    loop:
       - { option: 'user', value: 'nrpe' }
       - { option: 'password', value: '{{ mysql_nrpe_password.stdout }}' }
     when: create_nrpe_user.changed

mysql-oracle/tasks/users.yml

@@ -36,7 +36,7 @@
     option: '{{ item.option }}'
     value: '{{ item.value }}'
     create: yes
-  with_items:
+  loop:
     - { option: 'user', value: 'mysqladmin' }
     - { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
   when: create_mysqladmin_user is changed

mysql/tasks/munin.yml

@@ -22,7 +22,7 @@
       src: '/usr/share/munin/plugins/{{ item }}'
       dest: /etc/munin/plugins/{{ item }}
       state: link
-    with_items:
+    loop:
       - mysql_bytes
       - mysql_queries
       - mysql_slowqueries
@@ -34,7 +34,7 @@
       src: /usr/share/munin/plugins/mysql_
       dest: '/etc/munin/plugins/mysql_{{ item }}'
       state: link
-    with_items:
+    loop:
       - commands
       - connections
       - files_tables

mysql/tasks/nrpe.yml

@@ -44,7 +44,7 @@
       section: client
       option: '{{ item.option }}'
       value: '{{ item.value }}'
-    with_items:
+    loop:
       - { option: 'user', value: 'nrpe' }
       - { option: 'password', value: '{{ mysql_nrpe_password.stdout }}' }
     when: create_nrpe_user.changed

mysql/tasks/users_jessie.yml

@@ -42,7 +42,7 @@
     option: '{{ item.option }}'
     value: '{{ item.value }}'
     create: yes
-  with_items:
+  loop:
     - { option: 'user',     value: 'mysqladmin' }
     - { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
   when: create_mysqladmin_user.changed

mysql/tasks/users_stretch.yml

@@ -37,7 +37,7 @@
     option: '{{ item.option }}'
     value: '{{ item.value }}'
     create: yes
-  with_items:
+  loop:
     - { option: 'user',     value: 'mysqladmin' }
     - { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
   when: create_mysqladmin_user.changed

nameserver/tasks/main.yml

@@ -12,7 +12,7 @@
     dest: /etc/resolv.conf
     line: "nameserver {{ item }}"
     state: present
-  with_items: "{{ nameservers }}"
+  loop: "{{ nameservers }}"
   tags:
   - nameserver
 
@@ -21,7 +21,7 @@
     dest: /etc/resolv.conf
     line: "nameserver {{ item }}"
     state: absent
-  with_items: "{{ grep_nameserver.stdout_lines }}"
+  loop: "{{ grep_nameserver.stdout_lines }}"
   when: item not in nameservers
   tags:
   - nameserver

newrelic/tasks/php.yml

@@ -27,14 +27,14 @@
     dest: "{{ item }}"
     regexp: '^;?newrelic.daemon.utilization.detect_aws'
     line: 'newrelic.daemon.utilization.detect_aws = false'
-  with_items: "{{ find_newrelic_ini.stdout_lines }}"
+  loop: "{{ find_newrelic_ini.stdout_lines }}"
 
 - name: Disable Docker detection
   lineinfile:
     dest: "{{ item }}"
     regexp: '^;?newrelic.daemon.utilization.detect_docker'
     line: 'newrelic.daemon.utilization.detect_docker = false'
-  with_items: "{{ find_newrelic_ini.stdout_lines }}"
+  loop: "{{ find_newrelic_ini.stdout_lines }}"
 
 - name: Install package for PHP
   apt:

nginx/tasks/ip_whitelist.yml

@@ -5,7 +5,7 @@
     dest: /etc/nginx/snippets/ipaddr_whitelist
     line: "allow {{ item }};"
     state: present
-  with_items: "{{ nginx_ipaddr_whitelist_present }}"
+  loop: "{{ nginx_ipaddr_whitelist_present }}"
   notify: reload nginx
   tags:
     - nginx
@@ -16,7 +16,7 @@
     dest: /etc/nginx/snippets/ipaddr_whitelist
     line: "allow {{ item }};"
     state: absent
-  with_items: "{{ nginx_ipaddr_whitelist_absent }}"
+  loop: "{{ nginx_ipaddr_whitelist_absent }}"
   notify: reload nginx
   tags:
     - nginx

nginx/tasks/main.yml

@@ -80,7 +80,7 @@
     dest: /etc/nginx/snippets/private_htpasswd
     line: "{{ item }}"
     state: present
-  with_items: "{{ nginx_private_htpasswd_present }}"
+  loop: "{{ nginx_private_htpasswd_present }}"
   notify: reload nginx
   tags:
     - nginx
@@ -90,7 +90,7 @@
     dest: /etc/nginx/snippets/private_htpasswd
     line: "{{ item }}"
     state: absent
-  with_items: "{{ nginx_private_htpasswd_absent }}"
+  loop: "{{ nginx_private_htpasswd_absent }}"
   notify: reload nginx
   tags:
     - nginx

nginx/tasks/munin_graphs.yml

@@ -12,7 +12,7 @@
     src: '/usr/share/munin/plugins/{{ item }}'
     dest: '/etc/munin/plugins/{{ item }}'
     state: link
-  with_items:
+  loop:
     - nginx_request
     - nginx_status
   notify: restart munin

opendkim/tasks/main.yml

@@ -38,7 +38,7 @@
     owner: opendkim
     group: opendkim
     mode: "0640"
-  with_items:
+  loop:
   - 'KeyTable'
   - 'SigningTable'
   changed_when: False

packweb-apache/tasks/apache.yml

@@ -28,7 +28,7 @@
   apache2_module:
     name: '{{ item }}'
     state: present
-  with_items:
+  loop:
     - ssl
     - include
     - negotiation
@@ -56,6 +56,6 @@
   command: "a2enconf {{ item }}"
   register: command_result
   changed_when: "'Enabling' in command_result.stderr"
-  with_items:
+  loop:
     - evolinux-evasive
     - evolinux-modsec

packweb-apache/tasks/fhs_retrictions.yml

@@ -5,7 +5,7 @@
   register: command_result
   changed_when: "'changed' in command_result.stdout"
   failed_when: False
-  with_items:
+  loop:
     - /
     - /etc
     - /usr
@@ -29,7 +29,7 @@
   register: command_result
   changed_when: "'changed' in command_result.stdout"
   failed_when: False
-  with_items:
+  loop:
     - /var/log/apt
     - /var/lib/dpkg
     - /var/log/munin
@@ -51,7 +51,7 @@
   register: command_result
   changed_when: "'changed' in command_result.stdout"
   failed_when: False
-  with_items:
+  loop:
     - /bin/ping
     - /bin/ping6
     - /usr/bin/fping
@@ -63,6 +63,6 @@
   register: command_result
   changed_when: "'changed' in command_result.stdout"
   failed_when: False
-  with_items:
+  loop:
     - /var/log/evolix.log
     - /etc/warnquota.conf

packweb-apache/tasks/main.yml

@@ -41,7 +41,7 @@
     path: "/etc/skel/{{ item.path }}"
     state: "{{ item.state }}"
     mode: "{{ item.mode }}"
-  with_items:
+  loop:
     - { path: log, mode: "0750", state: directory }
     - { path: awstats, mode: "0750", state: directory }
     - { path: www, mode: "0750", state: directory }
@@ -50,7 +50,7 @@
   command: "touch /etc/skel/log/{{ item }}"
   args:
     creates: "/etc/skel/log/{{ item }}"
-  with_items:
+  loop:
     - access.log
     - error.log
 
@@ -58,7 +58,7 @@
   file:
     dest: "/etc/skel/log/{{ item }}"
     mode: "0644"
-  with_items:
+  loop:
     - access.log
     - error.log
 
@@ -85,7 +85,6 @@
 - include: apache.yml
 
 - include: phpmyadmin.yml
-  when: ansible_distribution_release != "buster"
 
 - include: awstats.yml
 

php/tasks/config_apache.yml

@@ -8,7 +8,7 @@
     value: "{{ item.value }}"
     mode: "0644"
     create: yes
-  with_items:
+  loop:
     - { option: "short_open_tag", value: "Off" }
     - { option: "expose_php", value: "Off" }
     - { option: "display_errors", value: "Off" }
@@ -42,6 +42,6 @@
     option: "{{ item.option }}"
     value: "{{ item.value }}"
     mode: "0644"
-  with_items:
+  loop:
     - { option: "date.timezone", value: "Europe/Paris" }
   when: php_symfony_requirements

php/tasks/config_cli.yml

@@ -7,7 +7,7 @@
     value: "{{ item.value }}"
     mode: "0644"
     create: yes
-  with_items:
+  loop:
     - { option: "display_errors", value: "On" }
     - { option: "allow_url_fopen", value: "On" }
     - { option: "disable_functions", value: "" }
@@ -33,6 +33,6 @@
     option: "{{ item.option }}"
     value: "{{ item.value }}"
     mode: "0644"
-  with_items:
+  loop:
     - { option: "date.timezone", value: "Europe/Paris" }
   when: php_symfony_requirements

php/tasks/config_fpm.yml

@@ -8,7 +8,7 @@
     value: "{{ item.value }}"
     mode: "0644"
     create: yes
-  with_items:
+  loop:
     - { option: "short_open_tag", value: "Off" }
     - { option: "expose_php", value: "Off" }
     - { option: "display_errors", value: "Off" }
@@ -43,7 +43,7 @@
     value: "{{ item.value }}"
     mode: "0644"
     create: yes
-  with_items:
+  loop:
     - { option: "user", value: "www-data" }
     - { option: "group", value: "www-data" }
     - { option: "listen", value: "{{ php_fpm_default_pool_socket }}" }
@@ -76,7 +76,7 @@
     option: "{{ item.option }}"
     value: "{{ item.value }}"
     mode: "0644"
-  with_items:
+  loop:
     - { option: "date.timezone", value: "Europe/Paris" }
   notify: "restart {{ php_fpm_service_name }}"
   when: php_symfony_requirements

php/tasks/main_buster.yml

@@ -65,7 +65,7 @@
   file:
     dest: "{{ item }}"
     mode: "0755"
-  with_items:
+  loop:
     - /etc/php
     - /etc/php/7.3
 

php/tasks/main_stretch.yml

@@ -65,7 +65,7 @@
   file:
     dest: "{{ item }}"
     mode: "0755"
-  with_items:
+  loop:
     - /etc/php
     - /etc/php/7.0
 

php/tasks/sury_post.yml

@@ -6,7 +6,7 @@
     dest: "{{ item.dest }}"
     force: yes
     state: link
-  with_items:
+  loop:
     - { src: "{{ php_cli_defaults_ini_file }}", dest: "/etc/php/7.4/cli/conf.d/z-evolinux-defaults.ini" }
     - { src: "{{ php_cli_custom_ini_file }}", dest: "/etc/php/7.4/cli/conf.d/zzz-evolinux-custom.ini" }
 
@@ -21,7 +21,7 @@
     dest: "{{ item.dest }}"
     force: yes
     state: link
-  with_items:
+  loop:
     - { src: "{{ php_apache_defaults_ini_file }}", dest: "/etc/php/7.4/apache2/conf.d/z-evolinux-defaults.ini" }
     - { src: "{{ php_apache_custom_ini_file }}", dest: "/etc/php/7.4/apache2/conf.d/zzz-evolinux-custom.ini" }
   when: php_apache_enable
@@ -38,7 +38,7 @@
     dest: "{{ item.dest }}"
     force: yes
     state: link
-  with_items:
+  loop:
     - { src: "{{ php_fpm_defaults_ini_file }}", dest: "/etc/php/7.4/fpm/conf.d/z-evolinux-defaults.ini" }
     - { src: "{{ php_fpm_custom_ini_file }}", dest: "/etc/php/7.4/fpm/conf.d/zzz-evolinux-custom.ini" }
     - { src: "{{ php_fpm_defaults_conf_file }}", dest: "/etc/php/7.4/fpm/pool.d/z-evolinux-defaults.conf" }

postfix/tasks/common.yml

@@ -14,7 +14,7 @@
     line: '{{ item }}'
     state: present
     create: no
-  with_items:
+  loop:
     - "postfix/sa-blacklist.access"
     - "postfix/*.db"
   tags: