Add names to many blocks
parent
3b258cc43e
commit
6801f4e00e
|
@ -24,19 +24,20 @@
|
|||
path: /usr/sbin/apachectl
|
||||
register: is_apache
|
||||
|
||||
- block:
|
||||
- name: ACME challenge for Apache is installed
|
||||
template:
|
||||
src: acme-challenge/apache.conf.j2
|
||||
dest: /etc/apache2/conf-available/letsencrypt.conf
|
||||
force: yes
|
||||
notify: reload apache
|
||||
- name: ACME challenge for Apache
|
||||
block:
|
||||
- name: ACME challenge for Apache is installed
|
||||
template:
|
||||
src: acme-challenge/apache.conf.j2
|
||||
dest: /etc/apache2/conf-available/letsencrypt.conf
|
||||
force: yes
|
||||
notify: reload apache
|
||||
|
||||
- name: ACME challenge for Apache is enabled
|
||||
command: "a2enconf letsencrypt"
|
||||
register: command_result
|
||||
changed_when: "'Enabling' in command_result.stderr"
|
||||
notify: reload apache
|
||||
- name: ACME challenge for Apache is enabled
|
||||
command: "a2enconf letsencrypt"
|
||||
register: command_result
|
||||
changed_when: "'Enabling' in command_result.stderr"
|
||||
notify: reload apache
|
||||
when: is_apache.stat.exists
|
||||
|
||||
- name: Check if HAProxy is installed
|
||||
|
|
|
@ -6,12 +6,13 @@
|
|||
check_mode: no
|
||||
register: munin_node_plugins_config
|
||||
|
||||
- block:
|
||||
- name: Install munin plugin
|
||||
copy:
|
||||
src: munin_plugin
|
||||
dest: /etc/munin/plugins/dovecot
|
||||
mode: "0755"
|
||||
- name: Munin plugins are present and configured
|
||||
block:
|
||||
- name: Install munin plugin
|
||||
copy:
|
||||
src: munin_plugin
|
||||
dest: /etc/munin/plugins/dovecot
|
||||
mode: "0755"
|
||||
|
||||
# TODO : add in /etc/munin/plugin-conf.d/munin-node
|
||||
# [dovecot]
|
||||
|
|
|
@ -1,44 +1,46 @@
|
|||
---
|
||||
|
||||
- block:
|
||||
- name: "Is custom datadir present ?"
|
||||
stat:
|
||||
path: "{{ elasticsearch_custom_datadir }}"
|
||||
register: elasticsearch_custom_datadir_test
|
||||
check_mode: no
|
||||
- name: Set real datadir value when customized
|
||||
block:
|
||||
- name: "Is custom datadir present ?"
|
||||
stat:
|
||||
path: "{{ elasticsearch_custom_datadir }}"
|
||||
register: elasticsearch_custom_datadir_test
|
||||
check_mode: no
|
||||
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/elasticsearch
|
||||
changed_when: false
|
||||
register: elasticsearch_current_real_datadir_test
|
||||
check_mode: no
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/elasticsearch
|
||||
changed_when: false
|
||||
register: elasticsearch_current_real_datadir_test
|
||||
check_mode: no
|
||||
tags:
|
||||
- elasticsearch
|
||||
when:
|
||||
- elasticsearch_custom_datadir != ''
|
||||
- elasticsearch_custom_datadir != None
|
||||
|
||||
- block:
|
||||
- name: elasticsearch is stopped
|
||||
service:
|
||||
name: elasticsearch
|
||||
state: stopped
|
||||
- name: Datadir is moved to custom path
|
||||
block:
|
||||
- name: elasticsearch is stopped
|
||||
service:
|
||||
name: elasticsearch
|
||||
state: stopped
|
||||
|
||||
- name: Move elasticsearch datadir to custom datadir
|
||||
command: mv {{ elasticsearch_current_real_datadir_test.stdout }} {{ elasticsearch_custom_datadir }}
|
||||
args:
|
||||
creates: "{{ elasticsearch_custom_datadir }}"
|
||||
- name: Move elasticsearch datadir to custom datadir
|
||||
command: mv {{ elasticsearch_current_real_datadir_test.stdout }} {{ elasticsearch_custom_datadir }}
|
||||
args:
|
||||
creates: "{{ elasticsearch_custom_datadir }}"
|
||||
|
||||
- name: Symlink {{ elasticsearch_custom_datadir }} to /var/lib/elasticsearch
|
||||
file:
|
||||
src: "{{ elasticsearch_custom_datadir }}"
|
||||
dest: '/var/lib/elasticsearch'
|
||||
state: link
|
||||
- name: Symlink {{ elasticsearch_custom_datadir }} to /var/lib/elasticsearch
|
||||
file:
|
||||
src: "{{ elasticsearch_custom_datadir }}"
|
||||
dest: '/var/lib/elasticsearch'
|
||||
state: link
|
||||
|
||||
- name: elasticsearch is started
|
||||
service:
|
||||
name: elasticsearch
|
||||
state: started
|
||||
- name: elasticsearch is started
|
||||
service:
|
||||
name: elasticsearch
|
||||
state: started
|
||||
tags:
|
||||
- elasticsearch
|
||||
when:
|
||||
|
|
|
@ -8,28 +8,29 @@
|
|||
system: yes
|
||||
shell: /bin/false
|
||||
|
||||
- block:
|
||||
- name: Head repository is checked-out
|
||||
git:
|
||||
repo: "https://github.com/mobz/elasticsearch-head.git"
|
||||
dest: "{{ elasticsearch_plugin_head_clone_dir }}"
|
||||
clone: yes
|
||||
tags:
|
||||
- packages
|
||||
- name: Head plugin is installed
|
||||
block:
|
||||
- name: Head repository is checked-out
|
||||
git:
|
||||
repo: "https://github.com/mobz/elasticsearch-head.git"
|
||||
dest: "{{ elasticsearch_plugin_head_clone_dir }}"
|
||||
clone: yes
|
||||
tags:
|
||||
- packages
|
||||
|
||||
- name: Create tmpdir
|
||||
file:
|
||||
dest: "{{ elasticsearch_plugin_head_tmp_dir }}"
|
||||
state: directory
|
||||
- name: Create tmpdir
|
||||
file:
|
||||
dest: "{{ elasticsearch_plugin_head_tmp_dir }}"
|
||||
state: directory
|
||||
|
||||
- name: NPM packages for head are installed
|
||||
npm:
|
||||
path: "{{ elasticsearch_plugin_head_clone_dir }}"
|
||||
tags:
|
||||
- packages
|
||||
- npm
|
||||
environment:
|
||||
TMPDIR: "{{ elasticsearch_plugin_head_tmp_dir }}"
|
||||
- name: NPM packages for head are installed
|
||||
npm:
|
||||
path: "{{ elasticsearch_plugin_head_clone_dir }}"
|
||||
tags:
|
||||
- packages
|
||||
- npm
|
||||
environment:
|
||||
TMPDIR: "{{ elasticsearch_plugin_head_tmp_dir }}"
|
||||
become_user: "{{ elasticsearch_plugin_head_owner }}"
|
||||
become: yes
|
||||
|
||||
|
|
|
@ -7,50 +7,51 @@
|
|||
changed_when: False
|
||||
check_mode: no
|
||||
|
||||
- block:
|
||||
- name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
file:
|
||||
path: "{{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
mode: "0755"
|
||||
state: directory
|
||||
tags:
|
||||
- elasticsearch
|
||||
- name: Tmpdir is moved to custom path
|
||||
block:
|
||||
- name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
file:
|
||||
path: "{{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
owner: elasticsearch
|
||||
group: elasticsearch
|
||||
mode: "0755"
|
||||
state: directory
|
||||
tags:
|
||||
- elasticsearch
|
||||
|
||||
- name: change JVM tmpdir (< 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/elasticsearch/jvm.options
|
||||
line: "-Djava.io.tmpdir={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
regexp: "^-Djava.io.tmpdir="
|
||||
insertafter: "## JVM configuration"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '<')
|
||||
- name: change JVM tmpdir (< 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/elasticsearch/jvm.options
|
||||
line: "-Djava.io.tmpdir={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
regexp: "^-Djava.io.tmpdir="
|
||||
insertafter: "## JVM configuration"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '<')
|
||||
|
||||
- name: check if ES_TMPDIR is available (>= 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/default/elasticsearch
|
||||
line: "ES_TMPDIR={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
regexp: "^ES_TMPDIR="
|
||||
insertafter: "JAVA_HOME"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '>=')
|
||||
- name: check if ES_TMPDIR is available (>= 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/default/elasticsearch
|
||||
line: "ES_TMPDIR={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
regexp: "^ES_TMPDIR="
|
||||
insertafter: "JAVA_HOME"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '>=')
|
||||
|
||||
- name: change JVM tmpdir (>= 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/elasticsearch/jvm.options
|
||||
line: "-Djava.io.tmpdir=${ES_TMPDIR}"
|
||||
regexp: "^-Djava.io.tmpdir="
|
||||
insertafter: "## JVM configuration"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '>=')
|
||||
- name: change JVM tmpdir (>= 6.x)
|
||||
lineinfile:
|
||||
dest: /etc/elasticsearch/jvm.options
|
||||
line: "-Djava.io.tmpdir=${ES_TMPDIR}"
|
||||
regexp: "^-Djava.io.tmpdir="
|
||||
insertafter: "## JVM configuration"
|
||||
notify:
|
||||
- restart elasticsearch
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elastic_stack_version is version_compare('6', '>=')
|
||||
when: (elasticsearch_custom_tmpdir != '' and elasticsearch_custom_tmpdir != None) or fstab_tmp_noexec.rc == 0
|
||||
|
|
|
@ -1,18 +1,19 @@
|
|||
---
|
||||
|
||||
- block:
|
||||
- name: install jessie-backports
|
||||
include_role:
|
||||
name: evolix/apt
|
||||
tasks_from: backports.yml
|
||||
- name: Use backports for jessie
|
||||
block:
|
||||
- name: install jessie-backports
|
||||
include_role:
|
||||
name: evolix/apt
|
||||
tasks_from: backports.yml
|
||||
|
||||
- name: Add exceptions for certbot dependencies
|
||||
copy:
|
||||
src: backports-certbot
|
||||
dest: /etc/apt/preferences.d/z-backports-certbot
|
||||
notify: apt update
|
||||
- name: Add exceptions for certbot dependencies
|
||||
copy:
|
||||
src: backports-certbot
|
||||
dest: /etc/apt/preferences.d/z-backports-certbot
|
||||
notify: apt update
|
||||
|
||||
- meta: flush_handlers
|
||||
- meta: flush_handlers
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- name: Install certbot with apt
|
||||
|
|
|
@ -25,24 +25,24 @@
|
|||
|
||||
# SSL cert
|
||||
|
||||
- block:
|
||||
- name: Default certificate is present
|
||||
block:
|
||||
- name: Create private key and csr for default site ({{ ansible_fqdn }})
|
||||
command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
|
||||
args:
|
||||
creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"
|
||||
|
||||
- name: Create private key and csr for default site ({{ ansible_fqdn }})
|
||||
command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
|
||||
args:
|
||||
creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"
|
||||
- name: Adjust rights on private key
|
||||
file:
|
||||
path: /etc/ssl/private/{{ ansible_fqdn }}.key
|
||||
owner: root
|
||||
group: ssl-cert
|
||||
mode: "0640"
|
||||
|
||||
- name: Adjust rights on private key
|
||||
file:
|
||||
path: /etc/ssl/private/{{ ansible_fqdn }}.key
|
||||
owner: root
|
||||
group: ssl-cert
|
||||
mode: "0640"
|
||||
|
||||
- name: Create certificate for default site
|
||||
command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
|
||||
args:
|
||||
creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
|
||||
- name: Create certificate for default site
|
||||
command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
|
||||
args:
|
||||
creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
|
||||
when: evolinux_default_www_ssl_cert
|
||||
|
||||
- meta: flush_handlers
|
||||
|
|
|
@ -33,67 +33,69 @@
|
|||
changed_when: "'FAILED' in raidmodel.stdout"
|
||||
failed_when: "'FAILED' in raidmodel.stdout"
|
||||
|
||||
- block:
|
||||
- name: Add HPE GPG key
|
||||
apt_key:
|
||||
#url: https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
|
||||
data: "{{ lookup('file', 'hpePublicKey2048_key1.pub') }}"
|
||||
- name: HP Smart Array package is present
|
||||
block:
|
||||
- name: Add HPE GPG key
|
||||
apt_key:
|
||||
#url: https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
|
||||
data: "{{ lookup('file', 'hpePublicKey2048_key1.pub') }}"
|
||||
|
||||
- name: Add HPE repository
|
||||
apt_repository:
|
||||
repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
|
||||
state: present
|
||||
- name: Add HPE repository
|
||||
apt_repository:
|
||||
repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
|
||||
state: present
|
||||
|
||||
- name: Install packages for HP hardware
|
||||
apt:
|
||||
name:
|
||||
- cciss-vol-status
|
||||
- ssacli
|
||||
state: present
|
||||
- name: Install packages for HP hardware
|
||||
apt:
|
||||
name:
|
||||
- cciss-vol-status
|
||||
- ssacli
|
||||
state: present
|
||||
|
||||
- name: Configure packages for HP hardware
|
||||
template:
|
||||
src: hardware/cciss-vol-statusd.j2
|
||||
dest: /etc/init.d/cciss-vol-statusd
|
||||
mode: "0755"
|
||||
- name: Configure packages for HP hardware
|
||||
template:
|
||||
src: hardware/cciss-vol-statusd.j2
|
||||
dest: /etc/init.d/cciss-vol-statusd
|
||||
mode: "0755"
|
||||
|
||||
- name: Enable HP hardware in systemd
|
||||
service:
|
||||
name: cciss-vol-statusd
|
||||
enabled: true
|
||||
state: started
|
||||
- name: Enable HP hardware in systemd
|
||||
service:
|
||||
name: cciss-vol-statusd
|
||||
enabled: true
|
||||
state: started
|
||||
when: "'Hewlett-Packard Company Smart Array' in raidmodel.stdout"
|
||||
|
||||
- block:
|
||||
- name: Add HW tool GPG key
|
||||
apt_key:
|
||||
# url: https://hwraid.le-vert.net/debian/hwraid.le-vert.net.gpg.key
|
||||
data: "{{ lookup('file', 'hwraid.le-vert.net.gpg.key') }}"
|
||||
when: ansible_distribution_major_version is version_compare('9', '>=')
|
||||
- name: MegaRAID SAS package is present
|
||||
block:
|
||||
- name: Add HW tool GPG key
|
||||
apt_key:
|
||||
# url: https://hwraid.le-vert.net/debian/hwraid.le-vert.net.gpg.key
|
||||
data: "{{ lookup('file', 'hwraid.le-vert.net.gpg.key') }}"
|
||||
when: ansible_distribution_major_version is version_compare('9', '>=')
|
||||
|
||||
- name: Add HW tool repository
|
||||
apt_repository:
|
||||
repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
|
||||
state: present
|
||||
- name: Add HW tool repository
|
||||
apt_repository:
|
||||
repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
|
||||
state: present
|
||||
|
||||
- name: Install packages for DELL/LSI hardware
|
||||
apt:
|
||||
name:
|
||||
- megacli
|
||||
- megaclisas-status
|
||||
allow_unauthenticated: yes
|
||||
- name: Install packages for DELL/LSI hardware
|
||||
apt:
|
||||
name:
|
||||
- megacli
|
||||
- megaclisas-status
|
||||
allow_unauthenticated: yes
|
||||
|
||||
- name: Configure packages for DELL/LSI hardware
|
||||
template:
|
||||
src: hardware/megaclisas-statusd.j2
|
||||
dest: /etc/default/megaclisas-statusd
|
||||
mode: "0755"
|
||||
- name: Configure packages for DELL/LSI hardware
|
||||
template:
|
||||
src: hardware/megaclisas-statusd.j2
|
||||
dest: /etc/default/megaclisas-statusd
|
||||
mode: "0755"
|
||||
|
||||
- name: Enable DELL/LSI hardware in systemd
|
||||
service:
|
||||
name: megaclisas-statusd
|
||||
enabled: true
|
||||
state: started
|
||||
- name: Enable DELL/LSI hardware in systemd
|
||||
service:
|
||||
name: megaclisas-statusd
|
||||
enabled: true
|
||||
state: started
|
||||
when: "'MegaRAID SAS' in raidmodel.stdout"
|
||||
|
||||
- meta: flush_handlers
|
||||
|
|
|
@ -54,16 +54,17 @@
|
|||
changed_when: false
|
||||
when: filebeat_logstash_plugin and logstash_plugin.stat.exists
|
||||
|
||||
- block:
|
||||
- include_role:
|
||||
name: evolix/remount-usr
|
||||
- name: Logstash plugin is installed
|
||||
block:
|
||||
- include_role:
|
||||
name: evolix/remount-usr
|
||||
|
||||
- name: Logstash plugin is installed
|
||||
command: /usr/share/logstash/bin/logstash-plugin install logstash-input-beats
|
||||
- name: logstash-plugin install logstash-input-beats
|
||||
command: /usr/share/logstash/bin/logstash-plugin install logstash-input-beats
|
||||
when:
|
||||
- filebeat_logstash_plugin
|
||||
- logstash_plugin.stat.exists
|
||||
- not logstash_plugin_installed | success
|
||||
- filebeat_logstash_plugin
|
||||
- logstash_plugin.stat.exists
|
||||
- not logstash_plugin_installed | success
|
||||
|
||||
- name: cloud_metadata processor is disabled
|
||||
replace:
|
||||
|
|
|
@ -1,20 +1,22 @@
|
|||
---
|
||||
|
||||
- block:
|
||||
- name: "Is {{ kvm_custom_libvirt_images_path }} present ?"
|
||||
stat:
|
||||
path: "{{ kvm_custom_libvirt_images_path }}"
|
||||
check_mode: no
|
||||
register: kvm_custom_libvirt_images_path_test
|
||||
- name: Set images path when customized
|
||||
block:
|
||||
- name: "Is {{ kvm_custom_libvirt_images_path }} present ?"
|
||||
stat:
|
||||
path: "{{ kvm_custom_libvirt_images_path }}"
|
||||
check_mode: no
|
||||
register: kvm_custom_libvirt_images_path_test
|
||||
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/libvirt/images
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
register: kvm_libvirt_images_current_real_path_test
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/libvirt/images
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
register: kvm_libvirt_images_current_real_path_test
|
||||
when: kvm_custom_libvirt_images_path != ''
|
||||
|
||||
- block:
|
||||
- name: Images directory is moved to custom path
|
||||
block:
|
||||
- name: "Move libvirt images to {{ kvm_custom_libvirt_images_path }}"
|
||||
command: mv /var/lib/libvirt/images {{ kvm_custom_libvirt_images_path }}
|
||||
args:
|
||||
|
@ -33,6 +35,6 @@
|
|||
dest: '/var/lib/libvirt/images'
|
||||
state: link
|
||||
when:
|
||||
- kvm_custom_libvirt_images_path != ''
|
||||
- kvm_custom_libvirt_images_path != kvm_libvirt_images_current_real_path_test.stdout
|
||||
- not kvm_custom_libvirt_images_path_test.stat.exists
|
||||
- kvm_custom_libvirt_images_path != ''
|
||||
- kvm_custom_libvirt_images_path != kvm_libvirt_images_current_real_path_test.stdout
|
||||
- not kvm_custom_libvirt_images_path_test.stat.exists
|
||||
|
|
Loading…
Reference in New Issue