Add names to many blocks

1 year ago · 6801f4e00e
10 changed files with 236 additions and 224 deletions
--- a/certbot/tasks/acme-challenge.yml
+++ b/certbot/tasks/acme-challenge.yml
@ -24,19 +24,20 @@
    path: /usr/sbin/apachectl
  register: is_apache

- block:
-  - name: ACME challenge for Apache is installed
-    template:
-      src: acme-challenge/apache.conf.j2
-      dest: /etc/apache2/conf-available/letsencrypt.conf
-      force: yes
-    notify: reload apache
-
-  - name: ACME challenge for Apache is enabled
-    command: "a2enconf letsencrypt"
-    register: command_result
-    changed_when: "'Enabling' in command_result.stderr"
-    notify: reload apache
+- name: ACME challenge for Apache
+  block:
+    - name: ACME challenge for Apache is installed
+      template:
+        src: acme-challenge/apache.conf.j2
+        dest: /etc/apache2/conf-available/letsencrypt.conf
+        force: yes
+      notify: reload apache
+
+    - name: ACME challenge for Apache is enabled
+      command: "a2enconf letsencrypt"
+      register: command_result
+      changed_when: "'Enabling' in command_result.stderr"
+      notify: reload apache
  when: is_apache.stat.exists

 - name: Check if HAProxy is installed
--- a/dovecot/tasks/munin.yml
+++ b/dovecot/tasks/munin.yml
@ -6,12 +6,13 @@
  check_mode: no
  register: munin_node_plugins_config

- block:
-  - name: Install munin plugin
-    copy:
-      src: munin_plugin
-      dest: /etc/munin/plugins/dovecot
-      mode: "0755"
+- name: Munin plugins are present and configured
+  block:
+    - name: Install munin plugin
+      copy:
+        src: munin_plugin
+        dest: /etc/munin/plugins/dovecot
+        mode: "0755"

 # TODO : add in /etc/munin/plugin-conf.d/munin-node
 # [dovecot]
--- a/elasticsearch/tasks/datadir.yml
+++ b/elasticsearch/tasks/datadir.yml
@ -1,44 +1,46 @@
 ---

- block:
-  - name: "Is custom datadir present ?"
-    stat:
-      path: "{{ elasticsearch_custom_datadir }}"
-    register: elasticsearch_custom_datadir_test
-    check_mode: no
+- name: Set real datadir value when customized
+  block:
+    - name: "Is custom datadir present ?"
+      stat:
+        path: "{{ elasticsearch_custom_datadir }}"
+      register: elasticsearch_custom_datadir_test
+      check_mode: no

-  - name: "read the real datadir"
-    command: readlink -f /var/lib/elasticsearch
-    changed_when: false
-    register: elasticsearch_current_real_datadir_test
-    check_mode: no
+    - name: "read the real datadir"
+      command: readlink -f /var/lib/elasticsearch
+      changed_when: false
+      register: elasticsearch_current_real_datadir_test
+      check_mode: no
  tags:
    - elasticsearch
  when:
    - elasticsearch_custom_datadir != ''
    - elasticsearch_custom_datadir != None

- block:
-  - name: elasticsearch is stopped
-    service:
-      name: elasticsearch
-      state: stopped
+- name: Datadir is moved to custom path
+  block:
+    - name: elasticsearch is stopped
+      service:
+        name: elasticsearch
+        state: stopped

-  - name: Move elasticsearch datadir to custom datadir
-    command: mv {{ elasticsearch_current_real_datadir_test.stdout }} {{ elasticsearch_custom_datadir }}
-    args:
-      creates: "{{ elasticsearch_custom_datadir }}"
+    - name: Move elasticsearch datadir to custom datadir
+      command: mv {{ elasticsearch_current_real_datadir_test.stdout }} {{ elasticsearch_custom_datadir }}
+      args:
+        creates: "{{ elasticsearch_custom_datadir }}"

-  - name: Symlink {{ elasticsearch_custom_datadir }} to /var/lib/elasticsearch
-    file:
-      src: "{{ elasticsearch_custom_datadir }}"
-      dest: '/var/lib/elasticsearch'
-      state: link
+    - name: Symlink {{ elasticsearch_custom_datadir }} to /var/lib/elasticsearch
+      file:
+        src: "{{ elasticsearch_custom_datadir }}"
+        dest: '/var/lib/elasticsearch'
+        state: link

-  - name: elasticsearch is started
-    service:
-      name: elasticsearch
-      state: started
+    - name: elasticsearch is started
+      service:
+        name: elasticsearch
+        state: started
  tags:
    - elasticsearch
  when:
--- a/elasticsearch/tasks/plugin_head.yml
+++ b/elasticsearch/tasks/plugin_head.yml
@ -8,28 +8,29 @@
    system: yes
    shell: /bin/false

- block:
-  - name: Head repository is checked-out
-    git:
-      repo: "https://github.com/mobz/elasticsearch-head.git"
-      dest: "{{ elasticsearch_plugin_head_clone_dir }}"
-      clone: yes
-    tags:
-      - packages
+- name: Head plugin is installed
+  block:
+    - name: Head repository is checked-out
+      git:
+        repo: "https://github.com/mobz/elasticsearch-head.git"
+        dest: "{{ elasticsearch_plugin_head_clone_dir }}"
+        clone: yes
+      tags:
+        - packages

-  - name: Create tmpdir
-    file:
-      dest: "{{ elasticsearch_plugin_head_tmp_dir }}"
-      state: directory
+    - name: Create tmpdir
+      file:
+        dest: "{{ elasticsearch_plugin_head_tmp_dir }}"
+        state: directory

-  - name: NPM packages for head are installed
-    npm:
-      path: "{{ elasticsearch_plugin_head_clone_dir }}"
-    tags:
-      - packages
-      - npm
-    environment:
-      TMPDIR: "{{ elasticsearch_plugin_head_tmp_dir }}"
+    - name: NPM packages for head are installed
+      npm:
+        path: "{{ elasticsearch_plugin_head_clone_dir }}"
+      tags:
+        - packages
+        - npm
+      environment:
+        TMPDIR: "{{ elasticsearch_plugin_head_tmp_dir }}"
  become_user: "{{ elasticsearch_plugin_head_owner }}"
  become: yes

--- a/elasticsearch/tasks/tmpdir.yml
+++ b/elasticsearch/tasks/tmpdir.yml
@ -7,50 +7,51 @@
  changed_when: False
  check_mode: no

- block:
-  - name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
-    file:
-      path: "{{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
-      owner: elasticsearch
-      group: elasticsearch
-      mode: "0755"
-      state: directory
-    tags:
-      - elasticsearch
+- name: Tmpdir is moved to custom path
+  block:
+    - name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
+      file:
+        path: "{{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
+        owner: elasticsearch
+        group: elasticsearch
+        mode: "0755"
+        state: directory
+      tags:
+        - elasticsearch

-  - name: change JVM tmpdir (< 6.x)
-    lineinfile:
-      dest: /etc/elasticsearch/jvm.options
-      line: "-Djava.io.tmpdir={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
-      regexp: "^-Djava.io.tmpdir="
-      insertafter: "## JVM configuration"
-    notify:
-      - restart elasticsearch
-    tags:
-      - elasticsearch
-    when: elastic_stack_version is version_compare('6', '<')
+    - name: change JVM tmpdir (< 6.x)
+      lineinfile:
+        dest: /etc/elasticsearch/jvm.options
+        line: "-Djava.io.tmpdir={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
+        regexp: "^-Djava.io.tmpdir="
+        insertafter: "## JVM configuration"
+      notify:
+        - restart elasticsearch
+      tags:
+        - elasticsearch
+      when: elastic_stack_version is version_compare('6', '<')

-  - name: check if ES_TMPDIR is available (>= 6.x)
-    lineinfile:
-      dest: /etc/default/elasticsearch
-      line: "ES_TMPDIR={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
-      regexp: "^ES_TMPDIR="
-      insertafter: "JAVA_HOME"
-    notify:
-      - restart elasticsearch
-    tags:
-      - elasticsearch
-    when: elastic_stack_version is version_compare('6', '>=')
+    - name: check if ES_TMPDIR is available (>= 6.x)
+      lineinfile:
+        dest: /etc/default/elasticsearch
+        line: "ES_TMPDIR={{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
+        regexp: "^ES_TMPDIR="
+        insertafter: "JAVA_HOME"
+      notify:
+        - restart elasticsearch
+      tags:
+        - elasticsearch
+      when: elastic_stack_version is version_compare('6', '>=')

-  - name: change JVM tmpdir (>= 6.x)
-    lineinfile:
-      dest: /etc/elasticsearch/jvm.options
-      line: "-Djava.io.tmpdir=${ES_TMPDIR}"
-      regexp: "^-Djava.io.tmpdir="
-      insertafter: "## JVM configuration"
-    notify:
-      - restart elasticsearch
-    tags:
-      - elasticsearch
-    when: elastic_stack_version is version_compare('6', '>=')
+    - name: change JVM tmpdir (>= 6.x)
+      lineinfile:
+        dest: /etc/elasticsearch/jvm.options
+        line: "-Djava.io.tmpdir=${ES_TMPDIR}"
+        regexp: "^-Djava.io.tmpdir="
+        insertafter: "## JVM configuration"
+      notify:
+        - restart elasticsearch
+      tags:
+        - elasticsearch
+      when: elastic_stack_version is version_compare('6', '>=')
  when: (elasticsearch_custom_tmpdir != '' and elasticsearch_custom_tmpdir != None) or fstab_tmp_noexec.rc == 0
--- a/evoacme/tasks/certbot.yml
+++ b/evoacme/tasks/certbot.yml
@ -1,18 +1,19 @@
 ---

- block:
-  - name: install jessie-backports
-    include_role:
-      name: evolix/apt
-      tasks_from: backports.yml
-
-  - name: Add exceptions for certbot dependencies
-    copy:
-      src: backports-certbot
-      dest: /etc/apt/preferences.d/z-backports-certbot
-    notify: apt update
-
-  - meta: flush_handlers
+- name: Use backports for jessie
+  block:
+    - name: install jessie-backports
+      include_role:
+        name: evolix/apt
+        tasks_from: backports.yml
+
+    - name: Add exceptions for certbot dependencies
+      copy:
+        src: backports-certbot
+        dest: /etc/apt/preferences.d/z-backports-certbot
+      notify: apt update
+
+    - meta: flush_handlers
  when: ansible_distribution_release == "jessie"

 - name: Install certbot with apt
--- a/evolinux-base/tasks/default_www.yml
+++ b/evolinux-base/tasks/default_www.yml
@ -25,24 +25,24 @@

 # SSL cert

- block:
-
-  - name: Create private key and csr for default site ({{ ansible_fqdn }})
-    command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
-    args:
-      creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"
-
-  - name: Adjust rights on private key
-    file:
-      path: /etc/ssl/private/{{ ansible_fqdn }}.key
-      owner: root
-      group: ssl-cert
-      mode: "0640"
-
-  - name: Create certificate for default site
-    command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
-    args:
-      creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
+- name: Default certificate is present
+  block:
+    - name: Create private key and csr for default site ({{ ansible_fqdn }})
+      command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
+      args:
+        creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"
+
+    - name: Adjust rights on private key
+      file:
+        path: /etc/ssl/private/{{ ansible_fqdn }}.key
+        owner: root
+        group: ssl-cert
+        mode: "0640"
+
+    - name: Create certificate for default site
+      command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
+      args:
+        creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
  when: evolinux_default_www_ssl_cert

 - meta: flush_handlers
--- a/evolinux-base/tasks/hardware.yml
+++ b/evolinux-base/tasks/hardware.yml
@ -33,67 +33,69 @@
  changed_when: "'FAILED' in raidmodel.stdout"
  failed_when: "'FAILED' in raidmodel.stdout"

- block:
-  - name: Add HPE GPG key
-    apt_key:
-      #url: https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
-      data: "{{ lookup('file', 'hpePublicKey2048_key1.pub') }}"
-
-  - name: Add HPE repository
-    apt_repository:
-      repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
-      state: present
-
-  - name: Install packages for HP hardware
-    apt:
-      name:
-        - cciss-vol-status
-        - ssacli
-      state: present
-
-  - name: Configure packages for HP hardware
-    template:
-      src: hardware/cciss-vol-statusd.j2
-      dest: /etc/init.d/cciss-vol-statusd
-      mode: "0755"
-
-  - name: Enable HP hardware in systemd
-    service:
-      name: cciss-vol-statusd
-      enabled: true
-      state: started
+- name: HP Smart Array package is present
+  block:
+    - name: Add HPE GPG key
+      apt_key:
+        #url: https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
+        data: "{{ lookup('file', 'hpePublicKey2048_key1.pub') }}"
+
+    - name: Add HPE repository
+      apt_repository:
+        repo: 'deb https://downloads.linux.hpe.com/SDR/repo/mcp {{ ansible_distribution_release }}/current non-free'
+        state: present
+
+    - name: Install packages for HP hardware
+      apt:
+        name:
+          - cciss-vol-status
+          - ssacli
+        state: present
+
+    - name: Configure packages for HP hardware
+      template:
+        src: hardware/cciss-vol-statusd.j2
+        dest: /etc/init.d/cciss-vol-statusd
+        mode: "0755"
+
+    - name: Enable HP hardware in systemd
+      service:
+        name: cciss-vol-statusd
+        enabled: true
+        state: started
  when: "'Hewlett-Packard Company Smart Array' in raidmodel.stdout"

- block:
-  - name: Add HW tool GPG key
-    apt_key:
-      # url: https://hwraid.le-vert.net/debian/hwraid.le-vert.net.gpg.key
-      data: "{{ lookup('file', 'hwraid.le-vert.net.gpg.key') }}"
-    when: ansible_distribution_major_version is version_compare('9', '>=')
-
-  - name: Add HW tool repository
-    apt_repository:
-      repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
-      state: present
-
-  - name: Install packages for DELL/LSI hardware
-    apt:
-      name:
-        - megacli
-        - megaclisas-status
-      allow_unauthenticated: yes
-
-  - name: Configure packages for DELL/LSI hardware
-    template:
-      src: hardware/megaclisas-statusd.j2
-      dest: /etc/default/megaclisas-statusd
-      mode: "0755"
-
-  - name: Enable DELL/LSI hardware in systemd
-    service:
-      name: megaclisas-statusd
-      enabled: true
-      state: started
+- name: MegaRAID SAS package is present
+  block:
+    - name: Add HW tool GPG key
+      apt_key:
+        # url: https://hwraid.le-vert.net/debian/hwraid.le-vert.net.gpg.key
+        data: "{{ lookup('file', 'hwraid.le-vert.net.gpg.key') }}"
+      when: ansible_distribution_major_version is version_compare('9', '>=')
+
+    - name: Add HW tool repository
+      apt_repository:
+        repo: 'deb http://hwraid.le-vert.net/debian {{ ansible_distribution_release }} main'
+        state: present
+
+    - name: Install packages for DELL/LSI hardware
+      apt:
+        name:
+          - megacli
+          - megaclisas-status
+        allow_unauthenticated: yes
+
+    - name: Configure packages for DELL/LSI hardware
+      template:
+        src: hardware/megaclisas-statusd.j2
+        dest: /etc/default/megaclisas-statusd
+        mode: "0755"
+
+    - name: Enable DELL/LSI hardware in systemd
+      service:
+        name: megaclisas-statusd
+        enabled: true
+        state: started
  when: "'MegaRAID SAS' in raidmodel.stdout"

 - meta: flush_handlers
--- a/filebeat/tasks/main.yml
+++ b/filebeat/tasks/main.yml
@ -54,16 +54,17 @@
  changed_when: false
  when: filebeat_logstash_plugin and logstash_plugin.stat.exists

- block:
-  - include_role:
-      name: evolix/remount-usr
+- name: Logstash plugin is installed
+  block:
+    - include_role:
+        name: evolix/remount-usr

-  - name: Logstash plugin is installed
-    command: /usr/share/logstash/bin/logstash-plugin install logstash-input-beats
+    - name: logstash-plugin install logstash-input-beats
+      command: /usr/share/logstash/bin/logstash-plugin install logstash-input-beats
  when:
-  - filebeat_logstash_plugin
-  - logstash_plugin.stat.exists
-  - not logstash_plugin_installed | success
+    - filebeat_logstash_plugin
+    - logstash_plugin.stat.exists
+    - not logstash_plugin_installed | success

 - name: cloud_metadata processor is disabled
  replace:
--- a/kvm-host/tasks/images.yml
+++ b/kvm-host/tasks/images.yml
@ -1,20 +1,22 @@
 ---

- block:
-  - name: "Is {{ kvm_custom_libvirt_images_path }} present ?"
-    stat:
-      path: "{{ kvm_custom_libvirt_images_path }}"
-    check_mode: no
-    register: kvm_custom_libvirt_images_path_test
+- name: Set images path when customized
+  block:
+    - name: "Is {{ kvm_custom_libvirt_images_path }} present ?"
+      stat:
+        path: "{{ kvm_custom_libvirt_images_path }}"
+      check_mode: no
+      register: kvm_custom_libvirt_images_path_test

-  - name: "read the real datadir"
-    command: readlink -f /var/lib/libvirt/images
-    changed_when: False
-    check_mode: no
-    register: kvm_libvirt_images_current_real_path_test
+    - name: "read the real datadir"
+      command: readlink -f /var/lib/libvirt/images
+      changed_when: False
+      check_mode: no
+      register: kvm_libvirt_images_current_real_path_test
  when: kvm_custom_libvirt_images_path != ''

- block:
+- name: Images directory is moved to custom path
+  block:
    - name: "Move libvirt images to {{ kvm_custom_libvirt_images_path }}"
      command: mv /var/lib/libvirt/images {{ kvm_custom_libvirt_images_path }}
      args:
@ -33,6 +35,6 @@
        dest: '/var/lib/libvirt/images'
        state: link
  when:
-  - kvm_custom_libvirt_images_path != ''
-  - kvm_custom_libvirt_images_path != kvm_libvirt_images_current_real_path_test.stdout
-  - not kvm_custom_libvirt_images_path_test.stat.exists
+    - kvm_custom_libvirt_images_path != ''
+    - kvm_custom_libvirt_images_path != kvm_libvirt_images_current_real_path_test.stdout
+    - not kvm_custom_libvirt_images_path_test.stat.exists