evomaintenance: fix role compatibility with OpenBSD

CHANGELOG.md

@@ -19,6 +19,7 @@ The **patch** part changes incrementally at each release.
 
 ### Fixed
 * evoacme: better error when apache2ctl fails
+* evomaintenance: fix role compatibility with OpenBSD
 * spamassassin: add missing right for amavis
 * amavis: fix output result checking
 

evomaintenance/tasks/install_package.yml

@@ -1,15 +0,0 @@
----
-
-- name: Install Evolix public repositry
-  include_role:
-    name: apt
-    tasks_from: evolix_public.yml
-  tags:
-    - evomaintenance
-
-- name: evomaintenance is installed
-  apt:
-    name: evomaintenance
-    allow_unauthenticated: yes
-  tags:
-    - evomaintenance

evomaintenance/tasks/install_package_debian.yml

@@ -0,0 +1,26 @@
+---
+
+- name: Evolix public repositry is installed
+  include_role:
+    name: apt
+    tasks_from: evolix_public.yml
+  tags:
+    - evomaintenance
+
+- name: Package is installed
+  apt:
+    name: evomaintenance
+    allow_unauthenticated: yes
+  tags:
+    - evomaintenance
+
+- name: Configuration is installed
+  template:
+    src: evomaintenance.j2
+    dest: /etc/evomaintenance.cf
+    owner: root
+    group: root
+    mode: "0600"
+    force: "{{ evomaintenance_force_config | bool }}"
+  tags:
+    - evomaintenance

evomaintenance/tasks/install_vendor_debian.yml

@@ -1,12 +1,14 @@
 ---
 
-- name: dependencies are installed
+- name: Dependencies are installed
   apt:
     name: "{{ item }}"
     state: present
   with_items:
     - postgresql-client
     - sudo
+  tags:
+    - evomaintenance
 
 - include_role:
     name: remount-usr
@@ -46,3 +48,14 @@
     backup: yes
   tags:
     - evomaintenance
+
+- name: Configuration is installed
+  template:
+    src: evomaintenance.j2
+    dest: /etc/evomaintenance.cf
+    owner: root
+    group: root
+    mode: "0600"
+    force: "{{ evomaintenance_force_config | bool }}"
+  tags:
+    - evomaintenance

evomaintenance/tasks/install_vendor_openbsd.yml

@@ -0,0 +1,46 @@
+---
+
+- name: /usr/share/scripts exists
+  file:
+    dest: /usr/share/scripts
+    mode: "0700"
+    owner: root
+    group: wheel
+    state: directory
+  tags:
+    - evomaintenance
+
+- name: Script is installed
+  copy:
+    src: evomaintenance.sh
+    dest: /usr/share/scripts/evomaintenance.sh
+    mode: "0700"
+    owner: root
+    group: wheel
+    force: yes
+    backup: yes
+  tags:
+    - evomaintenance
+
+- name: Template is installed
+  copy:
+    src: evomaintenance.tpl
+    dest: /usr/share/scripts/evomaintenance.tpl
+    mode: "0600"
+    owner: root
+    group: wheel
+    force: yes
+    backup: yes
+  tags:
+    - evomaintenance
+
+- name: Configuration is installed
+  template:
+    src: evomaintenance.j2
+    dest: /etc/evomaintenance.cf
+    owner: root
+    group: wheel
+    mode: "0600"
+    force: "{{ evomaintenance_force_config | bool }}"
+  tags:
+    - evomaintenance

evomaintenance/tasks/main.yml

@@ -3,54 +3,18 @@
 - set_fact:
     minifirewall_restart_handler_name: "{{ minifirewall_restart_if_needed | ternary('restart minifirewall', 'restart minifirewall (noop)') }}"
 
-- include: install_package.yml
-  when: not evomaintenance_install_vendor
+- include: install_package_debian.yml
+  when:
+    - not evomaintenance_install_vendor
+    - ansible_distribution == "Debian"
 
-- include: install_vendor.yml
-  when: evomaintenance_install_vendor
+- include: install_vendor_debian.yml
+  when:
+    - evomaintenance_install_vendor
+    - ansible_distribution == "Debian"
 
-- name: configuration is applied
-  template:
-    src: evomaintenance.j2
-    dest: /etc/evomaintenance.cf
-    owner: root
-    group: root
-    mode: "0600"
-    force: "{{ evomaintenance_force_config | bool }}"
-  tags:
-    - evomaintenance
+- include: install_vendor_openbsd.yml
+  when:
+    - ansible_distribution == "OpenBSD"
 
-- name: Is minifirewall installed?
-  stat:
-    path: /etc/default/minifirewall
-  register: minifirewall_default_file
-  tags:
-    - evomaintenance
-
-- name: minifirewall section for evomaintenance
-  lineinfile:
-    dest: /etc/default/minifirewall
-    line: "/sbin/iptables -A INPUT -p tcp --sport 5432 --dport 1024:65535 -s {{ item }} -m state --state ESTABLISHED,RELATED -j ACCEPT"
-    insertafter: "^# EvoMaintenance"
-  with_items: "{{ evomaintenance_hosts }}"
-  notify: "{{ minifirewall_restart_handler_name }}"
-  when: minifirewall_default_file.stat.exists
-  tags:
-    - evomaintenance
-
-- name: remove minifirewall example rule for the proxy
-  lineinfile:
-    dest: /etc/default/minifirewall
-    regexp: '^#.*(--sport 5432).*(-s X\.X\.X\.X)'
-    state: absent
-  notify: "{{ minifirewall_restart_handler_name }}"
-  when: minifirewall_default_file.stat.exists
-  tags:
-    - evomaintenance
-
--  name: Force restart minifirewall
-   command: /bin/true
-   notify: restart minifirewall
-   when: minifirewall_restart_force
-   tags:
-     - evomaintenance
+- include: minifirewall.yml

evomaintenance/tasks/minifirewall.yml

@@ -0,0 +1,36 @@
+---
+
+- name: Is minifirewall installed?
+  stat:
+    path: /etc/default/minifirewall
+  register: minifirewall_default_file
+  tags:
+    - evomaintenance
+
+- name: minifirewall section for evomaintenance
+  lineinfile:
+    dest: /etc/default/minifirewall
+    line: "/sbin/iptables -A INPUT -p tcp --sport 5432 --dport 1024:65535 -s {{ item }} -m state --state ESTABLISHED,RELATED -j ACCEPT"
+    insertafter: "^# EvoMaintenance"
+  with_items: "{{ evomaintenance_hosts }}"
+  notify: "{{ minifirewall_restart_handler_name }}"
+  when: minifirewall_default_file.stat.exists
+  tags:
+    - evomaintenance
+
+- name: remove minifirewall example rule for the proxy
+  lineinfile:
+    dest: /etc/default/minifirewall
+    regexp: '^#.*(--sport 5432).*(-s X\.X\.X\.X)'
+    state: absent
+  notify: "{{ minifirewall_restart_handler_name }}"
+  when: minifirewall_default_file.stat.exists
+  tags:
+    - evomaintenance
+
+-  name: Force restart minifirewall
+   command: /bin/true
+   notify: restart minifirewall
+   when: minifirewall_restart_force
+   tags:
+     - evomaintenance