Add "always_run: yes" where it's pertinent
There is also the "check_mode: no", but commented, for when we switch to Ansible 2.2
This commit is contained in:
parent
ca9d90fb07
commit
8920ff1ee4
|
@ -5,6 +5,8 @@
|
|||
register: uidisbusy
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Add Unix account with classical uid for '{{ user.name }}'
|
||||
user:
|
||||
|
@ -37,6 +39,8 @@
|
|||
stat:
|
||||
path: "/usr/share/scripts/evomaintenance.sh"
|
||||
register: evomaintenance_script
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Add evomaintenance trap for '{{ user.name }}'
|
||||
lineinfile:
|
||||
|
@ -65,6 +69,8 @@
|
|||
changed_when: False
|
||||
failed_when: False
|
||||
register: grep_allowusers_ssh
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Add AllowUsers sshd directive for '{{ user.name }}'
|
||||
lineinfile:
|
||||
|
@ -89,6 +95,8 @@
|
|||
changed_when: False
|
||||
failed_when: False
|
||||
register: grep_matchuser_ssh
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Add Match User sshd directive for '{{ user.name }}'
|
||||
lineinfile:
|
||||
|
|
|
@ -123,6 +123,8 @@
|
|||
failed_when: False
|
||||
changed_when: False
|
||||
register: envvar_grep_umask
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
tags:
|
||||
- apache
|
||||
|
||||
|
|
|
@ -4,6 +4,8 @@
|
|||
stat:
|
||||
path: /etc/munin/plugins/
|
||||
register: munin_plugins_dir
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
# https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/drbd/drbd
|
||||
- name: Get Munin plugin
|
||||
|
|
|
@ -4,6 +4,8 @@
|
|||
stat:
|
||||
path: /usr/local/lib/nagios/plugins/
|
||||
register: nagios_plugins_dir
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Check if /usr is a partition
|
||||
shell: "mount | grep 'on /usr type'"
|
||||
|
@ -12,6 +14,8 @@
|
|||
changed_when: False
|
||||
failed_when: False
|
||||
register: usr_partition
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Mount /usr in rw
|
||||
command: mount -o remount,rw /usr
|
||||
|
|
|
@ -5,11 +5,15 @@
|
|||
stat:
|
||||
path: "{{ elasticsearch_custom_datadir }}"
|
||||
register: elasticsearch_custom_datadir_test
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/elasticsearch
|
||||
changed_when: false
|
||||
register: elasticsearch_current_real_datadir_test
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
tags:
|
||||
- elasticsearch
|
||||
when: elasticsearch_custom_datadir
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
register: fstab_tmp_noexec
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- block:
|
||||
- name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
|
||||
|
|
|
@ -42,6 +42,8 @@
|
|||
changed_when: False
|
||||
failed_when: False
|
||||
register: git_log
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: initial commit is present?
|
||||
shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
|
||||
|
|
|
@ -45,6 +45,8 @@
|
|||
warn: no
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: usr_partition
|
||||
|
||||
- name: Mount /usr in rw
|
||||
|
|
|
@ -2,9 +2,13 @@
|
|||
- name: Determine Nginx presence
|
||||
stat:
|
||||
path: /etc/nginx/nginx.conf
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: stn
|
||||
|
||||
- name: Determine Apache presence
|
||||
stat:
|
||||
path: /etc/apache2/apache2.conf
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: sta
|
||||
|
|
|
@ -53,6 +53,8 @@
|
|||
- name: is Nginx installed?
|
||||
stat:
|
||||
path: /etc/nginx/sites-available
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: nginx_sites_available
|
||||
|
||||
- block:
|
||||
|
@ -84,6 +86,8 @@
|
|||
- name: is Apache installed?
|
||||
stat:
|
||||
path: /etc/apache2/sites-available
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: apache_sites_available
|
||||
|
||||
- block:
|
||||
|
|
|
@ -4,6 +4,8 @@
|
|||
|
||||
- name: Fetch fstab content
|
||||
command: "grep -v '^#' /etc/fstab"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: fstab_content
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
|
|
|
@ -8,6 +8,8 @@
|
|||
|
||||
- name: Check if Broadcom NetXtreme II device is present
|
||||
shell: "lspci | grep -q 'NetXtreme II'"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: broadcom
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
|
@ -25,6 +27,8 @@
|
|||
|
||||
- name: Detect if RAID is installed
|
||||
shell: lspci | grep "RAID bus controller" | grep -v Intel
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: raidmodel
|
||||
changed_when: "'FAILED' in raidmodel.stdout"
|
||||
failed_when: "'FAILED' in raidmodel.stdout"
|
||||
|
|
|
@ -62,6 +62,8 @@
|
|||
|
||||
- name: is an MTA installed?
|
||||
command: "dpkg -S /usr/sbin/sendmail"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: mta_installed
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
|
|
|
@ -14,6 +14,8 @@
|
|||
|
||||
- name: fetch users list
|
||||
shell: getent passwd | cut -d":" -f 1 | grep -v root
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: non_root_users_list
|
||||
changed_when: False
|
||||
tags:
|
||||
|
|
|
@ -44,6 +44,8 @@
|
|||
|
||||
- name: Is .bash_history append-only
|
||||
shell: lsattr /root/.bash_history | grep -E "^.*a.* "
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: bash_history_append_only
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
command: "grep 'Match Address' /etc/ssh/sshd_config"
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: grep_matchaddress_ssh
|
||||
|
||||
- name: Add Match Address sshd directive
|
||||
|
|
|
@ -13,6 +13,8 @@
|
|||
- name: list users with a shell
|
||||
shell: "cat /etc/passwd | grep -vE \"^root:\" | grep -E \":/[^:]+sh$\" | cut -d: -f6"
|
||||
changed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: home_of_shell_users
|
||||
|
||||
- include: trap.yml home={{ item }}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
- name: is {{ home }}/.bash_profile present?
|
||||
stat:
|
||||
path: "{{ home }}/.bash_profile"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: bash_profile
|
||||
|
||||
- name: install shell trap in {{ home }}/.bash_profile
|
||||
|
@ -14,6 +16,8 @@
|
|||
- name: is {{ home }}/.profile present?
|
||||
stat:
|
||||
path: "{{ home }}/.profile"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: profile
|
||||
when: not bash_profile.stat.exists
|
||||
|
||||
|
|
|
@ -20,10 +20,14 @@
|
|||
- name: is logstash-plugin available?
|
||||
stat:
|
||||
path: /usr/share/logstash/bin/logstash-plugin
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: logstash_plugin
|
||||
|
||||
- name: is logstash-input-beats installed?
|
||||
shell: grep logstash-input-beats /usr/share/logstash/Gemfile
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: logstash_plugin_installed
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
|
@ -36,6 +40,8 @@
|
|||
warn: no
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: usr_partition
|
||||
|
||||
- name: Mount /usr in rw
|
||||
|
|
|
@ -7,6 +7,8 @@
|
|||
warn: no
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: usr_partition
|
||||
|
||||
- name: Mount /usr in rw
|
||||
|
|
|
@ -4,8 +4,11 @@
|
|||
command: /sbin/iptables -L -n | grep -E "^(DROP\s+udp|ACCEPT\s+icmp)\s+--\s+0\.0\.0\.0\/0\s+0\.0\.0\.0\/0\s*$"
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: minifirewall_is_running
|
||||
check_mode: no
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
|
||||
- name: Begin marker for IP addresses
|
||||
lineinfile:
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
- name: is init script present?
|
||||
stat:
|
||||
path: /etc/init.d/minifirewall
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: init_minifirewall
|
||||
|
||||
- name: init script is copied
|
||||
|
@ -22,6 +24,8 @@
|
|||
- name: is configuration present?
|
||||
stat:
|
||||
path: /etc/default/minifirewall
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: default_minifirewall
|
||||
|
||||
- name: configuration is copied
|
||||
|
|
|
@ -4,11 +4,15 @@
|
|||
- name: "Is {{ mysql_custom_datadir }} present ?"
|
||||
stat:
|
||||
path: "{{ mysql_custom_datadir }}"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: mysql_custom_datadir_test
|
||||
|
||||
- name: "read the real datadir"
|
||||
command: readlink -f /var/lib/mysql
|
||||
changed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: mysql_current_real_datadir_test
|
||||
tags:
|
||||
- mysql
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
- name: Is log2mail present ?
|
||||
stat:
|
||||
path: /etc/log2mail/config
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: log2mail_config_dir
|
||||
tags:
|
||||
- mysql
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
- name: is Munin present ?
|
||||
stat:
|
||||
path: /etc/munin/plugin-conf.d/munin-node
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: munin_node_plugins_config
|
||||
tags:
|
||||
- mysql
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
- name: is NRPE present ?
|
||||
stat:
|
||||
path: /etc/nagios/nrpe.d/evolix.cfg
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: nrpe_evolix_config
|
||||
tags:
|
||||
- mysql
|
||||
|
|
|
@ -120,6 +120,8 @@
|
|||
- name: Check if Munin is installed
|
||||
stat:
|
||||
path: /etc/munin/plugin-conf.d/munin-node
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: stat_munin_node
|
||||
tags:
|
||||
- nginx
|
||||
|
|
|
@ -80,8 +80,8 @@
|
|||
become_user: "{{ username }}"
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
register: ruby_installed
|
||||
always_run: yes
|
||||
register: ruby_installed
|
||||
tags:
|
||||
- rbenv
|
||||
|
||||
|
@ -95,9 +95,9 @@
|
|||
- name: is Ruby {{ rbenv_ruby_version }} selected for {{ username }} ?
|
||||
shell: /bin/bash -lc "rbenv version | cut -d ' ' -f 1 | grep -Fx '{{ rbenv_ruby_version }}'"
|
||||
become_user: "{{ username }}"
|
||||
always_run: yes
|
||||
register: ruby_selected
|
||||
changed_when: False
|
||||
always_run: yes
|
||||
tags:
|
||||
- rbenv
|
||||
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
- name: is log2mail installed?
|
||||
stat:
|
||||
path: /etc/log2mail/config/
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: log2mail_config
|
||||
|
||||
- block:
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
- name: Check if Minifirewall is present
|
||||
stat:
|
||||
path: /etc/default/minifirewall
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: minifirewall_test
|
||||
|
||||
- name: configure Minifirewall for Squid
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
---
|
||||
- stat:
|
||||
path: "{{ tomcat_instance_root | mandatory }}/{{ tomcat_instance_name | mandatory }}"
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: tomcat_instance_stat
|
||||
|
||||
- include: tomcat.yml
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
warn: no
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
#check_mode: no (for migration to Ansible 2.2)
|
||||
always_run: yes
|
||||
register: usr_partition
|
||||
|
||||
- name: Mount /usr in rw
|
||||
|
|
Loading…
Reference in New Issue