From 8920ff1ee4dcd6f1748bbfc1c839e2b95fa7b82f Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Tue, 31 Jan 2017 11:45:35 +0100 Subject: [PATCH] Add "always_run: yes" where it's pertinent There is also the "check_mode: no", but commented, for when we switch to Ansible 2.2 --- admin-users/tasks/adduser_debian.yml | 8 ++++++++ apache/tasks/main.yml | 2 ++ drbd-utils/tasks/munin.yml | 2 ++ drbd-utils/tasks/nagios.yml | 4 ++++ elasticsearch/tasks/datadir.yml | 4 ++++ elasticsearch/tasks/tmpdir.yml | 2 ++ etc-git/tasks/main.yml | 2 ++ evoacme/tasks/certbot.yml | 2 ++ evoacme/tasks/webserver.yml | 4 ++++ evolinux-base/tasks/default_www.yml | 4 ++++ evolinux-base/tasks/fstab.yml | 2 ++ evolinux-base/tasks/hardware.yml | 4 ++++ evolinux-base/tasks/packages.yml | 2 ++ evolinux-base/tasks/postfix.yml | 2 ++ evolinux-base/tasks/root.yml | 2 ++ evolinux-base/tasks/ssh.yml | 2 ++ evomaintenance/tasks/main.yml | 2 ++ evomaintenance/tasks/trap.yml | 4 ++++ filebeat/tasks/main.yml | 6 ++++++ kvm-host/tasks/main.yml | 2 ++ minifirewall/tasks/config.yml | 5 ++++- minifirewall/tasks/install.yml | 4 ++++ mysql/tasks/datadir.yml | 4 ++++ mysql/tasks/log2mail.yml | 2 ++ mysql/tasks/munin.yml | 2 ++ mysql/tasks/nrpe.yml | 2 ++ nginx/tasks/main.yml | 2 ++ rbenv/tasks/main.yml | 4 ++-- squid/tasks/log2mail.yml | 2 ++ squid/tasks/minifirewall.yml | 2 ++ tomcat-instance/tasks/main.yml | 2 ++ tomcat-instance/tasks/nagios.yml | 2 ++ 32 files changed, 92 insertions(+), 3 deletions(-) diff --git a/admin-users/tasks/adduser_debian.yml b/admin-users/tasks/adduser_debian.yml index abbfb389..f3d5ab3a 100644 --- a/admin-users/tasks/adduser_debian.yml +++ b/admin-users/tasks/adduser_debian.yml @@ -5,6 +5,8 @@ register: uidisbusy failed_when: False changed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Add Unix account with classical uid for '{{ user.name }}' user: @@ -37,6 +39,8 @@ stat: path: "/usr/share/scripts/evomaintenance.sh" register: evomaintenance_script + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Add evomaintenance trap for '{{ user.name }}' lineinfile: @@ -65,6 +69,8 @@ changed_when: False failed_when: False register: grep_allowusers_ssh + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Add AllowUsers sshd directive for '{{ user.name }}' lineinfile: @@ -89,6 +95,8 @@ changed_when: False failed_when: False register: grep_matchuser_ssh + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Add Match User sshd directive for '{{ user.name }}' lineinfile: diff --git a/apache/tasks/main.yml b/apache/tasks/main.yml index da1d43fd..fd821a9e 100644 --- a/apache/tasks/main.yml +++ b/apache/tasks/main.yml @@ -123,6 +123,8 @@ failed_when: False changed_when: False register: envvar_grep_umask + #check_mode: no (for migration to Ansible 2.2) + always_run: yes tags: - apache diff --git a/drbd-utils/tasks/munin.yml b/drbd-utils/tasks/munin.yml index 0960d55f..6048dfd9 100644 --- a/drbd-utils/tasks/munin.yml +++ b/drbd-utils/tasks/munin.yml @@ -4,6 +4,8 @@ stat: path: /etc/munin/plugins/ register: munin_plugins_dir + #check_mode: no (for migration to Ansible 2.2) + always_run: yes # https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/drbd/drbd - name: Get Munin plugin diff --git a/drbd-utils/tasks/nagios.yml b/drbd-utils/tasks/nagios.yml index fb2c9409..e2549886 100644 --- a/drbd-utils/tasks/nagios.yml +++ b/drbd-utils/tasks/nagios.yml @@ -4,6 +4,8 @@ stat: path: /usr/local/lib/nagios/plugins/ register: nagios_plugins_dir + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Check if /usr is a partition shell: "mount | grep 'on /usr type'" @@ -12,6 +14,8 @@ changed_when: False failed_when: False register: usr_partition + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Mount /usr in rw command: mount -o remount,rw /usr diff --git a/elasticsearch/tasks/datadir.yml b/elasticsearch/tasks/datadir.yml index ae01417a..2a896226 100644 --- a/elasticsearch/tasks/datadir.yml +++ b/elasticsearch/tasks/datadir.yml @@ -5,11 +5,15 @@ stat: path: "{{ elasticsearch_custom_datadir }}" register: elasticsearch_custom_datadir_test + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: "read the real datadir" command: readlink -f /var/lib/elasticsearch changed_when: false register: elasticsearch_current_real_datadir_test + #check_mode: no (for migration to Ansible 2.2) + always_run: yes tags: - elasticsearch when: elasticsearch_custom_datadir diff --git a/elasticsearch/tasks/tmpdir.yml b/elasticsearch/tasks/tmpdir.yml index 045cf3e2..ff199fa0 100644 --- a/elasticsearch/tasks/tmpdir.yml +++ b/elasticsearch/tasks/tmpdir.yml @@ -5,6 +5,8 @@ register: fstab_tmp_noexec failed_when: False changed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - block: - name: "Create {{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}" diff --git a/etc-git/tasks/main.yml b/etc-git/tasks/main.yml index 0ef8762a..37a5b839 100644 --- a/etc-git/tasks/main.yml +++ b/etc-git/tasks/main.yml @@ -42,6 +42,8 @@ changed_when: False failed_when: False register: git_log + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: initial commit is present? shell: "git add -A . && git commit -m \"Initial commit via Ansible\"" diff --git a/evoacme/tasks/certbot.yml b/evoacme/tasks/certbot.yml index 9532e265..433564f2 100644 --- a/evoacme/tasks/certbot.yml +++ b/evoacme/tasks/certbot.yml @@ -45,6 +45,8 @@ warn: no changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: usr_partition - name: Mount /usr in rw diff --git a/evoacme/tasks/webserver.yml b/evoacme/tasks/webserver.yml index b3f416df..cc97617a 100644 --- a/evoacme/tasks/webserver.yml +++ b/evoacme/tasks/webserver.yml @@ -2,9 +2,13 @@ - name: Determine Nginx presence stat: path: /etc/nginx/nginx.conf + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: stn - name: Determine Apache presence stat: path: /etc/apache2/apache2.conf + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: sta diff --git a/evolinux-base/tasks/default_www.yml b/evolinux-base/tasks/default_www.yml index d9121255..8c00bc81 100644 --- a/evolinux-base/tasks/default_www.yml +++ b/evolinux-base/tasks/default_www.yml @@ -53,6 +53,8 @@ - name: is Nginx installed? stat: path: /etc/nginx/sites-available + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: nginx_sites_available - block: @@ -84,6 +86,8 @@ - name: is Apache installed? stat: path: /etc/apache2/sites-available + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: apache_sites_available - block: diff --git a/evolinux-base/tasks/fstab.yml b/evolinux-base/tasks/fstab.yml index 0b742a6d..628d3e7d 100644 --- a/evolinux-base/tasks/fstab.yml +++ b/evolinux-base/tasks/fstab.yml @@ -4,6 +4,8 @@ - name: Fetch fstab content command: "grep -v '^#' /etc/fstab" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: fstab_content failed_when: False changed_when: False diff --git a/evolinux-base/tasks/hardware.yml b/evolinux-base/tasks/hardware.yml index 4a85f4be..b2f2b060 100644 --- a/evolinux-base/tasks/hardware.yml +++ b/evolinux-base/tasks/hardware.yml @@ -8,6 +8,8 @@ - name: Check if Broadcom NetXtreme II device is present shell: "lspci | grep -q 'NetXtreme II'" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: broadcom failed_when: False changed_when: False @@ -25,6 +27,8 @@ - name: Detect if RAID is installed shell: lspci | grep "RAID bus controller" | grep -v Intel + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: raidmodel changed_when: "'FAILED' in raidmodel.stdout" failed_when: "'FAILED' in raidmodel.stdout" diff --git a/evolinux-base/tasks/packages.yml b/evolinux-base/tasks/packages.yml index 185e671c..f3bab110 100644 --- a/evolinux-base/tasks/packages.yml +++ b/evolinux-base/tasks/packages.yml @@ -62,6 +62,8 @@ - name: is an MTA installed? command: "dpkg -S /usr/sbin/sendmail" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: mta_installed failed_when: False changed_when: False diff --git a/evolinux-base/tasks/postfix.yml b/evolinux-base/tasks/postfix.yml index fed3abc8..1ca58c41 100644 --- a/evolinux-base/tasks/postfix.yml +++ b/evolinux-base/tasks/postfix.yml @@ -14,6 +14,8 @@ - name: fetch users list shell: getent passwd | cut -d":" -f 1 | grep -v root + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: non_root_users_list changed_when: False tags: diff --git a/evolinux-base/tasks/root.yml b/evolinux-base/tasks/root.yml index 0bf9e791..b178ceaa 100644 --- a/evolinux-base/tasks/root.yml +++ b/evolinux-base/tasks/root.yml @@ -44,6 +44,8 @@ - name: Is .bash_history append-only shell: lsattr /root/.bash_history | grep -E "^.*a.* " + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: bash_history_append_only failed_when: False changed_when: False diff --git a/evolinux-base/tasks/ssh.yml b/evolinux-base/tasks/ssh.yml index 01a8bbd3..c11187c4 100644 --- a/evolinux-base/tasks/ssh.yml +++ b/evolinux-base/tasks/ssh.yml @@ -3,6 +3,8 @@ command: "grep 'Match Address' /etc/ssh/sshd_config" changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: grep_matchaddress_ssh - name: Add Match Address sshd directive diff --git a/evomaintenance/tasks/main.yml b/evomaintenance/tasks/main.yml index 8fa8a36e..0dfdb8c8 100644 --- a/evomaintenance/tasks/main.yml +++ b/evomaintenance/tasks/main.yml @@ -13,6 +13,8 @@ - name: list users with a shell shell: "cat /etc/passwd | grep -vE \"^root:\" | grep -E \":/[^:]+sh$\" | cut -d: -f6" changed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: home_of_shell_users - include: trap.yml home={{ item }} diff --git a/evomaintenance/tasks/trap.yml b/evomaintenance/tasks/trap.yml index 56e7e0b5..8f734ac8 100644 --- a/evomaintenance/tasks/trap.yml +++ b/evomaintenance/tasks/trap.yml @@ -1,6 +1,8 @@ - name: is {{ home }}/.bash_profile present? stat: path: "{{ home }}/.bash_profile" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: bash_profile - name: install shell trap in {{ home }}/.bash_profile @@ -14,6 +16,8 @@ - name: is {{ home }}/.profile present? stat: path: "{{ home }}/.profile" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: profile when: not bash_profile.stat.exists diff --git a/filebeat/tasks/main.yml b/filebeat/tasks/main.yml index 1a2e8750..57014fc8 100644 --- a/filebeat/tasks/main.yml +++ b/filebeat/tasks/main.yml @@ -20,10 +20,14 @@ - name: is logstash-plugin available? stat: path: /usr/share/logstash/bin/logstash-plugin + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: logstash_plugin - name: is logstash-input-beats installed? shell: grep logstash-input-beats /usr/share/logstash/Gemfile + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: logstash_plugin_installed failed_when: false changed_when: false @@ -36,6 +40,8 @@ warn: no changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: usr_partition - name: Mount /usr in rw diff --git a/kvm-host/tasks/main.yml b/kvm-host/tasks/main.yml index 4a70dfa1..21435a82 100644 --- a/kvm-host/tasks/main.yml +++ b/kvm-host/tasks/main.yml @@ -7,6 +7,8 @@ warn: no changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: usr_partition - name: Mount /usr in rw diff --git a/minifirewall/tasks/config.yml b/minifirewall/tasks/config.yml index 55affa07..db74a357 100644 --- a/minifirewall/tasks/config.yml +++ b/minifirewall/tasks/config.yml @@ -4,8 +4,11 @@ command: /sbin/iptables -L -n | grep -E "^(DROP\s+udp|ACCEPT\s+icmp)\s+--\s+0\.0\.0\.0\/0\s+0\.0\.0\.0\/0\s*$" changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: minifirewall_is_running - check_mode: no + #check_mode: no (for migration to Ansible 2.2) + always_run: yes - name: Begin marker for IP addresses lineinfile: diff --git a/minifirewall/tasks/install.yml b/minifirewall/tasks/install.yml index 877fa022..76284100 100644 --- a/minifirewall/tasks/install.yml +++ b/minifirewall/tasks/install.yml @@ -12,6 +12,8 @@ - name: is init script present? stat: path: /etc/init.d/minifirewall + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: init_minifirewall - name: init script is copied @@ -22,6 +24,8 @@ - name: is configuration present? stat: path: /etc/default/minifirewall + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: default_minifirewall - name: configuration is copied diff --git a/mysql/tasks/datadir.yml b/mysql/tasks/datadir.yml index f5fff7c5..94f55875 100644 --- a/mysql/tasks/datadir.yml +++ b/mysql/tasks/datadir.yml @@ -4,11 +4,15 @@ - name: "Is {{ mysql_custom_datadir }} present ?" stat: path: "{{ mysql_custom_datadir }}" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: mysql_custom_datadir_test - name: "read the real datadir" command: readlink -f /var/lib/mysql changed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: mysql_current_real_datadir_test tags: - mysql diff --git a/mysql/tasks/log2mail.yml b/mysql/tasks/log2mail.yml index 0e43dc1c..1623005e 100644 --- a/mysql/tasks/log2mail.yml +++ b/mysql/tasks/log2mail.yml @@ -3,6 +3,8 @@ - name: Is log2mail present ? stat: path: /etc/log2mail/config + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: log2mail_config_dir tags: - mysql diff --git a/mysql/tasks/munin.yml b/mysql/tasks/munin.yml index a6cc1804..925bd707 100644 --- a/mysql/tasks/munin.yml +++ b/mysql/tasks/munin.yml @@ -3,6 +3,8 @@ - name: is Munin present ? stat: path: /etc/munin/plugin-conf.d/munin-node + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: munin_node_plugins_config tags: - mysql diff --git a/mysql/tasks/nrpe.yml b/mysql/tasks/nrpe.yml index 5b4627fd..6dc444a2 100644 --- a/mysql/tasks/nrpe.yml +++ b/mysql/tasks/nrpe.yml @@ -3,6 +3,8 @@ - name: is NRPE present ? stat: path: /etc/nagios/nrpe.d/evolix.cfg + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: nrpe_evolix_config tags: - mysql diff --git a/nginx/tasks/main.yml b/nginx/tasks/main.yml index 4fa3c2f2..f5b16615 100644 --- a/nginx/tasks/main.yml +++ b/nginx/tasks/main.yml @@ -120,6 +120,8 @@ - name: Check if Munin is installed stat: path: /etc/munin/plugin-conf.d/munin-node + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: stat_munin_node tags: - nginx diff --git a/rbenv/tasks/main.yml b/rbenv/tasks/main.yml index 25944c49..d8ffb305 100644 --- a/rbenv/tasks/main.yml +++ b/rbenv/tasks/main.yml @@ -80,8 +80,8 @@ become_user: "{{ username }}" failed_when: False changed_when: False - register: ruby_installed always_run: yes + register: ruby_installed tags: - rbenv @@ -95,9 +95,9 @@ - name: is Ruby {{ rbenv_ruby_version }} selected for {{ username }} ? shell: /bin/bash -lc "rbenv version | cut -d ' ' -f 1 | grep -Fx '{{ rbenv_ruby_version }}'" become_user: "{{ username }}" + always_run: yes register: ruby_selected changed_when: False - always_run: yes tags: - rbenv diff --git a/squid/tasks/log2mail.yml b/squid/tasks/log2mail.yml index 219980fd..0da565e1 100644 --- a/squid/tasks/log2mail.yml +++ b/squid/tasks/log2mail.yml @@ -3,6 +3,8 @@ - name: is log2mail installed? stat: path: /etc/log2mail/config/ + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: log2mail_config - block: diff --git a/squid/tasks/minifirewall.yml b/squid/tasks/minifirewall.yml index ed362f44..f4e4bd2d 100644 --- a/squid/tasks/minifirewall.yml +++ b/squid/tasks/minifirewall.yml @@ -2,6 +2,8 @@ - name: Check if Minifirewall is present stat: path: /etc/default/minifirewall + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: minifirewall_test - name: configure Minifirewall for Squid diff --git a/tomcat-instance/tasks/main.yml b/tomcat-instance/tasks/main.yml index 755db05f..5799df85 100644 --- a/tomcat-instance/tasks/main.yml +++ b/tomcat-instance/tasks/main.yml @@ -1,6 +1,8 @@ --- - stat: path: "{{ tomcat_instance_root | mandatory }}/{{ tomcat_instance_name | mandatory }}" + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: tomcat_instance_stat - include: tomcat.yml diff --git a/tomcat-instance/tasks/nagios.yml b/tomcat-instance/tasks/nagios.yml index 18d58b6f..bec6f085 100644 --- a/tomcat-instance/tasks/nagios.yml +++ b/tomcat-instance/tasks/nagios.yml @@ -10,6 +10,8 @@ warn: no changed_when: False failed_when: False + #check_mode: no (for migration to Ansible 2.2) + always_run: yes register: usr_partition - name: Mount /usr in rw