Various fixes to support debian 9.

2018-09-16 13:51:34 +02:00 · 2018-09-16 13:51:34 +02:00 · 2d6676df50
parent b1c9dd9ead
commit 2d6676df50
16 changed files with 60 additions and 57 deletions
--- a/deb-apt-setup/tasks/main.yml
+++ b/deb-apt-setup/tasks/main.yml
@ -6,5 +6,6 @@

 - name: Install python-software-properties
  apt: pkg=python-software-properties state=present update_cache=yes cache_valid_time=3600
+  when: is_not_debian9
  tags: pythonapt

--- a/haproxy/tasks/haproxy-letsencrypt-acme-sh.yml
+++ b/haproxy/tasks/haproxy-letsencrypt-acme-sh.yml
@ -12,7 +12,5 @@
      creates: '{{ pki_dir }}/haproxy/haproxy.pem'
    tags: [ 'pki', 'ssl', 'letsencrypt', 'haproxy', 'letsencrypt_acme_sh' ]

-  when:
-    - haproxy_letsencrypt_managed
-    - letsencrypt_acme_sh_install
+  when: letsencrypt_acme_sh_install
  tags: [ 'haproxy', 'letsencrypt', 'letsencrypt_acme_sh' ]
--- a/haproxy/tasks/haproxy-letsencrypt-acmetool.yml
+++ b/haproxy/tasks/haproxy-letsencrypt-acmetool.yml
@ -12,7 +12,5 @@
      creates: '{{ pki_dir }}/haproxy/haproxy.pem'
    tags: [ 'pki', 'ssl', 'letsencrypt', 'haproxy' ]

-  when:
-    - haproxy_letsencrypt_managed
-    - letsencrypt_acme_install
+  when: letsencrypt_acme_install
  tags: [ 'haproxy', 'letsencrypt' ]
--- a/haproxy/tasks/haproxy-service.yml
+++ b/haproxy/tasks/haproxy-service.yml
@ -58,5 +58,6 @@
  sysctl: name={{ item }} value={{ haproxy_sysctl_conntrack_max }} reload=yes state=present
  with_items:
    - net.nf_conntrack_max
+  when: is_not_debian9
  tags: [ 'haproxy', 'haproxy_sysctl' ]

--- a/haproxy/tasks/main.yml
+++ b/haproxy/tasks/main.yml
@ -3,11 +3,11 @@
 - import_tasks: haproxy-letsencrypt-acme-sh.yml
  when:
    - haproxy_letsencrypt_managed
-    - letsencrypt_acme_sh_install is defined and letsencrypt_acme_sh_install
+    - letsencrypt_acme_sh_install
 - import_tasks: haproxy-letsencrypt-acmetool.yml
  when:
    - haproxy_letsencrypt_managed
-    - letsencrypt_acme_install is defined and letsencrypt_acme_install
+    - letsencrypt_acme_install
 - import_tasks: haproxy-ssl.yml
  when:
    - haproxy_letsencrypt_managed
@ -27,7 +27,7 @@
  service: name=rsyslog state=restarted
  when:
    - haproxy_enabled
-    - ( install_haproxy | changed )
+    - install_haproxy is changed
  tags: haproxy

 - name: Ensure that haproxy is stopped and disabled if needed
--- a/memcached/tasks/main.yml
+++ b/memcached/tasks/main.yml
@ -13,7 +13,7 @@
  tags: [ 'memcache', 'memcached' ]

 - name: Enable memcached
-  action: configfile path=/etc/default/memcached key=ENABLE_MEMCACHED value='yes' syntax=shell
+  copy: content="ENABLE_MEMCACHED='yes'" dest=/etc/default/memcached
  when: mc_enabled
  tags: [ 'memcache', 'memcached' ]

--- a/php-fpm/tasks/main.yml
+++ b/php-fpm/tasks/main.yml
@ -15,6 +15,11 @@
  with_items: '{{ php_fpm_packages }}'
  tags: php

+- name: Install additional php packages
+  apt: pkg={{ item }} state=present update_cache=yes cache_valid_time=3600
+  with_items: '{{ php_additional_packages | default([]) }}'
+  tags: php
+
 - name: Set the timezone if we have one
  ini_file: dest={{ phpfpm_base_dir }}/php.ini section=Date option=date.timezone value={{ timezone }} backup=yes
  when: timezone is defined
--- a/postgresql/defaults/main.yml
+++ b/postgresql/defaults/main.yml
@ -2,7 +2,7 @@
 pg_use_postgresql_org_repo: True

 psql_postgresql_install: False
-psql_pkg_state: installed
+psql_pkg_state: present
 postgresql_enabled: True
 psql_pgpool_install: False
 psql_pgpool_service_install: False
--- a/postgresql/tasks/configure-access.yml
+++ b/postgresql/tasks/configure-access.yml
@ -83,5 +83,5 @@
  service: name=postgresql state=restarted
  when:
    - postgresql_enabled
-    - ( restart_postgresql is defined ) and ( restart_postgresql | changed )
+    - ( restart_postgresql is defined ) and ( restart_postgresql is changed )
  tags: [ 'postgresql', 'postgres', 'pg_hba', 'pg_conf' ]
--- a/revive-adserver/defaults/main.yml
+++ b/revive-adserver/defaults/main.yml
@ -14,15 +14,15 @@ revive_automatic_maintenance: True
 revive_domain: example.com

 revive_ad_php_modules:
-  - php-xml-parser
-  - php5-memcache
-  - php5-memcached
-  - php5-apcu
-  - libphp-pclzip
+  - php-xml
+  - php-memcache
+  - php-memcached
+  - php-apcu
+  - php-pclzip

 revive_db_server: pgsql  
 revive_ad_php_db_server_modules:
-  - 'php5-{{ revive_db_server }}'
+  - 'php{{ php_version }}-{{ revive_db_server }}'

 revive_writable_dirs:
  - var
--- a/revive-adserver/tasks/main.yml
+++ b/revive-adserver/tasks/main.yml
@ -46,23 +46,25 @@
    - revive_adserver

 - name: Give the revive user the permission to write inside a list of directories
-  command: chown -R {{ revive_ad_user }} {{ revive_ad_dest_dir }}/{{ item }}
-  with_items: revive_writable_dirs
-  #when: ad_download is changed
+  command: chown -R {{ revive_ad_user }} {{ revive_ad_dest_dir }}/{{ item }} warn=false
+  with_items: '{{ revive_writable_dirs }}'
+  when: ad_download is changed
  tags:
    - revive
    - revive_adserver

 - name: Give the revive user the permission to write inside the images directories
-  command: chown -R {{ revive_ad_user }} {{ revive_ad_images_dest_dir }}
-  #when: ad_download is changed
+  shell: chown -R {{ revive_ad_user }} {{ revive_ad_images_dest_dir }} ; touch /srv/.s3_permissions
+  args:
+    creates: /srv/.s3_permissions
+  when: ad_download is changed
  tags:
    - revive
    - revive_adserver

 - name: Install the php required modules
  apt: name={{ item }} state={{ revive_pkg_state }}
-  with_items: revive_ad_php_modules
+  with_items: '{{ revive_ad_php_modules }}'
  notify: Reload php-fpm
  tags:
    - php
@ -71,7 +73,7 @@

 - name: Install the php modules to access the db servers
  apt: name={{ item }} state={{ revive_pkg_state }}
-  with_items: revive_ad_php_db_server_modules
+  with_items: '{{ revive_ad_php_db_server_modules }}'
  notify: Reload php-fpm
  tags:
    - php
--- a/ubuntu-deb-general/defaults/main.yml
+++ b/ubuntu-deb-general/defaults/main.yml
@ -30,12 +30,16 @@ common_packages:
  - nano
  - xmlstarlet
  - bsdutils
+  - less

-default_python_packages:
+default_python_packages_trusty:
  - python-software-properties
  - python-lxml
  - python-boto
-  
+
+default_python_packages:
+  - python-lxml
+  - python-boto

 # Set this variable in your playbook
 # additional_packages:
@ -151,6 +155,8 @@ has_apt: "('{{ ansible_distribution }}' == 'Debian' or '{{ ansible_distribution
 has_fail2ban: "(('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_distribution_major_version }} >= 14)) or (('{{ ansible_distribution }}' == 'Debian') and ({{ ansible_distribution_major_version }} >= 8))"

 is_debian: "'{{ ansible_distribution }}' == 'Debian'"
+is_not_debian9: "'{{ ansible_distribution_release }}' != 'stretch'"
+is_debian9: "'{{ ansible_distribution_release }}' == 'stretch'"
 is_debian8: "'{{ ansible_distribution_release }}' == 'jessie'"
 is_debian7: "'{{ ansible_distribution_release }}' == 'wheezy'"
 is_debian6: "('{{ ansible_distribution }}' == 'Debian' and {{ ansible_distribution_major_version }} == 6)"
--- a/ubuntu-deb-general/tasks/packages.yml
+++ b/ubuntu-deb-general/tasks/packages.yml
@ -1,7 +1,14 @@
 ---
- name: Install the basic packages
+- name: Install the basic python packages
  apt: pkg={{ item }} state=present update_cache=yes cache_valid_time=1800
  with_items: '{{ default_python_packages }}'
+  when: not is_trusty
+  tags: packages
+
+- name: Install the basic python packages on trusty
+  apt: pkg={{ item }} state=present update_cache=yes cache_valid_time=1800
+  with_items: '{{ default_python_packages_trusty }}'
+  when: is_trusty
  tags: packages

 - name: Install software-properties-common if needed
--- a/varnish-cache/defaults/main.yml
+++ b/varnish-cache/defaults/main.yml
@ -1,11 +1,11 @@
 ---
-varnish_version: 4
-varnish_compact_ver: 41
+varnish_version: 5
+varnish_compact_ver: '{{ varnish_version }}1'
 varnish_repo: True
 varnish_repo_requirements:
  - apt-transport-https
  - debian-archive-keyring
-varnish_repo_url: "deb https://packagecloud.io/varnishcache/varnish{{ varnish_compact_ver }}/ubuntu/ {{ ansible_distribution_release }} main"
+varnish_repo_url: "deb https://packagecloud.io/varnishcache/varnish{{ varnish_compact_ver }}/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} main"
 varnish_pkg_name: varnish
 varnish_pkg_state: present
 varnish_enabled: True
--- a/yii/defaults/main.yml
+++ b/yii/defaults/main.yml
@ -3,8 +3,8 @@
 # Note: in the index.php directory, the path to the yii distribution will be something like
 # $yii='{{ yii_install_dir }}/yii/framework/yii.php';
 #
-yii_version: 1.1.19
-yii_release: 5790cb
+yii_version: 1.1.20
+yii_release: 6ed384
 yii_installs:
  - { version: '{{ yii_version }}', release: '{{ yii_release }}' }

@ -13,19 +13,15 @@ yii_download_url: 'https://github.com/yiisoft/yii/releases/download/{{ yii_versi
 yii_install_dir: '/opt'
 yii_framework_dir: '{{ yii_install_dir }}/yii-{{ yii_version }}'

-yii_php_modules:
-  - php-xml-dtd
-  - php-xml-parser
-  - php5-imagick
-  - php5-memcache
-  - php5-xcache
-  - php5-gd
-  - php5-mcrypt
-  - php5-curl
-  
-yii_php_db_server_modules:
-  - php5-pgsql
-  - php5-mysqlnd
+php_additional_packages:
+  - php-xml
+  - php-imagick
+  - php-memcache
+  - php-gd
+  - php-mcrypt
+  - php-curl
+  - php-pgsql
+  - 'php{{ php_version }}-opcache'

 yii_unneeded_files:
  - CHANGELOG
--- a/yii/tasks/main.yml
+++ b/yii/tasks/main.yml
@ -31,14 +31,3 @@
  with_items: '{{ yii_unneeded_files }}'
  tags: [ 'yii', 'yii-framework' ]

- name: Install the php required modules
-  apt: name={{ item }} state=present
-  with_items: '{{ yii_php_modules }}'
-  notify: Reload php-fpm
-  tags: [ 'yii', 'yii-framework' ]
-
- name: Install the php modules to access the db servers
-  apt: name={{ item }} state=present
-  with_items: '{{ yii_php_db_server_modules }}'
-  notify: Reload php-fpm
-  tags: [ 'yii', 'yii-framework' ]