From 75fd7d057409b6e7b61990b3ddd7e51299b198e7 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Wed, 2 Mar 2016 16:44:43 +0100 Subject: [PATCH] library/roles/postgresql, library/roles/tomcat-multiple-instances, library/roles/tomcat, library/roles/ubuntu-deb-general: ansible 2 cleanup. --- postgresql/tasks/configure-access.yml | 39 +++++-------------- postgresql/tasks/manage_pg_db.yml | 4 +- postgresql/tasks/pgpool-ii.yml | 2 +- postgresql/tasks/postgis.yml | 4 +- postgresql/tasks/postgresql-backup.yml | 25 +++--------- postgresql/tasks/postgresql-config.yml | 2 +- postgresql/tasks/psql-kernel-sharedmem.yml | 2 +- tomcat-multiple-instances/handlers/main.yml | 10 ++--- tomcat-multiple-instances/tasks/main.yml | 36 ++++++++--------- tomcat/tasks/access_log.yml | 3 +- tomcat/tasks/not_pgsql_jdbc.yml | 6 +-- tomcat/tasks/pgsql_jdbc.yml | 8 +--- tomcat/tasks/tomcat-admin.yml | 12 ++---- tomcat/tasks/tomcat-logger-logging.yml | 24 ++++-------- .../tasks/remove-unneeded-pkgs.yml | 3 +- 15 files changed, 62 insertions(+), 118 deletions(-) diff --git a/postgresql/tasks/configure-access.yml b/postgresql/tasks/configure-access.yml index d406f97..288ac75 100644 --- a/postgresql/tasks/configure-access.yml +++ b/postgresql/tasks/configure-access.yml @@ -8,17 +8,14 @@ - name: Give access to the remote postgresql client lineinfile: name=/etc/postgresql/{{ psql_version }}/main/pg_hba.conf regexp="^host {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5" with_subelements: - - psql_db_data - - allowed_hosts + - '{{ psql_db_data }}' + - '{{ allowed_hosts }}' when: - psql_listen_on_ext_int - psql_db_data is defined - item.1 is defined notify: Reload postgresql - tags: - - postgresql - - postgres - - pg_hba + tags: [ 'postgresql', 'postgres', 'pg_hba' ] - name: We want postgres listen on the public IP action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key=listen_addresses value="'*'" @@ -26,10 +23,7 @@ when: - psql_listen_on_ext_int - psql_db_data is defined - tags: - - postgresql - - postgres - - pg_conf + tags: [ 'postgresql', 'postgres', 'pg_conf' ] - name: If postgresql is only accessed from localhost make it listen only on the localhost interface action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key=listen_addresses value="'localhost'" @@ -37,28 +31,19 @@ when: - not psql_listen_on_ext_int - psql_db_data is defined - tags: - - postgresql - - postgres - - pg_conf + tags: [ 'postgresql', 'postgres', 'pg_conf' ] - name: Log the connections action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key=log_connections value="on" notify: Restart postgresql when: psql_db_data is defined - tags: - - postgresql - - postgres - - pg_conf + tags: [ 'postgresql', 'postgres', 'pg_conf' ] - name: Log the disconnections action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key=log_disconnections value="on" notify: Restart postgresql when: psql_db_data is defined - tags: - - postgresql - - postgres - - pg_conf + tags: [ 'postgresql', 'postgres', 'pg_conf' ] - name: Log the hostnames action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key=log_hostname value="on" @@ -66,18 +51,12 @@ when: - psql_listen_on_ext_int - psql_db_data is defined - tags: - - postgresql - - postgres - - pg_conf + tags: [ 'postgresql', 'postgres', 'pg_conf' ] - name: Set the correct permissions to the postgresql files file: dest=/etc/postgresql/{{ psql_version }}/main/{{ item }} owner=root group=postgres mode=0640 with_items: - pg_hba.conf - postgresql.conf - tags: - - postgresql - - postgres - - pg_hba + tags: [ 'postgresql', 'postgres', 'pg_hba', 'pg_conf' ] diff --git a/postgresql/tasks/manage_pg_db.yml b/postgresql/tasks/manage_pg_db.yml index 673fd14..530f6fc 100644 --- a/postgresql/tasks/manage_pg_db.yml +++ b/postgresql/tasks/manage_pg_db.yml @@ -3,7 +3,7 @@ become: True become_user: postgres postgresql_user: user={{ item.user }} password={{ item.pwd }} role_attr_flags={{ item.roles }} - with_items: psql_db_data + with_items: '{{ psql_db_data }}' when: - psql_db_data is defined - item.roles is defined @@ -13,7 +13,7 @@ become: True become_user: postgres postgresql_db: db={{ item.name }} encoding={{ item.encoding }} owner={{ item.user }} template=template0 state=present - with_items: psql_db_data + with_items: '{{ psql_db_data }}' when: - psql_db_data is defined - ( item.createdb is not defined or item.createdb ) diff --git a/postgresql/tasks/pgpool-ii.yml b/postgresql/tasks/pgpool-ii.yml index c616e48..1d4bd7c 100644 --- a/postgresql/tasks/pgpool-ii.yml +++ b/postgresql/tasks/pgpool-ii.yml @@ -2,5 +2,5 @@ - name: Install the pgpool package apt: name={{ item }} state={{ psql_pgpool_pkg_state }} with_items: '{{ pgpool_pkgs }}' - tags: [ 'postgresql', 'pgpool' ] + tags: [ 'postgresql', 'postgres', 'pgpool' ] diff --git a/postgresql/tasks/postgis.yml b/postgresql/tasks/postgis.yml index 9ac2bd7..ccaed60 100644 --- a/postgresql/tasks/postgis.yml +++ b/postgresql/tasks/postgis.yml @@ -1,7 +1,7 @@ --- - name: install the postgresql GIS packages - apt: pkg={{ item }} state=installed - with_items: postgres_gis_pkgs + apt: pkg={{ item }} state={{ psql_pkg_state }} + with_items: '{{ postgres_gis_pkgs }}' notify: Restart postgresql tags: diff --git a/postgresql/tasks/postgresql-backup.yml b/postgresql/tasks/postgresql-backup.yml index 8a20264..2deb076 100644 --- a/postgresql/tasks/postgresql-backup.yml +++ b/postgresql/tasks/postgresql-backup.yml @@ -1,35 +1,20 @@ --- - name: Backup script for the postgresql database(s) copy: src=postgresql-backup.sh dest=/usr/local/sbin/postgresql-backup owner=root mode=0744 - tags: - - pg_backup - - postgresql - - postgres + tags: [ 'pg_backup', 'postgresql', 'postgres' ] - name: cron job for the postgresql database(s) backup copy: src=postgresql-backup.cron dest=/etc/cron.daily/postgresql-backup owner=root mode=0744 - tags: - - pg_backup - - postgresql - - postgres + tags: [ 'pg_backup', 'postgresql', 'postgres' ] - name: postgresql backup defaults template: src=pg_backup-default.j2 dest=/etc/default/pg_backup owner=root mode=0744 - tags: - - pg_backup - - postgresql - - postgres + tags: [ 'pg_backup', 'postgresql', 'postgres' ] - name: authorization file for the database backup template: src=pgpass.j2 dest={{ pg_backup_pass_file }} owner=root mode=0600 - tags: - - pg_backup - - postgresql - - postgres + tags: [ 'pg_backup', 'postgresql', 'postgres' ] - name: Create the postgresql backups data directory file: dest={{ pg_backup_destdir }} owner=postgres group=postgres mode=700 recurse=yes state=directory - tags: - - pg_backup - - postgresql - - postgres + tags: [ 'pg_backup', 'postgresql', 'postgres' ] diff --git a/postgresql/tasks/postgresql-config.yml b/postgresql/tasks/postgresql-config.yml index 3cc8c73..be4a7aa 100644 --- a/postgresql/tasks/postgresql-config.yml +++ b/postgresql/tasks/postgresql-config.yml @@ -18,7 +18,7 @@ - name: Set some postgresql configuration parameters action: configfile path=/etc/postgresql/{{ psql_version }}/main/postgresql.conf key={{ item.name }} value="{{ item.value }}" - with_items: psql_conf_parameters + with_items: '{{ psql_conf_parameters }}' when: item.set == 'True' notify: Restart postgresql tags: diff --git a/postgresql/tasks/psql-kernel-sharedmem.yml b/postgresql/tasks/psql-kernel-sharedmem.yml index 6a478d9..6a3ca44 100644 --- a/postgresql/tasks/psql-kernel-sharedmem.yml +++ b/postgresql/tasks/psql-kernel-sharedmem.yml @@ -1,7 +1,7 @@ --- - name: Configure the kernel shared memory to please postgresql sysctl: name={{ item.name }} value={{ item.value }} sysctl_file=/etc/sysctl.d/{{ psql_sysctl_file }} reload=yes state=present - with_items: psql_sysctl_kernel_sharedmem_parameters + with_items: '{{ psql_sysctl_kernel_sharedmem_parameters }}' when: psql_set_shared_memory tags: - sysctl diff --git a/tomcat-multiple-instances/handlers/main.yml b/tomcat-multiple-instances/handlers/main.yml index b4a70f8..33ba27e 100644 --- a/tomcat-multiple-instances/handlers/main.yml +++ b/tomcat-multiple-instances/handlers/main.yml @@ -1,28 +1,28 @@ --- - name: tomcat restart instances with changed configs service: name='tomcat-instance-{{ item.item.http_port }}' state=restarted sleep=20 - with_items: restart_needed.results + with_items: '{{ restart_needed.results }}' when: item.changed ignore_errors: True - name: tomcat restart instances with changed jmx config service: name='tomcat-instance-{{ item.item.http_port }}' state=restarted sleep=20 - with_items: jmx_restart_needed.results + with_items: '{{ jmx_restart_needed.results }}' when: item.changed ignore_errors: True - name: tomcat instances restart service: name='tomcat-instance-{{ item.http_port }}' state=restarted sleep=20 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' ignore_errors: True - name: enable tomcat instances service: name='tomcat-instance-{{ item.http_port }}' state=started enabled=yes sleep=20 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' ignore_errors: True - name: disable tomcat instances service: name='tomcat-instance-{{ item.http_port }}' state=stopped enabled=no sleep=20 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' ignore_errors: True diff --git a/tomcat-multiple-instances/tasks/main.yml b/tomcat-multiple-instances/tasks/main.yml index 412aa6d..45fa9b7 100644 --- a/tomcat-multiple-instances/tasks/main.yml +++ b/tomcat-multiple-instances/tasks/main.yml @@ -9,7 +9,7 @@ - name: Create a tomcat user for each instance if needed user: name={{ item.user }} home={{ item.user_home }} createhome=false shell={{ item.user_shell }} - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' when: - not tomcat_m_use_default_user - item.user != "tomcat{{ tomcat_version }}" @@ -28,39 +28,39 @@ - name: Create the instances directory trees file: dest={{ item.0.instance_path }}/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0755 state=directory with_nested: - - tomcat_m_instances + - '{{ tomcat_m_instances }}' - [ 'common/classes', 'conf/Catalina/localhost', 'conf/policy.d', 'lib', 'server/classes', 'shared/classes', 'webapps' ] register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] - name: Create the instances log dirs file: dest={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] - name: Create the instances work dirs file: dest={{ tomcat_m_cache_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] - name: Create links to work dir inside the instances directory tree file: src={{ tomcat_m_cache_base }}/{{ item.http_port }} dest={{ item.instance_path }}/work state=link - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] - name: Create links to log dir inside the instances directory tree file: src={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} dest={{ item.instance_path }}/logs state=link - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: tomcat_first_install tags: [ 'tomcat', 'tomcat_instances' ] - name: Populate the instances conf directory copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 with_nested: - - tomcat_m_instances + - '{{ tomcat_m_instances }}' - [ 'catalina.properties', 'context.xml', 'tomcat-users.xml', 'web.xml' ] register: restart_needed notify: @@ -70,7 +70,7 @@ - name: Populate the instances conf/policy.d directory copy: src=policy.d/{{ item[1] }} dest={{ item.0.instance_path }}/conf/policy.d/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 with_nested: - - tomcat_m_instances + - '{{ tomcat_m_instances }}' - [ '01system.policy', '02debian.policy', '03catalina.policy', '04webapps.policy', '50local.policy' ] register: restart_needed notify: @@ -80,7 +80,7 @@ - name: Install logging.properties if we do not use log4j for the tomcat logging copy: src={{ item[1] }} dest={{ item.0.instance_path }}/conf/{{ item[1] }} owner={{ item.0.user }} group={{ item.0.user }} mode=0640 with_nested: - - tomcat_m_instances + - '{{ tomcat_m_instances }}' - [ 'logging.properties' ] when: - tomcat_use_log4j is defined @@ -92,7 +92,7 @@ - name: Install the server.xml conf file template: src=tomcat-server.xml.j2 dest={{ item.instance_path }}/conf/server.xml owner={{ item.user }} group={{ item.user }} mode=0640 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: restart_needed notify: - tomcat restart instances with changed configs @@ -100,12 +100,12 @@ - name: Install the instances startup scripts template: src=tomcat-instance.init.j2 dest=/etc/init.d/tomcat-instance-{{ item.http_port }} mode=0755 owner=root group=root - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' tags: [ 'tomcat', 'tomcat_instances' ] - name: Install the tomcat instances default file template: src=tomcat-default.j2 dest=/etc/default/tomcat-instance-{{ item.http_port }} mode=0640 owner=root group={{ item.user }} - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' register: restart_needed notify: - tomcat restart instances with changed configs @@ -113,12 +113,12 @@ - name: Install a logrotate entry for the access log file template: src=tomcat.logrotate.j2 dest=/etc/logrotate.d/tomcat_instance-{{ item.http_port }} owner=root group=root mode=0644 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' tags: [ 'tomcat', 'tomcat_instances', 'tomcat_conf' ] - name: Install the jmx authorization file template: src=jmxremote.passwd.j2 dest={{ item.instance_path }}/conf/jmxremote.passwd owner={{ item.user }} group={{ item.user }} mode=0600 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' when: - item.jmx_enabled is defined - item.jmx_auth_enabled is defined @@ -131,7 +131,7 @@ - name: Install the jmx role file copy: src=jmxremote.access dest={{ item.instance_path }}/conf/jmxremote.access owner={{ item.user }} group={{ item.user }} mode=0644 - with_items: tomcat_m_instances + with_items: '{{ tomcat_m_instances }}' when: - item.jmx_enabled is defined - item.jmx_auth_enabled is defined @@ -143,8 +143,8 @@ tags: [ 'tomcat', 'tomcat_instances', 'tomcat_jmx' ] - name: Start all the tomcat instances - service: name=tomcat-instance-'{{ item.http_port }}' state=started sleep=20 - with_items: tomcat_m_instances + service: name='tomcat-instance-{{ item.http_port }}' state=started sleep=20 + with_items: '{{ tomcat_m_instances }}' when: - tomcat_first_install.changed - tomcat_m_start_instances @@ -152,7 +152,7 @@ ignore_errors: True - name: Enable all the tomcat instances - service: name=tomcat-instance-'{{ item.http_port }}' enabled=yes + service: name='tomcat-instance-{{ item.http_port }}' enabled=yes with_items: tomcat_m_instances when: tomcat_m_enable_instances tags: [ 'tomcat', 'tomcat_instances'] diff --git a/tomcat/tasks/access_log.yml b/tomcat/tasks/access_log.yml index f827be0..72d960a 100644 --- a/tomcat/tasks/access_log.yml +++ b/tomcat/tasks/access_log.yml @@ -2,6 +2,5 @@ - name: Install a logrotate entry for the access log file template: src=tomcat_access.logrotate.j2 dest=/etc/logrotate.d/tomcat_access owner=root group=root mode=0644 when: tomcat_access_log_enabled - tags: - - tomcat + tags: tomcat diff --git a/tomcat/tasks/not_pgsql_jdbc.yml b/tomcat/tasks/not_pgsql_jdbc.yml index 0a5882d..b029a4c 100644 --- a/tomcat/tasks/not_pgsql_jdbc.yml +++ b/tomcat/tasks/not_pgsql_jdbc.yml @@ -4,8 +4,6 @@ with_items: - postgresql-jdbc4.jar when: not tomcat_install_pg_jdbc - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat diff --git a/tomcat/tasks/pgsql_jdbc.yml b/tomcat/tasks/pgsql_jdbc.yml index 9872fe1..5cdb7e4 100644 --- a/tomcat/tasks/pgsql_jdbc.yml +++ b/tomcat/tasks/pgsql_jdbc.yml @@ -5,9 +5,7 @@ with_items: - libpostgresql-jdbc-java when: tomcat_install_pg_jdbc - tags: - - tomcat - - tomcat_jdbc + tags: [ 'tomcat', 'tomcat_jdbc' ] - name: Configure tomcat to use the global postgresql jdbc driver file: src=/usr/share/java/{{ item }} dest=/usr/share/tomcat{{ tomcat_version }}/lib/{{ item }} state=link @@ -16,7 +14,5 @@ when: tomcat_install_pg_jdbc notify: tomcat restart - tags: - - tomcat - - tomcat_jdbc + tags: [ 'tomcat', 'tomcat_jdbc' ] diff --git a/tomcat/tasks/tomcat-admin.yml b/tomcat/tasks/tomcat-admin.yml index 836f1d6..ce3b274 100644 --- a/tomcat/tasks/tomcat-admin.yml +++ b/tomcat/tasks/tomcat-admin.yml @@ -1,15 +1,11 @@ --- - name: Install the tomcat console management package apt: pkg={{ item }} state={{ tomcat_pkg_state }} - with_items: - - tomcat'{{ tomcat_version }}'-admin - tags: - - tomcat + with_items: 'tomcat{{ tomcat_version }}-admin' + tags: tomcat - name: Install the tomcat users file template: src=tomcat-users.xml.j2 dest={{ tomcat_conf_dir }}/tomcat-users.xml owner=root group={{ tomcat_user }} mode=0640 - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat diff --git a/tomcat/tasks/tomcat-logger-logging.yml b/tomcat/tasks/tomcat-logger-logging.yml index fe379ad..1373acf 100644 --- a/tomcat/tasks/tomcat-logger-logging.yml +++ b/tomcat/tasks/tomcat-logger-logging.yml @@ -4,31 +4,23 @@ with_items: - log4j-1.2.jar - tomcat-juli-adapters.jar - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat - name: Configure tomcat to use the standard version of the juli library file: src=/usr/share/java/{{ item }} dest={{ tomcat_catalina_home_dir }}/bin/{{ item }} state=link with_items: - tomcat-juli.jar - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat - name: Remove the system log4j.properties file: dest={{ tomcat_catalina_home_dir }}/lib/log4j.properties state=absent - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat - name: Install logging.properties copy: src=logging.properties dest=/etc/tomcat{{ tomcat_version }}/logging.properties owner=root group=root mode=0644 - notify: - tomcat restart - tags: - - tomcat + notify: tomcat restart + tags: tomcat diff --git a/ubuntu-deb-general/tasks/remove-unneeded-pkgs.yml b/ubuntu-deb-general/tasks/remove-unneeded-pkgs.yml index 269b98f..fb55c9d 100644 --- a/ubuntu-deb-general/tasks/remove-unneeded-pkgs.yml +++ b/ubuntu-deb-general/tasks/remove-unneeded-pkgs.yml @@ -22,8 +22,7 @@ - name: Remove rpcbind packages apt: pkg={{ item }} state=removed with_items: '{{ rpcbind_packages }}' - when: - - cleanup_rpcbind_packages + when: cleanup_rpcbind_packages tags: [ 'packages', 'pkg_cleanup' ] - name: Remove the exim packages