Update with_items loops to use new-ish "loop" keyword

Ansible 2.4 and 2.5 are moving away from specialized loop functions
and the old syntax will eventually be deprecated and removed. I did
not change the with_fileglob loops because I'm not sure about their
syntax yet.

See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
This commit is contained in:
Alan Orth 2018-04-02 15:52:51 +03:00
parent fbf61c8e61
commit 57120308dc
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
11 changed files with 21 additions and 21 deletions

View File

@ -2,7 +2,7 @@
- name: Configure cron-apt (config)
copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }} owner={{ item.owner }} group={{ item.group }}
with_items:
loop:
- { src: 'etc/cron-apt/config', dest: '/etc/cron-apt/config', mode: '0644', owner: 'root', group: 'root' }
- { src: 'etc/cron-apt/3-download', dest: '/etc/cron-apt/action.d/3-download', mode: '0644', owner: 'root', group: 'root' }

View File

@ -2,7 +2,7 @@
- name: Install firewalld and deps
when: ansible_distribution_major_version is version_compare('8', '>=')
apt: pkg={{ item }} state=present
with_items:
loop:
- firewalld
- tidy
tags: packages

View File

@ -2,7 +2,7 @@
- name: Install firewalld and deps
when: ansible_distribution_version is version_compare('15.04', '>=')
apt: pkg={{ item }} state=present
with_items:
loop:
- firewalld
- tidy
tags: packages

View File

@ -4,7 +4,7 @@
- name: Install base packages
apt: name={{ item }} update_cache=yes
with_items:
loop:
- git
- tmux
- iotop

View File

@ -8,7 +8,7 @@
- name: Install base packages
apt: pkg={{ item }}
with_items:
loop:
- git
- tmux
- iotop
@ -29,13 +29,13 @@
- name: Security hardening (CIS Benchmark 1.0)
apt: pkg={{ item }} state=absent purge=yes
with_items:
loop:
- whoopsie # CIS 4.1
- apport # CIS 4.1
- name: Remove annoying packages
apt: pkg={{ item }} state=absent purge=yes
with_items:
loop:
- command-not-found
- command-not-found-data
- python3-commandnotfound

View File

@ -15,7 +15,7 @@
- name: Remove DSA and ECDSA host keys
file: name=/etc/ssh/{{ item }} state=absent
with_items:
loop:
- ssh_host_dsa_key
- ssh_host_dsa_key.pub
- ssh_host_ecdsa_key

View File

@ -9,7 +9,7 @@
- name: Install mariadb-server
apt: name={{ item }} state=present update_cache=yes
with_items:
loop:
- mariadb-server
- python-mysqldb # for ansible
tags: mariadb, packages
@ -24,7 +24,7 @@
# https://docs.ansible.com/ansible/latest/mysql_user_module.html
- name: Update MariaDB root password for all root accounts
mysql_user: name=root host={{ item }} password={{ mariadb_root_password }}
with_items:
loop:
- "{{ inventory_hostname }}"
- 127.0.0.1
- ::1
@ -37,13 +37,13 @@
- name: Create MariaDB database(s)
mysql_db: db={{ item.name }} state=present encoding=utf8mb4
with_items: "{{ mariadb_databases }}"
loop: "{{ mariadb_databases }}"
when: mariadb_databases is defined
tags: mariadb
- name: Create MariaDB user(s)
mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL state=present
with_items: "{{ mariadb_databases }}"
loop: "{{ mariadb_databases }}"
when: mariadb_databases is defined
tags: mariadb

View File

@ -18,7 +18,7 @@
- name: Install certbot dependencies (Ubuntu 16.04)
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('16.04', '==')
apt: name={{ item }} state=present update_cache=yes
with_items:
loop:
- augeas-doc
- augeas-tools
- binutils
@ -62,7 +62,7 @@
- name: Install certbot dependencies (Debian 9)
when: ansible_distribution == 'Debian' and ansible_distribution_major_version is version_compare('9', '==')
apt: name={{ item }} state=present update_cache=yes
with_items:
loop:
- augeas-doc
- augeas-tools
- autoconf

View File

@ -19,7 +19,7 @@
- name: Copy extra nginx configs
copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
with_items:
loop:
- extra-security.conf
- fastcgi_cache
notify:

View File

@ -2,7 +2,7 @@
- name: Configure https vhosts
template: src=vhost.conf.j2 dest={{ nginx_confd_path }}/{{ item.domain_name }}.conf mode=0644 owner=root group=root
with_items: "{{ nginx_vhosts }}"
loop: "{{ nginx_vhosts }}"
notify:
- reload nginx
@ -18,18 +18,18 @@
- name: Create vhost document roots
file: path={{ nginx_root_prefix }}/{{ item.domain_name }} state=directory mode=0755 owner=nginx group=nginx
with_items: "{{ nginx_vhosts }}"
loop: "{{ nginx_vhosts }}"
- name: Install WordPress
git: repo=https://github.com/WordPress/WordPress.git dest={{ nginx_root_prefix }}/{{ item.domain_name }}/wordpress version={{ item.wordpress_version }} depth=1 force=yes
when: item.has_wordpress is defined and item.has_wordpress == True
with_items: "{{ nginx_vhosts }}"
loop: "{{ nginx_vhosts }}"
tags: wordpress
- name: Fix WordPress directory permissions
file: path={{ nginx_root_prefix }}/{{ item.domain_name }} state=directory owner=nginx group=nginx recurse=yes
when: item.has_wordpress is defined and item.has_wordpress == True
with_items: "{{ nginx_vhosts }}"
loop: "{{ nginx_vhosts }}"
tags: wordpress
- import_tasks: letsencrypt.yml

View File

@ -1,7 +1,7 @@
---
- name: Install php7.0-fpm and deps
apt: name={{ item }} state=present update_cache=yes
with_items:
loop:
- php7.0-fpm
# for WordPress
- php7.0-mysql
@ -15,7 +15,7 @@
# only copy php-fpm config for vhosts that need WordPress or PHP
- name: Copy php-fpm pool config
template: src=php7.0-pool.conf.j2 dest=/etc/php/7.0/fpm/pool.d/{{ item.domain_name }}.conf owner=root group=root mode=0644
with_items: "{{ nginx_vhosts }}"
loop: "{{ nginx_vhosts }}"
when: (item.has_wordpress is defined and item.has_wordpress == True) or (item.needs_php is defined and item.needs_php == True)
notify: reload php7.0-fpm
tags: php-fpm