Update with_items loops to use new-ish "loop" keyword
Ansible 2.4 and 2.5 are moving away from specialized loop functions and the old syntax will eventually be deprecated and removed. I did not change the with_fileglob loops because I'm not sure about their syntax yet. See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
This commit is contained in:
parent
fbf61c8e61
commit
57120308dc
@ -2,7 +2,7 @@
|
||||
|
||||
- name: Configure cron-apt (config)
|
||||
copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }} owner={{ item.owner }} group={{ item.group }}
|
||||
with_items:
|
||||
loop:
|
||||
- { src: 'etc/cron-apt/config', dest: '/etc/cron-apt/config', mode: '0644', owner: 'root', group: 'root' }
|
||||
- { src: 'etc/cron-apt/3-download', dest: '/etc/cron-apt/action.d/3-download', mode: '0644', owner: 'root', group: 'root' }
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
- name: Install firewalld and deps
|
||||
when: ansible_distribution_major_version is version_compare('8', '>=')
|
||||
apt: pkg={{ item }} state=present
|
||||
with_items:
|
||||
loop:
|
||||
- firewalld
|
||||
- tidy
|
||||
tags: packages
|
||||
|
@ -2,7 +2,7 @@
|
||||
- name: Install firewalld and deps
|
||||
when: ansible_distribution_version is version_compare('15.04', '>=')
|
||||
apt: pkg={{ item }} state=present
|
||||
with_items:
|
||||
loop:
|
||||
- firewalld
|
||||
- tidy
|
||||
tags: packages
|
||||
|
@ -4,7 +4,7 @@
|
||||
|
||||
- name: Install base packages
|
||||
apt: name={{ item }} update_cache=yes
|
||||
with_items:
|
||||
loop:
|
||||
- git
|
||||
- tmux
|
||||
- iotop
|
||||
|
@ -8,7 +8,7 @@
|
||||
|
||||
- name: Install base packages
|
||||
apt: pkg={{ item }}
|
||||
with_items:
|
||||
loop:
|
||||
- git
|
||||
- tmux
|
||||
- iotop
|
||||
@ -29,13 +29,13 @@
|
||||
|
||||
- name: Security hardening (CIS Benchmark 1.0)
|
||||
apt: pkg={{ item }} state=absent purge=yes
|
||||
with_items:
|
||||
loop:
|
||||
- whoopsie # CIS 4.1
|
||||
- apport # CIS 4.1
|
||||
|
||||
- name: Remove annoying packages
|
||||
apt: pkg={{ item }} state=absent purge=yes
|
||||
with_items:
|
||||
loop:
|
||||
- command-not-found
|
||||
- command-not-found-data
|
||||
- python3-commandnotfound
|
||||
|
@ -15,7 +15,7 @@
|
||||
|
||||
- name: Remove DSA and ECDSA host keys
|
||||
file: name=/etc/ssh/{{ item }} state=absent
|
||||
with_items:
|
||||
loop:
|
||||
- ssh_host_dsa_key
|
||||
- ssh_host_dsa_key.pub
|
||||
- ssh_host_ecdsa_key
|
||||
|
@ -9,7 +9,7 @@
|
||||
|
||||
- name: Install mariadb-server
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
loop:
|
||||
- mariadb-server
|
||||
- python-mysqldb # for ansible
|
||||
tags: mariadb, packages
|
||||
@ -24,7 +24,7 @@
|
||||
# https://docs.ansible.com/ansible/latest/mysql_user_module.html
|
||||
- name: Update MariaDB root password for all root accounts
|
||||
mysql_user: name=root host={{ item }} password={{ mariadb_root_password }}
|
||||
with_items:
|
||||
loop:
|
||||
- "{{ inventory_hostname }}"
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
@ -37,13 +37,13 @@
|
||||
|
||||
- name: Create MariaDB database(s)
|
||||
mysql_db: db={{ item.name }} state=present encoding=utf8mb4
|
||||
with_items: "{{ mariadb_databases }}"
|
||||
loop: "{{ mariadb_databases }}"
|
||||
when: mariadb_databases is defined
|
||||
tags: mariadb
|
||||
|
||||
- name: Create MariaDB user(s)
|
||||
mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL state=present
|
||||
with_items: "{{ mariadb_databases }}"
|
||||
loop: "{{ mariadb_databases }}"
|
||||
when: mariadb_databases is defined
|
||||
tags: mariadb
|
||||
|
||||
|
@ -18,7 +18,7 @@
|
||||
- name: Install certbot dependencies (Ubuntu 16.04)
|
||||
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('16.04', '==')
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
loop:
|
||||
- augeas-doc
|
||||
- augeas-tools
|
||||
- binutils
|
||||
@ -62,7 +62,7 @@
|
||||
- name: Install certbot dependencies (Debian 9)
|
||||
when: ansible_distribution == 'Debian' and ansible_distribution_major_version is version_compare('9', '==')
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
loop:
|
||||
- augeas-doc
|
||||
- augeas-tools
|
||||
- autoconf
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
- name: Copy extra nginx configs
|
||||
copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
|
||||
with_items:
|
||||
loop:
|
||||
- extra-security.conf
|
||||
- fastcgi_cache
|
||||
notify:
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
- name: Configure https vhosts
|
||||
template: src=vhost.conf.j2 dest={{ nginx_confd_path }}/{{ item.domain_name }}.conf mode=0644 owner=root group=root
|
||||
with_items: "{{ nginx_vhosts }}"
|
||||
loop: "{{ nginx_vhosts }}"
|
||||
notify:
|
||||
- reload nginx
|
||||
|
||||
@ -18,18 +18,18 @@
|
||||
|
||||
- name: Create vhost document roots
|
||||
file: path={{ nginx_root_prefix }}/{{ item.domain_name }} state=directory mode=0755 owner=nginx group=nginx
|
||||
with_items: "{{ nginx_vhosts }}"
|
||||
loop: "{{ nginx_vhosts }}"
|
||||
|
||||
- name: Install WordPress
|
||||
git: repo=https://github.com/WordPress/WordPress.git dest={{ nginx_root_prefix }}/{{ item.domain_name }}/wordpress version={{ item.wordpress_version }} depth=1 force=yes
|
||||
when: item.has_wordpress is defined and item.has_wordpress == True
|
||||
with_items: "{{ nginx_vhosts }}"
|
||||
loop: "{{ nginx_vhosts }}"
|
||||
tags: wordpress
|
||||
|
||||
- name: Fix WordPress directory permissions
|
||||
file: path={{ nginx_root_prefix }}/{{ item.domain_name }} state=directory owner=nginx group=nginx recurse=yes
|
||||
when: item.has_wordpress is defined and item.has_wordpress == True
|
||||
with_items: "{{ nginx_vhosts }}"
|
||||
loop: "{{ nginx_vhosts }}"
|
||||
tags: wordpress
|
||||
|
||||
- import_tasks: letsencrypt.yml
|
||||
|
@ -1,7 +1,7 @@
|
||||
---
|
||||
- name: Install php7.0-fpm and deps
|
||||
apt: name={{ item }} state=present update_cache=yes
|
||||
with_items:
|
||||
loop:
|
||||
- php7.0-fpm
|
||||
# for WordPress
|
||||
- php7.0-mysql
|
||||
@ -15,7 +15,7 @@
|
||||
# only copy php-fpm config for vhosts that need WordPress or PHP
|
||||
- name: Copy php-fpm pool config
|
||||
template: src=php7.0-pool.conf.j2 dest=/etc/php/7.0/fpm/pool.d/{{ item.domain_name }}.conf owner=root group=root mode=0644
|
||||
with_items: "{{ nginx_vhosts }}"
|
||||
loop: "{{ nginx_vhosts }}"
|
||||
when: (item.has_wordpress is defined and item.has_wordpress == True) or (item.needs_php is defined and item.needs_php == True)
|
||||
notify: reload php7.0-fpm
|
||||
tags: php-fpm
|
||||
|
Loading…
Reference in New Issue
Block a user