Alan Orth
ab2961be61
roles/common: Update Tarsnap GPG key
...
See: https://www.tarsnap.com/pkg-deb.html
2018-04-05 12:17:25 +03:00
Alan Orth
933cbfd51c
Rework pipenv
...
Ansible 2.5.0 currently has problems with Jinja2 expressions and vaults
so I decided to use Ansible from a source checkout of the devel branch.
I removed the old Pipfile and re-created it with Python 2 and satisfied
the dependencies from requirements.txt, then sourced Ansible:
$ rm Pipfile*
$ pipenv install --two -r ~/src/git/ansible/requirements.txt
$ pipenv shell
$ source ~/src/git/ansible/hacking/env-setup
2018-04-05 12:14:46 +03:00
Alan Orth
a660810d3d
host_vars/web12: WordPress 4.9.5
2018-04-04 08:30:52 +03:00
Alan Orth
57120308dc
Update with_items loops to use new-ish "loop" keyword
...
Ansible 2.4 and 2.5 are moving away from specialized loop functions
and the old syntax will eventually be deprecated and removed. I did
not change the with_fileglob loops because I'm not sure about their
syntax yet.
See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
2018-04-02 15:52:51 +03:00
Alan Orth
fbf61c8e61
roles/munin: Don't use loop when installing one package
2018-04-02 15:51:29 +03:00
Alan Orth
ffee9250ee
Use new syntax for Jinja2 filters that are used as tests
...
Ansible 2.5.0 uses a new syntax for Jinja2 filters that are used as
tests.
See: https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.5.html
2018-04-02 15:37:37 +03:00
Alan Orth
b4c04aa4c9
README.md: Update copyright year
2018-03-26 16:13:04 +03:00
Alan Orth
aab49ca9d7
Update pip modules
2018-03-26 15:54:53 +03:00
Alan Orth
d155898bb1
Use new syntax for Jinj2 filters that are used as tests
...
Ansible 2.5.0 uses a new syntax for Jinja2 filters that are used as
tests.
See: https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.5.html
2018-03-21 21:17:21 +02:00
Alan Orth
8adc1cb3bb
Use ansible 2.5.0rc3
2018-03-21 20:52:45 +02:00
Alan Orth
52b4efd3b0
roles/common: Use HTTPS for tarsnap package mirror
2018-03-17 11:51:45 +02:00
Alan Orth
9296d78361
Pipfile.lock: Run pipenv update
2018-03-16 10:35:28 +02:00
Alan Orth
b2566f27c0
Use Python 3 for Pipenv
2018-03-08 01:03:14 +02:00
Alan Orth
e5b2745e36
host_vars/web12: WordPress 4.9.4
2018-02-06 21:24:45 +02:00
Alan Orth
0d6aba43ff
host_vars/web12: WordPress 4.9.3
2018-02-06 11:05:26 +02:00
Alan Orth
67c4320607
Add files for pipenv support
...
Pipenv is a new way to do Python virtual environments. I created the
virtual environment here using:
$ pipenv --two
$ pipenv install ansible ansible-lint
To use the virtual environment you enter the project directory and
type:
$ pipenv shell
See: https://github.com/pypa/pipenv
2018-01-28 10:56:06 +02:00
Alan Orth
8faf9cd4d8
host_vars/web12: WordPress 4.9.2
2018-01-17 07:54:33 +02:00
Alan Orth
948058151a
roles/common: Fix issues raised by ansible-lint
...
[ANSIBLE0010] Package installs should not use latest
2017-12-29 20:11:55 +02:00
Alan Orth
ac6b9c48af
host_vars/web12: WordPress 4.9.1
2017-11-30 09:05:59 +03:00
Alan Orth
16fc99c46c
host_vars/web12: WordPress 4.9
2017-11-16 08:16:29 +02:00
Alan Orth
a5e6513be3
roles/dspace: Update gzip_types formatting
...
From the H5BP project, see:
https://github.com/h5bp/server-configs-nginx/blob/master/nginx.conf
2017-11-14 12:44:56 +02:00
Alan Orth
97aca2cad2
roles/nginx: Remove Internet Explorer 6 gzip disable
...
I have zero idea if we have IE6 clients any more, but according to the
H5BP community IE6 actually did support gzip and only represents 0.1%
of Internet traffic in 2015 (!) anyways.
See: https://github.com/h5bp/server-configs-nginx/issues/125
2017-11-14 12:43:02 +02:00
Alan Orth
92fe57a4da
Revert "Revert "roles/common: Use static imports for tasks""
...
This reverts commit 63c5477f85
2017-11-05 01:51:49 +02:00
Alan Orth
36d6360eeb
roles/common: Fix error in conditional
2017-11-05 01:41:38 +02:00
Alan Orth
fec081d40a
roles/common: Use deb.debian.org instead of httpredir
...
Seems to be the evolution of httpredir.
2017-11-05 01:31:16 +02:00
Alan Orth
d15c9851db
roles/nginx: Use https for apt repository
2017-11-05 01:30:49 +02:00
Alan Orth
55b464e8f7
roles/common: Add apt-transport-https to base packages
...
Allows fetching debian repositories over HTTPS.
2017-11-05 01:29:00 +02:00
Alan Orth
1882ba612f
roles/munin: Remove ansible_os_family checks
...
We only run Debian family distributions now so there is no need to check
this case.
2017-11-05 01:20:20 +02:00
Alan Orth
547d808aea
roles/common: Remove ansible_os_family checks
...
We're only supporting Debian family now so there's no point to check
this variable now.
2017-11-05 01:19:28 +02:00
Alan Orth
e43d8924e8
roles/munin: Remove ansible_os_family checks
...
First of all, there is no ansible_os_family Ubuntu! Second, we are only
supporting Debian-based systems here so there is no need to check this.
2017-11-05 01:17:01 +02:00
Alan Orth
5f8820bf9f
roles/common: Remove Ubuntu 14.04 logic
...
We're only supporting Ubuntu 16.04 now.
2017-11-05 01:11:37 +02:00
Alan Orth
cef1655c40
web.yml: Include Debian vars explicitly
...
No need to include using variable interpolation as I'm only supporting
Debian familiy OSes right now anyways.
2017-11-05 01:05:23 +02:00
Alan Orth
6ecbf9ada4
web.yml: Remove conditional from role include
...
We're only supporting Debian family OSes here anyways.
2017-11-05 01:03:41 +02:00
Alan Orth
7fd6127d29
roles/common: Remove check for CentOS in sshd task
...
I'm not supporting CentOS here so we don't need to check this.
2017-11-05 01:01:37 +02:00
Alan Orth
f76fc64afa
roles/common: Remove unused sshd_config templates
...
We're not supporting Ubuntu 14.04 or 15.04 anymore so we don't need
these templates.
2017-11-05 00:59:19 +02:00
Alan Orth
77a3b1cff7
roles/common: Remove Debian 8 sshd_config template
2017-11-05 00:58:03 +02:00
Alan Orth
b0524d2a2e
Remove references to Debian 8
...
I don't need or want to support Debian 8 anymore so I can remove all
references to it in comments and code.
2017-11-05 00:54:53 +02:00
Alan Orth
b87f2e2fb0
roles/common: Use command module instead of shell
...
You should only use the "shell" module when you need shell functions
like flow control and redirects. Also, the "command" module is safer
because it is not affected by the user's environment.
2017-11-05 00:49:03 +02:00
Alan Orth
58598f470c
roles/mariadb: Remove start/enable task
...
After installation the mariadb service is started and enabled, so we
don't need to do that explicitly.
2017-11-05 00:28:07 +02:00
Alan Orth
9b4f662bc5
roles/nginx: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
2d6819986f
roles/munin: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
0d694d44c8
roles/php-fpm: Update comment about Debian 9
2017-11-05 00:27:44 +02:00
Alan Orth
51183617b8
roles/php-fpm: Reload service instead of restarting
...
No need to bounce the service for most config changes when we can just
tell the daemon to reload gracefully.
2017-11-05 00:27:44 +02:00
Alan Orth
2a230ceff4
roles/php-fpm: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
7aafa1553b
roles/mariadb: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
b6a54ca4d1
roles/common: Reload firewalld instead of restart
...
There is no need to bounce the service, just reload it.
2017-11-05 00:27:44 +02:00
Alan Orth
0a92f3ae8f
roles/common: Use systemd module instead of "service"
...
This was new in Ansible 2.2 but I didn't notice until now. All of our
servers are running distributions with systemd so let's just use this.
2017-11-05 00:27:44 +02:00
Alan Orth
0e409792ca
roles/mariadb: Update comment with link to MySQL module docs
2017-11-05 00:26:32 +02:00
Alan Orth
7b60e6d24f
Revert "Import OS-specific vars in tasks instead of play"
...
This reverts commit e30e4d4b1e
2017-11-04 23:53:38 +02:00
Alan Orth
63c5477f85
Revert "roles/common: Use static imports for tasks"
...
This reverts commit 5147f4029b
2017-11-04 23:53:25 +02:00
Alan Orth