Alan Orth
547d808aea
roles/common: Remove ansible_os_family checks
...
We're only supporting Debian family now so there's no point to check
this variable now.
2017-11-05 01:19:28 +02:00
Alan Orth
e43d8924e8
roles/munin: Remove ansible_os_family checks
...
First of all, there is no ansible_os_family Ubuntu! Second, we are only
supporting Debian-based systems here so there is no need to check this.
2017-11-05 01:17:01 +02:00
Alan Orth
5f8820bf9f
roles/common: Remove Ubuntu 14.04 logic
...
We're only supporting Ubuntu 16.04 now.
2017-11-05 01:11:37 +02:00
Alan Orth
cef1655c40
web.yml: Include Debian vars explicitly
...
No need to include using variable interpolation as I'm only supporting
Debian familiy OSes right now anyways.
2017-11-05 01:05:23 +02:00
Alan Orth
6ecbf9ada4
web.yml: Remove conditional from role include
...
We're only supporting Debian family OSes here anyways.
2017-11-05 01:03:41 +02:00
Alan Orth
7fd6127d29
roles/common: Remove check for CentOS in sshd task
...
I'm not supporting CentOS here so we don't need to check this.
2017-11-05 01:01:37 +02:00
Alan Orth
f76fc64afa
roles/common: Remove unused sshd_config templates
...
We're not supporting Ubuntu 14.04 or 15.04 anymore so we don't need
these templates.
2017-11-05 00:59:19 +02:00
Alan Orth
77a3b1cff7
roles/common: Remove Debian 8 sshd_config template
2017-11-05 00:58:03 +02:00
Alan Orth
b0524d2a2e
Remove references to Debian 8
...
I don't need or want to support Debian 8 anymore so I can remove all
references to it in comments and code.
2017-11-05 00:54:53 +02:00
Alan Orth
b87f2e2fb0
roles/common: Use command module instead of shell
...
You should only use the "shell" module when you need shell functions
like flow control and redirects. Also, the "command" module is safer
because it is not affected by the user's environment.
2017-11-05 00:49:03 +02:00
Alan Orth
58598f470c
roles/mariadb: Remove start/enable task
...
After installation the mariadb service is started and enabled, so we
don't need to do that explicitly.
2017-11-05 00:28:07 +02:00
Alan Orth
9b4f662bc5
roles/nginx: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
2d6819986f
roles/munin: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
0d694d44c8
roles/php-fpm: Update comment about Debian 9
2017-11-05 00:27:44 +02:00
Alan Orth
51183617b8
roles/php-fpm: Reload service instead of restarting
...
No need to bounce the service for most config changes when we can just
tell the daemon to reload gracefully.
2017-11-05 00:27:44 +02:00
Alan Orth
2a230ceff4
roles/php-fpm: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
7aafa1553b
roles/mariadb: Use systemd module instead of service
2017-11-05 00:27:44 +02:00
Alan Orth
b6a54ca4d1
roles/common: Reload firewalld instead of restart
...
There is no need to bounce the service, just reload it.
2017-11-05 00:27:44 +02:00
Alan Orth
0a92f3ae8f
roles/common: Use systemd module instead of "service"
...
This was new in Ansible 2.2 but I didn't notice until now. All of our
servers are running distributions with systemd so let's just use this.
2017-11-05 00:27:44 +02:00
Alan Orth
0e409792ca
roles/mariadb: Update comment with link to MySQL module docs
2017-11-05 00:26:32 +02:00
Alan Orth
7b60e6d24f
Revert "Import OS-specific vars in tasks instead of play"
...
This reverts commit e30e4d4b1e
.
I suspect this was a side effect of using Python 3 rather than an
issue in Ansible 2.4.0.0.
2017-11-04 23:53:38 +02:00
Alan Orth
63c5477f85
Revert "roles/common: Use static imports for tasks"
...
This reverts commit 5147f4029b
.
I think this was a side effect of using Python 3, not a regression in
Ansible 2.4.0.0.
2017-11-04 23:53:25 +02:00
Alan Orth
620e8258ac
roles/common: Remove duplicate option in sshd_config
2017-11-01 13:22:18 +02:00
Alan Orth
0463c3c0b8
Revert "ansible.cfg: Temporary workaround for Ansible > 2.4.0.0 connection issue"
...
This reverts commit 4f357f336f
.
On a hunch I recreated my Ansible virtualenv using Python 2.7 and now
connections work properly again without this. Something seems to have
happened with Python 3 in Ansible > 2.4.0.0.
For reference, Python version was 3.6.3 when it was not working, and
now it is working with Python 2.7.14.
2017-11-01 13:03:44 +02:00
Alan Orth
5147f4029b
roles/common: Use static imports for tasks
...
Something seems to have happened as of Ansible 2.4.0.0 where this no
longer works. I suspect it is related to the major changes to static
and dynamic imports that landed around this same time.
In practice this achieves the same function, but without the "magic"
ability to use one task for different operating systems.
2017-11-01 01:25:46 +02:00
Alan Orth
e30e4d4b1e
Import OS-specific vars in tasks instead of play
...
Something seems to have happened as of Ansible 2.4.0.0 where this no
longer works. I suspect it is related to the major changes to static
and dynamic imports that landed around this same time.
We make sure that this tasks always runs by using the special tag of
the same name.
2017-11-01 01:21:48 +02:00
Alan Orth
73e6d0b7ed
roles/nginx: Fix issue raised by ansible-lint
...
[ANSIBLE0006] systemctl used in place of systemd module
Also, move the functionality of the changed check to the systemd task,
because it has the ability to simply daemon-reload itself now.
2017-10-31 23:18:15 +02:00
Alan Orth
4ad4d79b3d
roles/munin: Fix issue raised by ansible-lint
...
[ANSIBLE0010] Package installs should not use latest
2017-10-31 22:41:40 +02:00
Alan Orth
f362207616
roles/munin: Fix issue raised by ansible-lint
...
[ANSIBLE0002] Trailing whitespace
2017-10-31 22:39:34 +02:00
Alan Orth
e043cd7dfe
roles/munin: Fix issue raised by ansible-lint
...
[ANSIBLE0010] Package installs should not use latest
2017-10-31 22:38:32 +02:00
Alan Orth
f7393b0ca9
host_vars/web12: WordPress 4.8.3
2017-10-31 19:42:49 +02:00
Alan Orth
4f357f336f
ansible.cfg: Temporary workaround for Ansible > 2.4.0.0 connection issue
...
Not sure what causes it but I get timeouts when connecting to my hosts
with Ansible > 2.4.0.0 (tested 2.4.1.0 and current 2.5.0-devel). For
some reason switching to paramiko fixes it.
2017-10-30 16:21:35 +02:00
Alan Orth
a312166da9
misc-plays/change_password.yml: Use become
2017-10-14 14:20:34 +03:00
Alan Orth
15bf4727c1
roles/common: Add names to include tasks
...
I'm not sure why these weren't caught by ansible-lint.
2017-10-03 17:46:55 +03:00
Alan Orth
e86e2c081b
roles/nginx: Use 'present' instead of 'latest' to install nginx
...
Raised by the following rule in ansible-lint:
[ANSIBLE0010] Package installs should not use latest
2017-10-03 15:04:54 +03:00
Alan Orth
5281d41445
Add names to include tasks
...
Raised by ansible-lint in the following rule:
[ANSIBLE0011] All tasks should be named
2017-10-03 15:03:09 +03:00
Alan Orth
643c89891e
web.yml: Use 'remote_user' instead of 'user'
...
The use of 'user' was deprecated in Ansible 1.4.
2017-10-03 14:05:15 +03:00
Alan Orth
bdf32df28e
host_vars/web12: Remove mjanja.org
2017-10-01 09:17:08 +03:00
Alan Orth
b3fa930019
host_vars/web12: ansible_ssh_host → ansible_host
...
This was apparently deprecated in ansible 2.0.
See: https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#2.0
2017-09-26 15:27:27 +03:00
Alan Orth
a38e2a4ff6
roles/mariadb: Use MariaDB 10.2 from vendor repo
...
I can't remember right now why I needed to use Debian's MariaDB build
but now I just want to use upstream's latest stable. Debian's version
is 10.1 and upstream has moved on to 10.2.
2017-09-26 15:15:27 +03:00
Alan Orth
ff6253213a
roles/common: Rename "iptables" task to "firewall"
2017-09-26 14:32:21 +03:00
Alan Orth
818cbfd533
roles/common: Enable firewalld in Debian 9
2017-09-26 14:30:18 +03:00
Alan Orth
58245e3480
roles/common/tasks/main.yml: Remove comment
2017-09-22 15:53:01 +03:00
Alan Orth
16a9ebf97f
Adjust playbooks for Ansible 2.4 import changes
...
Ansible 2.4 changes the way includes work. Now you have to use "import"
for playbooks and tasks that are static, and "include" for those that
are dynamic (ie, those that use variables, loops, etc).
See: http://docs.ansible.com/ansible/devel/playbooks_reuse_includes.html
2017-09-21 21:30:47 +03:00
Alan Orth
3e581f9a46
README.md: Remove options from example invocation
...
They are now embedded inside ansible.cfg.
2017-09-20 13:01:12 +03:00
Alan Orth
0cd06a8298
ansible.cfg: Add option to always ask become pass
...
Saves having to remember to type -K during normal playbook runs.
2017-09-20 12:59:46 +03:00
Alan Orth
3d1022cd23
ansible.cfg: Add option to ask for vault pass
...
One less thing to remember to type during normal invocations.
2017-09-20 12:43:53 +03:00
Alan Orth
5867d6038c
ansible.cfg: Add inventory option
...
As of Ansible 2.4 the ANSIBLE_HOSTS environment variable is deprecated
so we need to specify this some other way.
2017-09-20 12:35:13 +03:00
Alan Orth
53eade7ab1
host_vars/web12: WordPress 4.8.2
2017-09-20 07:57:42 +03:00
Alan Orth
d124bd0dad
host_vars/web12: WordPress 4.8.1
2017-08-14 16:47:10 +03:00