diff --git a/testsite/playbooks/backup.yml b/testsite/playbooks/backup.yml index 6cad8b1ae9ee56caefaf051b310e78ea0b828b01..3c437b2084bb83b8309169d3b11d58fa07deac5e 100644 --- a/testsite/playbooks/backup.yml +++ b/testsite/playbooks/backup.yml @@ -1,6 +1,7 @@ --- -- hosts: backup +- name: Deploy backup server + hosts: backup remote_user: ansible become: true roles: diff --git a/testsite/playbooks/bootstrap.yml b/testsite/playbooks/bootstrap.yml index 0e808f433841d3e9b6d4f3667c908e20e733cbb2..65b7af41adbf39925a3fe5aed93f8cdb59b9edb6 100644 --- a/testsite/playbooks/bootstrap.yml +++ b/testsite/playbooks/bootstrap.yml @@ -1,6 +1,7 @@ --- -- hosts: testsite +- name: Bootstrap servers for Ansible use + hosts: testsite remote_user: root roles: - bootstrap diff --git a/testsite/playbooks/ldap.yml b/testsite/playbooks/ldap.yml index f923015cc8679d05c30b168b71925da4394e2835..2b6ea7f105e93563cf049d5bea92950895fc1882 100644 --- a/testsite/playbooks/ldap.yml +++ b/testsite/playbooks/ldap.yml @@ -1,6 +1,7 @@ --- -- hosts: ldap +- name: Deploy LDAP server + hosts: ldap remote_user: ansible become: true roles: @@ -9,25 +10,26 @@ - ldap_client - ldap_server -- hosts: ldap +- name: Create data on LDAP server + hosts: ldap remote_user: ansible become: true tasks: - name: Add users to mail LDAP group - ldap_attr: + community.general.ldap_attrs: dn: "cn=mail,ou=groups,{{ testsite_ldap_base }}" - name: uniqueMember - values: - - "uid=johndoe,ou=people,{{ testsite_ldap_base }}" - - "uid=janedoe,ou=people,{{ testsite_ldap_base }}" + attributes: + uniqueMember: + - "uid=johndoe,ou=people,{{ testsite_ldap_base }}" + - "uid=janedoe,ou=people,{{ testsite_ldap_base }}" state: present - name: Add user to XMPP LDAP group - ldap_attr: + community.general.ldap_attrs: dn: "cn=xmpp,ou=groups,{{ testsite_ldap_base }}" - name: uniqueMember - values: - - "uid=johndoe,ou=people,{{ testsite_ldap_base }}" - - "uid=janedoe,ou=people,{{ testsite_ldap_base }}" + attributes: + uniqueMember: + - "uid=johndoe,ou=people,{{ testsite_ldap_base }}" + - "uid=janedoe,ou=people,{{ testsite_ldap_base }}" state: present diff --git a/testsite/playbooks/mail.yml b/testsite/playbooks/mail.yml index 374c02cf28364fdfdca50915d7bb13819476d049..4d8bb731f2de00d7d81a18583093f2b403bde2a7 100644 --- a/testsite/playbooks/mail.yml +++ b/testsite/playbooks/mail.yml @@ -1,6 +1,7 @@ --- -- hosts: mail +- name: Deploy mail server + hosts: mail remote_user: ansible become: true roles: diff --git a/testsite/playbooks/preseed.yml b/testsite/playbooks/preseed.yml index 2e895a42d72accc73205ac2b2ed61d4b695ce290..520586e9a3d188737b741a50a15c6fdd4fb2db38 100644 --- a/testsite/playbooks/preseed.yml +++ b/testsite/playbooks/preseed.yml @@ -1,6 +1,6 @@ --- -# Playbook for generating Debian preseed files for automating the installation. -- hosts: preseed +- name: Generate Debian preseed files for automated installation + hosts: preseed roles: - preseed diff --git a/testsite/playbooks/roles/phpinfo/tasks/main.yml b/testsite/playbooks/roles/phpinfo/tasks/main.yml index 7359bbaeda4520e4aff0b1d518a5fefa6fe3aca8..dfe0aebfd9afb592617a3d70bfa0c3a27f294fd2 100644 --- a/testsite/playbooks/roles/phpinfo/tasks/main.yml +++ b/testsite/playbooks/roles/phpinfo/tasks/main.yml @@ -1,9 +1,17 @@ --- - name: Create directory for hosting the application - file: dest="/var/www/phpinfo.{{ testsite_domain }}/htdocs/" state=directory - owner="admin-phpinfo_{{ testsite_domain_underscores }}" group="web-phpinfo_{{ testsite_domain_underscores }}" mode=2750 + ansible.builtin.file: + dest: "/var/www/phpinfo.{{ testsite_domain }}/htdocs/" + state: directory + owner: "admin-phpinfo_{{ testsite_domain_underscores }}" + group: "web-phpinfo_{{ testsite_domain_underscores }}" + mode: "02750" - name: Deploy the index.php - copy: src="index.php" dest="/var/www/phpinfo.{{ testsite_domain }}/htdocs/index.php" - owner="admin-phpinfo_{{ testsite_domain_underscores }}" group="web-phpinfo_{{ testsite_domain_underscores }}" mode=640 + ansible.builtin.copy: + src: "index.php" + dest: "/var/www/phpinfo.{{ testsite_domain }}/htdocs/index.php" + owner: "admin-phpinfo_{{ testsite_domain_underscores }}" + group: "web-phpinfo_{{ testsite_domain_underscores }}" + mode: "0640" diff --git a/testsite/playbooks/roles/wsgihello/handlers/main.yml b/testsite/playbooks/roles/wsgihello/handlers/main.yml index 776c5423f205f7a2d58b729eecc80a760b6d16e9..1b39c8edfc4f8158a791ba4cf858b6c8fbbf1f86 100644 --- a/testsite/playbooks/roles/wsgihello/handlers/main.yml +++ b/testsite/playbooks/roles/wsgihello/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: Restart wsgihello - service: + ansible.builtin.service: name: "wsgi.{{ testsite_domain }}" state: restarted diff --git a/testsite/playbooks/roles/wsgihello/tasks/main.yml b/testsite/playbooks/roles/wsgihello/tasks/main.yml index 49a51830e2f415960999f2c20443704cfe121165..f4ae701ecaaee8070cb7c3b626d0fa9edbfb5362 100644 --- a/testsite/playbooks/roles/wsgihello/tasks/main.yml +++ b/testsite/playbooks/roles/wsgihello/tasks/main.yml @@ -1,11 +1,19 @@ --- - name: Create directroy for storing code - file: dest="/var/www/wsgi.{{ testsite_domain }}/code/" state=directory - owner="admin-wsgi_{{ testsite_domain_underscores }}" group="web-wsgi_{{ testsite_domain_underscores }}" mode=2750 + ansible.builtin.file: + dest: "/var/www/wsgi.{{ testsite_domain }}/code/" + state: directory + owner: "admin-wsgi_{{ testsite_domain_underscores }}" + group: "web-wsgi_{{ testsite_domain_underscores }}" + mode: "02750" - name: Deploy WSGI application - copy: src="hello.wsgi" dest="/var/www/wsgi.{{ testsite_domain }}/code/wsgi.py" - owner="admin-wsgi_{{ testsite_domain_underscores }}" group="web-wsgi_{{ testsite_domain_underscores }}" mode=640 + ansible.builtin.copy: + src: "hello.wsgi" + dest: "/var/www/wsgi.{{ testsite_domain }}/code/wsgi.py" + owner: "admin-wsgi_{{ testsite_domain_underscores }}" + group: "web-wsgi_{{ testsite_domain_underscores }}" + mode: "0640" notify: - Restart wsgihello diff --git a/testsite/playbooks/roles/wsgihello2/handlers/main.yml b/testsite/playbooks/roles/wsgihello2/handlers/main.yml index 6265784eed77061f10a33b6437882d668336a49c..0eaf9c139c688010144e5e97c76a80c5b7df5c64 100644 --- a/testsite/playbooks/roles/wsgihello2/handlers/main.yml +++ b/testsite/playbooks/roles/wsgihello2/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: Restart wsgihello2 - service: + ansible.builtin.service: name: "wsgireq.{{ testsite_domain }}" state: restarted diff --git a/testsite/playbooks/roles/wsgihello2/tasks/main.yml b/testsite/playbooks/roles/wsgihello2/tasks/main.yml index 8fed7495cb887880b46857e71d5304cd73c245de..41247c553e99c73ef4094f08d59428c930205dbc 100644 --- a/testsite/playbooks/roles/wsgihello2/tasks/main.yml +++ b/testsite/playbooks/roles/wsgihello2/tasks/main.yml @@ -1,38 +1,55 @@ --- - name: Create directory for storing code - file: dest="/var/www/wsgireq.{{ testsite_domain }}/code/" state=directory - owner="admin-wsgireq_{{ testsite_domain_underscores }}" group="web-wsgireq_{{ testsite_domain_underscores }}" mode=2750 + ansible.builtin.file: + dest: "/var/www/wsgireq.{{ testsite_domain }}/code/" + state: directory + owner: "admin-wsgireq_{{ testsite_domain_underscores }}" + group: "web-wsgireq_{{ testsite_domain_underscores }}" + mode: "02750" - name: Deploy requirements and its source for upgrade checks - copy: src="{{ item }}" dest="/etc/pip_check_requirements_upgrades/wsgireq.{{ testsite_domain }}/{{ item }}" - owner="root" group="pipreqcheck" mode=640 + ansible.builtin.copy: + src: "{{ item }}" + dest: "/etc/pip_check_requirements_upgrades/wsgireq.{{ testsite_domain }}/{{ item }}" + owner: "root" + group: "pipreqcheck" + mode: "0640" with_items: - requirements.in - requirements.txt - name: Deploy requirements - copy: src="requirements.txt" dest="/var/www/wsgireq.{{ testsite_domain }}/code/requirements.txt" - owner="admin-wsgireq_{{ testsite_domain_underscores }}" group="web-wsgireq_{{ testsite_domain_underscores }}" mode=640 - -- name: Install latest version of pip - become_user: "admin-wsgireq_{{ testsite_domain_underscores }}" - pip: name=pip state=latest virtualenv="/var/www/wsgireq.{{ testsite_domain }}/virtualenv" + ansible.builtin.copy: + src: "requirements.txt" + dest: "/var/www/wsgireq.{{ testsite_domain }}/code/requirements.txt" + owner: "admin-wsgireq_{{ testsite_domain_underscores }}" + group: "web-wsgireq_{{ testsite_domain_underscores }}" + mode: "0640" - name: Deploy pip-tools + become: true become_user: "admin-wsgireq_{{ testsite_domain_underscores }}" - pip: name=pip-tools state=present virtualenv="/var/www/wsgireq.{{ testsite_domain }}/virtualenv" + ansible.builtin.pip: + name: pip-tools + state: present + virtualenv: "/var/www/wsgireq.{{ testsite_domain }}/virtualenv" - name: Synchronise virtual environment with requirements file + become: true become_user: "admin-wsgireq_{{ testsite_domain_underscores }}" - command: "'/var/www/wsgireq.{{ testsite_domain }}/virtualenv/bin/exec' pip-sync ~/code/requirements.txt ~/.wsgi_requirements.txt" + ansible.builtin.command: "'/var/www/wsgireq.{{ testsite_domain }}/virtualenv/bin/exec' pip-sync ~/code/requirements.txt ~/.wsgi_requirements.txt" register: pip_sync_result changed_when: "pip_sync_result.stdout != 'Everything up-to-date'" notify: - Restart wsgihello2 - name: Deploy WSGI application - copy: src="hello.wsgi" dest="/var/www/wsgireq.{{ testsite_domain }}/code/wsgi.py" - owner="admin-wsgireq_{{ testsite_domain_underscores }}" group="web-wsgireq_{{ testsite_domain_underscores }}" mode=640 + ansible.builtin.copy: + src: "hello.wsgi" + dest: "/var/www/wsgireq.{{ testsite_domain }}/code/wsgi.py" + owner: "admin-wsgireq_{{ testsite_domain_underscores }}" + group: "web-wsgireq_{{ testsite_domain_underscores }}" + mode: "0640" notify: - Restart wsgihello2 diff --git a/testsite/playbooks/site.yml b/testsite/playbooks/site.yml index 1a2327662f1709635858a2f302ec611afb236c74..28eef2f31489a7b6d7b337b5a543edb6faa7f33f 100644 --- a/testsite/playbooks/site.yml +++ b/testsite/playbooks/site.yml @@ -1,9 +1,9 @@ --- -- import_playbook: preseed.yml -- import_playbook: ldap.yml -- import_playbook: xmpp.yml -- import_playbook: mail.yml -- import_playbook: web.yml -- import_playbook: backup.yml -- import_playbook: ws.yml +- ansible.builtin.import_playbook: preseed.yml # noqa name[play] +- ansible.builtin.import_playbook: ldap.yml # noqa name[play] +- ansible.builtin.import_playbook: xmpp.yml # noqa name[play] +- ansible.builtin.import_playbook: mail.yml # noqa name[play] +- ansible.builtin.import_playbook: web.yml # noqa name[play] +- ansible.builtin.import_playbook: backup.yml # noqa name[play] +- ansible.builtin.import_playbook: ws.yml # noqa name[play] diff --git a/testsite/playbooks/tls.yml b/testsite/playbooks/tls.yml index ac1857d309b21cb720c138df23229391b89e7a65..8fbdd731f1ce5503acfcb88e6b22b3d79e3150d3 100644 --- a/testsite/playbooks/tls.yml +++ b/testsite/playbooks/tls.yml @@ -1,6 +1,7 @@ --- -- hosts: preseed +- name: Generate TLS private keys and certificates + hosts: preseed vars: host_tls_info: - hostname: ldap @@ -31,23 +32,27 @@ - "{{ testsite_domain }}" tasks: - name: Create GnuTLS certificate templates for all hosts - template: src="../tls/gnutls_server_certificate.cfg.j2" dest="../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg" + ansible.builtin.template: + src: "../tls/gnutls_server_certificate.cfg.j2" + dest: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg" + mode: "0640" with_items: "{{ host_tls_info }}" - name: Create the CA key - command: certtool --sec-param high --generate-privkey --outfile ../tls/ca.key + ansible.builtin.command: certtool --sec-param high --generate-privkey --outfile ../tls/ca.key args: creates: ../tls/ca.key - name: Create the CA certificate - command: certtool --template ../tls/ca.cfg --generate-self-signed --load-privkey ../tls/ca.key --outfile ../tls/ca.pem + ansible.builtin.command: certtool --template ../tls/ca.cfg --generate-self-signed --load-privkey ../tls/ca.key --outfile ../tls/ca.pem args: creates: ../tls/ca.pem - name: Create private keys for all hosts - command: certtool --sec-param normal --generate-privkey --outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key" + ansible.builtin.command: | + certtool --sec-param normal --generate-privkey --outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key" with_items: "{{ host_tls_info }}" args: creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key" - name: Issue certificates for all hosts - shell: sleep 1 && certtool --generate-certificate + ansible.builtin.shell: sleep 1 && certtool --generate-certificate --load-ca-privkey "../tls/ca.key" --load-ca-certificate "../tls/ca.pem" --template "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg" --load-privkey "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key" diff --git a/testsite/playbooks/web.yml b/testsite/playbooks/web.yml index 612508be2234ba7e383fcee860aca69d4486ad0b..ffd846bb7a249e90d632c76c1b4bba2f57bb5bd6 100644 --- a/testsite/playbooks/web.yml +++ b/testsite/playbooks/web.yml @@ -1,6 +1,7 @@ --- -- hosts: web +- name: Deploy web server + hosts: web remote_user: ansible become: true roles: diff --git a/testsite/playbooks/ws.yml b/testsite/playbooks/ws.yml index 2b9a8ce0c121116dc06096554417d466764ad615..85a5a08b01736c78e37f234492b936ca27597e36 100644 --- a/testsite/playbooks/ws.yml +++ b/testsite/playbooks/ws.yml @@ -1,6 +1,7 @@ --- -- hosts: workstation +- name: Deploy workstation + hosts: workstation remote_user: ansible become: true roles: diff --git a/testsite/playbooks/xmpp.yml b/testsite/playbooks/xmpp.yml index d7403e201a01de18ef41ad679e6e525897094522..810906822c4c336fd96ab05e972d0d8bd4e765c4 100644 --- a/testsite/playbooks/xmpp.yml +++ b/testsite/playbooks/xmpp.yml @@ -1,6 +1,7 @@ --- -- hosts: xmpp +- name: Deploy XMPP server + hosts: xmpp remote_user: ansible become: true roles: