From f7d56ff2b1c8ede74112c3005d9be1a54b60917e Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 1 Jan 2014 19:15:11 +0000 Subject: [PATCH] Fix old variable usage. Patch from janeznemanic. Thanks! --- playbooks/cloud_prep.yml | 8 +- playbooks/destroy_cloud_inst.yml | 15 ++-- playbooks/destroy_virt_inst.yml | 16 ++-- playbooks/el6_temp_instance.yml | 16 ++-- playbooks/f19_temp_instance.yml | 18 ++--- playbooks/fedora_temp_instance.yml | 16 ++-- playbooks/fedorahosted_fedmsg_git.yml | 30 +++---- playbooks/groups/arm-packager.yml | 16 ++-- playbooks/groups/arm-qa.yml | 16 ++-- playbooks/groups/arm-releng.yml | 18 ++--- playbooks/groups/backup-server.yml | 24 +++--- playbooks/groups/badges-backend.yml | 32 ++++---- playbooks/groups/badges-web.yml | 32 ++++---- playbooks/groups/beaker.yml | 26 +++---- playbooks/groups/bkernel.yml | 12 +-- playbooks/groups/buildhw.yml | 22 +++--- playbooks/groups/buildvm.yml | 20 ++--- playbooks/groups/docs-backend.yml | 26 +++---- playbooks/groups/fedocal.yml | 44 +++++------ playbooks/groups/gallery.yml | 32 ++++---- playbooks/groups/jenkins-cloud.yml | 78 +++++++++---------- playbooks/groups/kernel-qa.yml | 16 ++-- playbooks/groups/keyserver.yml | 30 +++---- playbooks/groups/koji-hub.yml | 26 +++---- playbooks/groups/mailman.yml | 58 +++++++------- playbooks/groups/mirrorlist.yml | 32 ++++---- playbooks/groups/notifs-backend.yml | 32 ++++---- playbooks/groups/notifs-web.yml | 32 ++++---- playbooks/groups/nuancier.yml | 32 ++++---- playbooks/groups/postgresl-server.yml | 30 +++---- playbooks/groups/releng.yml | 20 ++--- playbooks/groups/sign.yml | 12 +-- playbooks/groups/taskbot.yml | 26 +++---- playbooks/groups/virthost.yml | 20 ++--- .../artboard.cloud.fedoraproject.org.yml | 26 +++---- ...lockerbugs-dev.cloud.fedoraproject.org.yml | 16 ++-- .../copr-be-dev.cloud.fedoraproject.org.yml | 59 +++++++------- .../hosts/copr-be.cloud.fedoraproject.org.yml | 66 ++++++++-------- .../copr-fe-dev.cloud.fedoraproject.org.yml | 26 +++---- .../hosts/copr-fe.cloud.fedoraproject.org.yml | 32 ++++---- .../elections-dev.cloud.fedoraproject.org.yml | 18 ++--- .../hosts/fedocal.dev.fedoraproject.org.yml | 24 +++--- .../hosts/hrf.cloud.fedoraproject.org.yml | 18 ++--- .../lists-dev.cloud.fedoraproject.org.yml | 78 +++++++++---------- .../logstash-dev.cloud.fedoraproject.org.yml | 16 ++-- .../shogun-ca.cloud.fedoraproject.org.yml | 16 ++-- playbooks/rdiff-backup.yml | 8 +- playbooks/rkhunter_update.yml | 6 +- playbooks/set_root_auth_keys.yml | 8 +- playbooks/sign_and_import.yml | 4 +- playbooks/transient_post_provision.yml | 12 +-- playbooks/update_packages.yml | 6 +- playbooks/vhost_halt_guests.yml | 10 +-- roles/badges-backend/tasks/main.yml | 20 ++--- roles/badges-frontend/tasks/main.yml | 12 +-- roles/base/tasks/main.yml | 12 +-- roles/fas_client/tasks/main.yml | 12 +-- roles/fedmsg-hub/tasks/main.yml | 2 +- roles/fedmsg_base/tasks/main.yml | 14 ++-- roles/fedocal/tasks/main.yml | 2 +- roles/gallery/tasks/main.yml | 2 +- roles/geoip/tasks/main.yml | 4 +- roles/iscsi_client/tasks/main.yml | 3 +- roles/koji_db/tasks/main.yml | 2 +- roles/koji_hub/tasks/main.yml | 2 +- roles/mailman/tasks/main.yml | 32 ++++---- roles/mirrorlist/tasks/main.yml | 2 +- roles/nagios_client/tasks/main.yml | 4 +- roles/notifs-backend/tasks/main.yml | 4 +- roles/notifs-frontend/tasks/main.yml | 2 +- roles/nuancier/tasks/main.yml | 8 +- roles/postgresql_server/tasks/main.yml | 2 +- tasks/2fa_client.yml | 20 ++--- tasks/accelerate_prep.yml | 2 +- tasks/apache.yml | 12 +-- tasks/cloud_setup_basic.yml | 8 +- tasks/collectd/client.yml | 12 +-- tasks/common_scripts.yml | 4 +- tasks/growroot_cloud.yml | 8 +- tasks/hosts.yml | 4 +- tasks/iptables.yml | 12 +-- tasks/keyserver.yml | 22 +++--- tasks/koji/base_builder.yml | 44 +++++------ tasks/koji/bkernel-setup.yml | 8 +- tasks/koji/builder_kernel_config.yml | 2 +- tasks/koji/releng_config.yml | 54 ++++++------- tasks/mod_wsgi.yml | 2 +- tasks/mysql_server.yml | 4 +- tasks/openvpn_client.yml | 10 +-- tasks/persistent_cloud.yml | 12 +-- tasks/postfix_basic.yml | 14 ++-- tasks/rdiff_backup_server.yml | 6 +- tasks/serialgetty.yml | 2 +- tasks/sign_setup.yml | 14 ++-- tasks/sudo.yml | 6 +- tasks/transient_cloud.yml | 8 +- tasks/virthost.yml | 4 +- tasks/yumrepos.yml | 8 +- 98 files changed, 886 insertions(+), 889 deletions(-) diff --git a/playbooks/cloud_prep.yml b/playbooks/cloud_prep.yml index 64fc9eaa65..1242cfc05f 100644 --- a/playbooks/cloud_prep.yml +++ b/playbooks/cloud_prep.yml @@ -3,12 +3,12 @@ user: root vars_files: - /srv/web/infra/ansible/vars/global.yml - - $private/vars.yml - - $vars/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/destroy_cloud_inst.yml b/playbooks/destroy_cloud_inst.yml index 2b36bc7c0f..a36103441e 100644 --- a/playbooks/destroy_cloud_inst.yml +++ b/playbooks/destroy_cloud_inst.yml @@ -1,22 +1,21 @@ -DIE DIE DIE -there is no way this could work so fail - - +#DIE DIE DIE +# there is no way this could work so fail +# # only works with -e target= # requires --extra-vars="target=hostspec" - name: destroy the cloud instance - hosts: $target + hosts: "{{ target }}" user: root gather_facts: false tasks: - name: fail if the host/ip is not up - local_action: wait_for host=${inventory_hostname} port=22 delay=0 timeout=10 - when_string: inventory_hostname not in result.list_vms + local_action: wait_for host={{ inventory_hostname }} port=22 delay=0 timeout=10 + when: inventory_hostname not in result.list_vms - name: pause for 30s before doing it - pause: seconds=30 prompt="Destroying vm now $target, abort if this is wrong" + pause: seconds=30 prompt="Destroying vm now {{ target }}, abort if this is wrong" - name: find the instance id from the builder action: command curl -s http://169.254.169.254/latest/meta-data/instance-id diff --git a/playbooks/destroy_virt_inst.yml b/playbooks/destroy_virt_inst.yml index 99bc13e9b0..f16cd2c56f 100644 --- a/playbooks/destroy_virt_inst.yml +++ b/playbooks/destroy_virt_inst.yml @@ -10,29 +10,29 @@ # requires --extra-vars="target=hostspec" - name: destroy and undefine vm - hosts: $target + hosts: "{{ target }}" user: root gather_facts: false tasks: - name: get vm list on the vmhost - delegate_to: $vmhost + delegate_to: "{{ vmhost }}" virt: command=list_vms register: result - name: fail if the host is not already defined/existent - local_action: fail msg="host does not exist on $vmhost" + local_action: fail msg="host does not exist on {{ vmhost }}" when: inventory_hostname not in result.list_vms - name: pause for 30s before doing it - pause: seconds=30 prompt="Destroying vm now $target, abort if this is wrong" + pause: seconds=30 prompt="Destroying vm now {{ target }}, abort if this is wrong" - name: destroy the vm - action: virt name=${inventory_hostname} command=destroy - delegate_to: $vmhost + action: virt name={{ inventory_hostname }} command=destroy + delegate_to: "{{ vmhost }}" - name: undefine the vm - action: virt name=${inventory_hostname} command=undefine - delegate_to: $vmhost + action: virt name={{ inventory_hostname }} command=undefine + delegate_to: "{{ vmhost }}" diff --git a/playbooks/el6_temp_instance.yml b/playbooks/el6_temp_instance.yml index 5d52dc0217..f18c48333d 100644 --- a/playbooks/el6_temp_instance.yml +++ b/playbooks/el6_temp_instance.yml @@ -8,16 +8,16 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" vars: - keypair: fedora-admin-20130801 - - image: $el6_qcow_id + - image: "{{ el6_qcow_id }}" - instance_type: m1.small - security_group: default tasks: - - include: $tasks/transient_cloud.yml + - include: "{{ tasks }}/transient_cloud.yml" - name: provision instance hosts: tmp_just_created @@ -26,13 +26,13 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/growroot_cloud.yml - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/growroot_cloud.yml" + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/f19_temp_instance.yml b/playbooks/f19_temp_instance.yml index a8d9f6e67c..bca7ae3638 100644 --- a/playbooks/f19_temp_instance.yml +++ b/playbooks/f19_temp_instance.yml @@ -8,15 +8,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" vars: - keypair: fedora-admin-20130801 - - image: $f19_qcow_id + - image: "{{ f19_qcow_id }}" - instance_type: m1.small - security_group: default tasks: - - include: $tasks/transient_cloud.yml + - include: "{{ tasks }}/transient_cloud.yml" - name: provision instance hosts: tmp_just_created @@ -25,8 +25,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - name: growpart /dev/vda1 partition (/) to full size @@ -36,14 +36,14 @@ - name: resize the /dev/vda 1 fs action: command resize2fs /dev/vda1 - when: ${growpart.rc} == 0 + when: "{{ growpart.rc }} == 0" - name: put the mbr back - b/c the resize breaks booting otherwise action: shell cat /usr/share/syslinux/mbr.bin > /dev/vda - when: ${growpart.rc} == 0 + when: "{{ growpart.rc }} == 0" - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/fedora_temp_instance.yml b/playbooks/fedora_temp_instance.yml index 827a236252..9ef6a7aa4a 100644 --- a/playbooks/fedora_temp_instance.yml +++ b/playbooks/fedora_temp_instance.yml @@ -8,15 +8,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" vars: - keypair: fedora-admin-20130801 - - image: $f18_qcow_id + - image: "{{ f18_qcow_id }}" - instance_type: m1.small - security_group: default tasks: - - include: $tasks/transient_cloud.yml + - include: "{{ tasks }}/transient_cloud.yml" - name: provision instance hosts: tmp_just_created @@ -25,12 +25,12 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/growroot_cloud.yml - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/growroot_cloud.yml" + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/fedorahosted_fedmsg_git.yml b/playbooks/fedorahosted_fedmsg_git.yml index fd93e14ac1..163cfbfed6 100644 --- a/playbooks/fedorahosted_fedmsg_git.yml +++ b/playbooks/fedorahosted_fedmsg_git.yml @@ -1,6 +1,6 @@ # requires --extra-vars "{'repos': ['yokan.git', 'yumex.git']}" -- name: Install the fedmsg hook into a number of fedrahosted git repos +- name: Install the fedmsg hook into a number of fedorahosted git repos hosts: hosted03.fedoraproject.org user: root @@ -18,32 +18,32 @@ # the command *if* that creates= file is already present. Its a hackaround to # make this task idempotent. - name: make sure the git repos exist in the first place - command: /bin/ls ${prefix}${item} creates=${prefix}${item} - with_items: ${repos} + command: /bin/ls {{ prefix }}{{ item }} creates={{ prefix }}{{ item }} + with_items: "{{ repos }}" - name: ensure there is a post-receive-chained.d/ directory file: > state=directory - path=${prefix}${item}${chained}/ - with_items: ${repos} + path="{{ prefix }}{{ item }}{{ chained }}/" + with_items: "{{ repos }}" - name: move the old post-receive email hook into the chained dir command: > - /bin/mv ${prefix}${item}/hooks/post-receive ${prefix}${item}${chained}/post-receive-email - removes=${prefix}${item}/hooks/post-receive - creates=${prefix}${item}${chained}/post-receive-email - with_items: ${repos} + /bin/mv "{{ prefix }}{{ item }}/hooks/post-receive" "{{ prefix }}{{ item }}{{ chained }}/post-receive-email" + removes="{{ prefix }}{{ item }}/hooks/post-receive" + creates="{{ prefix }}{{ item }}{{ chained }}/post-receive-email" + with_items: "{{ repos }}" - name: symlink the fedmsg hook into the chained dir file: > - path=${prefix}${item}${chained}/post-receive-fedmsg - src=${fedmsg_hook} + path="{{ prefix }}{{ item }}{{ chained }}/post-receive-fedmsg" + src={{ fedmsg_hook }} state=link - with_items: ${repos} + with_items: "{{ repos }}" - name: symlink in the chained hook redirector file: > - path=${prefix}${item}/hooks/post-receive - src=${chained_hook} + path="{{ prefix }}{{ item }}/hooks/post-receive" + src={{ chained_hook }} state=link - with_items: ${repos} + with_items: "{{ repos }}" diff --git a/playbooks/groups/arm-packager.yml b/playbooks/groups/arm-packager.yml index d5279133aa..31190acf4f 100644 --- a/playbooks/groups/arm-packager.yml +++ b/playbooks/groups/arm-packager.yml @@ -8,8 +8,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -19,11 +19,11 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/arm-qa.yml b/playbooks/groups/arm-qa.yml index 3dae81e148..c8fa2b57db 100644 --- a/playbooks/groups/arm-qa.yml +++ b/playbooks/groups/arm-qa.yml @@ -8,8 +8,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -19,11 +19,11 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/arm-releng.yml b/playbooks/groups/arm-releng.yml index 16f25b5718..e10f5c339d 100644 --- a/playbooks/groups/arm-releng.yml +++ b/playbooks/groups/arm-releng.yml @@ -8,8 +8,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -20,12 +20,12 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/common_scripts.yml - - include: $tasks/sudo.yml - - include: $tasks/koji/releng_config.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/common_scripts.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/koji/releng_config.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/backup-server.yml b/playbooks/groups/backup-server.yml index 586455052b..d293269b7d 100644 --- a/playbooks/groups/backup-server.yml +++ b/playbooks/groups/backup-server.yml @@ -11,8 +11,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -22,13 +22,13 @@ - /srv/web/infra/ansible/roles/fas_client tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/mysql_server.yml - - include: $tasks/rdiff_backup_server.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/mysql_server.yml" + - include: "{{ tasks }}/rdiff_backup_server.yml" - name: Create GNOME backup user user: name=gnomebackup state=present home=/fedora_backups/gnome/ createhome=yes shell=/sbin/nologin @@ -40,10 +40,10 @@ copy: src=$files/gnome/ssh_config dest=/usr/local/etc/gnome_ssh_config mode=0600 owner=gnomebackup - name: Install GNOME backup key - copy: src=${private}/files/gnome/backup_id.rsa dest=/usr/local/etc/gnome_backup_id.rsa mode=0600 owner=gnomebackup + copy: src="{{ private }}/files/gnome/backup_id.rsa" dest=/usr/local/etc/gnome_backup_id.rsa mode=0600 owner=gnomebackup - name: Install GNOME backup script - copy: src=$files/gnome/backup.sh dest=/usr/local/bin/gnome_backup mode=0700 owner=gnomebackup + copy: src="{{ files }}/gnome/backup.sh" dest=/usr/local/bin/gnome_backup mode=0700 owner=gnomebackup - name: Schedule the GNOME backup script cron: name="Backup" hour=5 minute=0 job="(cd /fedora_backups/gnome/; /usr/local/bin/lock-wrapper gnomebackup /usr/local/bin/gnome_backup)" user=gnomebackup @@ -77,4 +77,4 @@ - expander.gnome.org handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/badges-backend.yml b/playbooks/groups/badges-backend.yml index f1a600fc9d..14ad19e1b1 100644 --- a/playbooks/groups/badges-backend.yml +++ b/playbooks/groups/badges-backend.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: dole out the generic configuration hosts: badges-backend;badges-backend-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -40,16 +40,16 @@ - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: dole out the service-specific config hosts: badges-backend;badges-backend-stg @@ -63,5 +63,5 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" diff --git a/playbooks/groups/badges-web.yml b/playbooks/groups/badges-web.yml index 5af4bebfee..6ad4d8d17e 100644 --- a/playbooks/groups/badges-web.yml +++ b/playbooks/groups/badges-web.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: badges-web;badges-web-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -41,15 +41,15 @@ - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/beaker.yml b/playbooks/groups/beaker.yml index 3ef3288ee1..a8eccc0656 100644 --- a/playbooks/groups/beaker.yml +++ b/playbooks/groups/beaker.yml @@ -9,14 +9,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: beaker @@ -25,8 +25,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -37,12 +37,12 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/collectd/client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/bkernel.yml b/playbooks/groups/bkernel.yml index e773afe848..b79b36159b 100644 --- a/playbooks/groups/bkernel.yml +++ b/playbooks/groups/bkernel.yml @@ -9,19 +9,19 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base tasks: - - include: $tasks/koji/base_builder.yml - - include: $tasks/koji/builder_kernel_config.yml - - include: $tasks/koji/bkernel-setup.yml + - include: "{{ tasks }}/koji/base_builder.yml" + - include: "{{ tasks }}/koji/builder_kernel_config.yml" + - include: "{{ tasks }}/koji/bkernel-setup.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: restart kojid action: service name=kojid state=restarted diff --git a/playbooks/groups/buildhw.yml b/playbooks/groups/buildhw.yml index 1f41d930e2..62bede2114 100644 --- a/playbooks/groups/buildhw.yml +++ b/playbooks/groups/buildhw.yml @@ -9,19 +9,19 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base tasks: - - include: $tasks/yumrepos.yml - - include: $tasks/hosts.yml - - include: $tasks/koji/base_builder.yml + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/koji/base_builder.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: restart kojid action: service name=kojid state=restarted @@ -35,18 +35,18 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base tasks: - - include: $tasks/hosts.yml - - include: $tasks/koji/builder_kernel_config.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/koji/builder_kernel_config.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: restart kojid action: service name=kojid state=restarted diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml index 1c7050bc7c..e5d8765713 100644 --- a/playbooks/groups/buildvm.yml +++ b/playbooks/groups/buildvm.yml @@ -11,14 +11,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make koji builder(s) hosts: buildvm @@ -28,19 +28,19 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base tasks: - - include: $tasks/hosts.yml - - include: $tasks/koji/base_builder.yml - - include: $tasks/koji/builder_kernel_config.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/koji/base_builder.yml" + - include: "{{ tasks }}/koji/builder_kernel_config.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: restart kojid action: service name=kojid state=restarted diff --git a/playbooks/groups/docs-backend.yml b/playbooks/groups/docs-backend.yml index 0b37252d92..3bbe04fdf7 100644 --- a/playbooks/groups/docs-backend.yml +++ b/playbooks/groups/docs-backend.yml @@ -5,14 +5,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: docs-backend @@ -21,8 +21,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -34,12 +34,12 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/collectd/client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/fedocal.yml b/playbooks/groups/fedocal.yml index 4ceb010100..762f9dbe40 100644 --- a/playbooks/groups/fedocal.yml +++ b/playbooks/groups/fedocal.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: fedocal-stg;fedocal @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -39,18 +39,18 @@ - /srv/web/infra/ansible/roles/fas_client tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: set up fedmsg hosts: fedocal-stg;fedocal @@ -60,14 +60,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/fedmsg_base handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: deploy fedocal itself hosts: fedocal-stg;fedocal @@ -77,11 +77,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/fedocal handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/gallery.yml b/playbooks/groups/gallery.yml index c45edd46c7..983fc24758 100644 --- a/playbooks/groups/gallery.yml +++ b/playbooks/groups/gallery.yml @@ -11,14 +11,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: gallery-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -40,15 +40,15 @@ - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/apache.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/apache.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: deploy gallery itself hosts: gallery-stg @@ -58,11 +58,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/gallery handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/jenkins-cloud.yml b/playbooks/groups/jenkins-cloud.yml index eedbc8c613..1e60e57c83 100644 --- a/playbooks/groups/jenkins-cloud.yml +++ b/playbooks/groups/jenkins-cloud.yml @@ -7,11 +7,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision master hosts: 209.132.184.153 @@ -22,8 +22,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" vars: - resolvconf: resolv.conf/jenkins-cloud @@ -31,7 +31,7 @@ - /srv/web/infra/ansible/roles/base tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" - name: make the jenkins path action: file state=directory path=/var/lib/jenkins @@ -40,14 +40,14 @@ action: mount name=/var/lib/jenkins src='LABEL=jenkins' fstype=ext4 state=mounted - name: poke firewall holes - action: command lokkit $item + action: command lokkit {{ item }} with_items: - --service=ssh - --service=https - --service=http - name: install pkgs for jenkins - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - vim - dejavu-s\* @@ -60,7 +60,7 @@ - packages - name: add jenkins proxy config file for apache - action: copy src=$files/jenkins/master/jenkins-apache.conf dest=/etc/httpd/conf.d/jenkins-apache.conf owner=root group=root mode=0644 + action: copy src="{{ files }}/jenkins/master/jenkins-apache.conf" dest=/etc/httpd/conf.d/jenkins-apache.conf owner=root group=root mode=0644 notify: - restart httpd tags: @@ -70,24 +70,24 @@ action: service name=httpd state=running enabled=true - name: add jenkins upstream repo - action: copy src=$files/jenkins/master/jenkins.repo dest=/etc/yum.repos.d/jenkins.repo owner=root group=root + action: copy src="{{ files }}/jenkins/master/jenkins.repo" dest=/etc/yum.repos.d/jenkins.repo owner=root group=root tags: - config - name: import jenkins upstream gpg key - action: copy src=$files/jenkins/master/jenkins-ci.org.key dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-jenkins-ci.org owner=root group=root + action: copy src="{{ files }}/jenkins/master/jenkins-ci.org.key" dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-jenkins-ci.org owner=root group=root tags: - config - name: install pkgs for jenkins - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - jenkins tags: - packages - name: set the hostname to jenkins-osversion - action: command hostname jenkins-master-${dist_tag} + action: command hostname jenkins-master-{{ dist_tag }} tags: - config @@ -101,19 +101,19 @@ action: file state=directory path=/var/lib/jenkins/plugins/ owner=jenkins group=jenkins - name: import jenkins plugins - action: copy src=$item owner=jenkins group=jenkins dest=/var/lib/jenkins/plugins/ - with_fileglob: $files/jenkins/master/plugins/*.hpi + action: copy src={{ item }} owner=jenkins group=jenkins dest=/var/lib/jenkins/plugins/ + with_fileglob: "{{ files }}/jenkins/master/plugins/*.hpi" tags: - config - name: import jenkins configuration files - action: copy src=$item owner=jenkins group=jenkins dest=/var/lib/jenkins/ backup=yes - with_fileglob: $files/jenkins/master/*.xml + action: copy src={{ item }} owner=jenkins group=jenkins dest=/var/lib/jenkins/ backup=yes + with_fileglob: "{{ files }}/jenkins/master/*.xml" tags: - config - name: add jenkins ssh priv key so it can connect to clients - action: copy src=$private/files/jenkins/ssh/jenkins_master dest=/var/tmp/jenkins_master_id_rsa mode=600 owner=jenkins group=jenkins + action: copy src="{{ private }}/files/jenkins/ssh/jenkins_master" dest=/var/tmp/jenkins_master_id_rsa mode=600 owner=jenkins group=jenkins tags: - config @@ -126,13 +126,13 @@ poll: 20 - name: jenkins hotfix big file - copy: src=$item dest=/var/lib/jenkins/plugins/openid/WEB-INF/lib/ group=jenkins mode=655 - with_fileglob: $bigfiles/hotfixes/jenkins/openid/*.jar + copy: src={{ item }} dest=/var/lib/jenkins/plugins/openid/WEB-INF/lib/ group=jenkins mode=655 + with_fileglob: "{{ bigfiles }}/hotfixes/jenkins/openid/*.jar" notify: - restart jenkins handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" ################################################### # jenkins slaves @@ -146,14 +146,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" vars: - keypair: fedora-admin-20130801 - security_group: default tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision workers hosts: jenkins-slaves @@ -164,21 +164,21 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" - name: add jenkins repos - action: copy src=$item dest=/etc/yum.repos.d/ owner=root group=root - with_fileglob: $files/jenkins/slaves/*.repo + action: copy src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root + with_fileglob: "{{ files }}/jenkins/slaves/*.repo" tags: - config - packages - name: install pkgs for jenkins - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - vim - java-1.7.0-openjdk @@ -219,7 +219,7 @@ - packages - name: install pkgs for jenkins for fedora systems - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} #when: is_fedora == 'True' with_items: - python3 @@ -303,7 +303,7 @@ - name: copy android SDK when: is_fedora == 'True' - action: copy src=$bigfiles/jenkins/android-sdk-with-platform-17.tar.gz dest=/var/android/ owner=jenkins_slave group=jenkins_slave + action: copy src="{{ bigfiles }}/jenkins/android-sdk-with-platform-17.tar.gz" dest=/var/android/ owner=jenkins_slave group=jenkins_slave - name: extract android SDK when: is_fedora == 'True' @@ -314,7 +314,7 @@ action: file state=absent path=/var/android/android-sdk-with-platform-17.tar.gz - name: set the hostname to jenkins-osversion - action: command hostname jenkins-${dist_tag} + action: command hostname jenkins-{{ dist_tag }} tags: - config @@ -326,21 +326,21 @@ - name: setup jenkins_slave ssh key action: authorized_key user=jenkins_slave key="{{ item }}" with_file: - - $private/files/jenkins/ssh/jenkins_master.pub + - "{{ private }}/files/jenkins/ssh/jenkins_master.pub" - name: jenkins_slave to mock group action: user name=jenkins_slave groups=mock - name: add .gitconfig for jenkins_slave user - action: copy src=$files/jenkins/gitconfig dest=/home/jenkins_slave/.gitconfig owner=jenkins_slave group=jenkins_slave mode=664 + action: copy src="{{ files }}/jenkins/gitconfig" dest=/home/jenkins_slave/.gitconfig owner=jenkins_slave group=jenkins_slave mode=664 tags: - config - name: template sshd_config - action: copy src=$item dest=/etc/ssh/sshd_config mode=0600 owner=root group=root + action: copy src={{ item }} dest=/etc/ssh/sshd_config mode=0600 owner=root group=root first_available_file: - - $files/jenkins/sshd_config_slave.$ansible_distribution - - $files/jenkins/sshd_config_slave + - "{{ files }}/jenkins/sshd_config_slave.{{ ansible_distribution }}" + - "{{ files }}/jenkins/sshd_config_slave" notify: - restart sshd tags: @@ -350,5 +350,5 @@ action: file state=directory path=/mnt/jenkins owner=jenkins_slave group=jenkins_slave handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/kernel-qa.yml b/playbooks/groups/kernel-qa.yml index 2b225d4603..eb2d476318 100644 --- a/playbooks/groups/kernel-qa.yml +++ b/playbooks/groups/kernel-qa.yml @@ -9,8 +9,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -21,15 +21,15 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/keyserver.yml b/playbooks/groups/keyserver.yml index 67ca2d6ada..75cc3e5dff 100644 --- a/playbooks/groups/keyserver.yml +++ b/playbooks/groups/keyserver.yml @@ -11,14 +11,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: keys01.fedoraproject.org @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -40,14 +40,14 @@ - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/openvpn_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/apache.yml - - include: $tasks/keyserver.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/openvpn_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/keyserver.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml index a647f05a6e..5d0044d03c 100644 --- a/playbooks/groups/koji-hub.yml +++ b/playbooks/groups/koji-hub.yml @@ -9,14 +9,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" # Once the instance exists, configure it. @@ -27,8 +27,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -39,12 +39,12 @@ - /srv/web/infra/ansible/roles/koji_hub tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/collectd/client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/collectd/client.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml index 508df64e43..352b6dd7b1 100644 --- a/playbooks/groups/mailman.yml +++ b/playbooks/groups/mailman.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: mailman-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -41,17 +41,17 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/collectd/client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" # Database setup @@ -62,23 +62,23 @@ sudo_user: postgres vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: # mailman auto-updates its schema, there can only be one admin user - name: mailman DB user - postgresql_user: name=mailmanadmin password=$mailman_mm_db_pass + postgresql_user: name=mailmanadmin password={{ mailman_mm_db_pass }} - name: hyperkitty DB admin user - postgresql_user: name=hyperkittyadmin password=$mailman_hk_admin_db_pass + postgresql_user: name=hyperkittyadmin password={{ mailman_hk_admin_db_pass }} - name: hyperkitty DB user - postgresql_user: name=hyperkittyapp password=$mailman_hk_db_pass + postgresql_user: name=hyperkittyapp password={{ mailman_hk_db_pass }} - name: kittystore DB admin user - postgresql_user: name=kittystoreadmin password=$mailman_ks_admin_db_pass + postgresql_user: name=kittystoreadmin password={{ mailman_ks_admin_db_pass }} - name: kittystore DB user - postgresql_user: name=kittystoreapp password=$mailman_ks_db_pass + postgresql_user: name=kittystoreapp password={{ mailman_ks_db_pass }} - name: databases creation - postgresql_db: name=$item owner=${item}admin encoding=UTF-8 + postgresql_db: name={{ item }} owner="{{ item }}admin" encoding=UTF-8 with_items: - mailman - hyperkitty @@ -93,8 +93,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/mailman @@ -102,7 +102,7 @@ tasks: - name: install more needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - tar - mailman # transition from mailman2.1 @@ -114,11 +114,11 @@ # owner=root group=root mode=0600 - name: start services - service: state=started enabled=yes name=$item + service: state=started enabled=yes name={{ item }} with_items: - httpd - mailman3 - postfix handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/mirrorlist.yml b/playbooks/groups/mirrorlist.yml index b1004eeb0a..ceb8a902d8 100644 --- a/playbooks/groups/mirrorlist.yml +++ b/playbooks/groups/mirrorlist.yml @@ -11,14 +11,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: mirrorlist @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -42,16 +42,16 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/collectd/client.yml - - include: $tasks/openvpn_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/openvpn_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/notifs-backend.yml b/playbooks/groups/notifs-backend.yml index 72798b6525..3a93b90890 100644 --- a/playbooks/groups/notifs-backend.yml +++ b/playbooks/groups/notifs-backend.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: dole out the generic configuration hosts: notifs-backend;notifs-backend-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -40,16 +40,16 @@ - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: dole out the service-specific config hosts: notifs-backend;notifs-backend-stg @@ -63,5 +63,5 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" diff --git a/playbooks/groups/notifs-web.yml b/playbooks/groups/notifs-web.yml index b910a689a5..b9af3269ed 100644 --- a/playbooks/groups/notifs-web.yml +++ b/playbooks/groups/notifs-web.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: notifs-web;notifs-web-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -41,15 +41,15 @@ - /srv/web/infra/ansible/roles/notifs-frontend tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/nuancier.yml b/playbooks/groups/nuancier.yml index 37f94d233f..a24355cfb2 100644 --- a/playbooks/groups/nuancier.yml +++ b/playbooks/groups/nuancier.yml @@ -10,15 +10,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml - - include: $tasks/accelerate_prep.yml + - include: "{{ tasks }}/virt_instance_create.yml" + - include: "{{ tasks }}/accelerate_prep.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: nuancier;nuancier-stg @@ -28,8 +28,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -39,18 +39,18 @@ - /srv/web/infra/ansible/roles/fas_client tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/openvpn_client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/openvpn_client.yml" when: env != "staging" - - include: $tasks/apache.yml - - include: $tasks/mod_wsgi.yml + - include: "{{ tasks }}/apache.yml" + - include: "{{ tasks }}/mod_wsgi.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: set up fedmsg hosts: nuancier;nuancier-stg diff --git a/playbooks/groups/postgresl-server.yml b/playbooks/groups/postgresl-server.yml index 5379c7b479..1953381340 100644 --- a/playbooks/groups/postgresl-server.yml +++ b/playbooks/groups/postgresl-server.yml @@ -9,14 +9,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" # Once the instance exists, configure it. @@ -27,8 +27,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -39,12 +39,12 @@ - /srv/web/infra/ansible/roles/postgresql_server tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/collectd/client.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/collectd/client.yml" - name: make koji db hosts: dbserver-secondary @@ -54,8 +54,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/koji_db @@ -63,4 +63,4 @@ # TODO: add iscsi task handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/releng.yml b/playbooks/groups/releng.yml index 352853f43e..1b61778296 100644 --- a/playbooks/groups/releng.yml +++ b/playbooks/groups/releng.yml @@ -11,14 +11,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" # Once the instance exists, configure it. @@ -30,18 +30,18 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base - /srv/web/infra/ansible/roles/nagios_client tasks: - - include: $tasks/koji/releng_config.yml - - include: $tasks/hosts.yml - - include: $tasks/motd.yml + - include: "{{ tasks }}/koji/releng_config.yml" + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/motd.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/sign.yml b/playbooks/groups/sign.yml index a9ca6ea77f..5d0468e65a 100644 --- a/playbooks/groups/sign.yml +++ b/playbooks/groups/sign.yml @@ -13,17 +13,17 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base - /srv/web/infra/ansible/roles/rkhunter tasks: - - include: $tasks/serialgetty.yml - - include: $tasks/motd.yml - - include: $tasks/sign_setup.yml + - include: "{{ tasks }}/serialgetty.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sign_setup.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/taskbot.yml b/playbooks/groups/taskbot.yml index 03456c2bde..8a9f3c4fcf 100644 --- a/playbooks/groups/taskbot.yml +++ b/playbooks/groups/taskbot.yml @@ -9,14 +9,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/virt_instance_create.yml + - include: "{{ tasks }}/virt_instance_create.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: make the box be real hosts: taskbot @@ -25,8 +25,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -38,12 +38,12 @@ tasks: # this is how you include other task lists - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/collectd/client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/virthost.yml b/playbooks/groups/virthost.yml index cf10cbcbad..728ed3a616 100644 --- a/playbooks/groups/virthost.yml +++ b/playbooks/groups/virthost.yml @@ -10,8 +10,8 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" roles: - /srv/web/infra/ansible/roles/base @@ -22,13 +22,13 @@ - /srv/web/infra/ansible/roles/iscsi_client tasks: - - include: $tasks/hosts.yml - - include: $tasks/yumrepos.yml - - include: $tasks/2fa_client.yml - - include: $tasks/motd.yml - - include: $tasks/sudo.yml - - include: $tasks/collectd/client.yml - - include: $tasks/virthost.yml + - include: "{{ tasks }}/hosts.yml" + - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/2fa_client.yml" + - include: "{{ tasks }}/motd.yml" + - include: "{{ tasks }}/sudo.yml" + - include: "{{ tasks }}/collectd/client.yml" + - include: "{{ tasks }}/virthost.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/artboard.cloud.fedoraproject.org.yml b/playbooks/hosts/artboard.cloud.fedoraproject.org.yml index 647fa851e1..4290cb45c1 100644 --- a/playbooks/hosts/artboard.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/artboard.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.143 @@ -18,19 +18,19 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/postfix_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/postfix_basic.yml" - name: mount up disk of persistent storage action: mount name=/srv/persist src='LABEL=artboard' fstype=ext4 state=mounted # open up ports (22, 80, 443) - name: poke holes in the firewall - action: command lokkit $item + action: command lokkit {{ item }} with_items: - --service=ssh - --service=https @@ -38,7 +38,7 @@ # packages needed - name: add packages - action: yum state=present name=$item + action: yum state=present name={{ item }} with_items: - rsync - openssh-clients @@ -51,12 +51,12 @@ # packages needed to be gone - name: erase packages - action: yum state=absent name=$item + action: yum state=absent name={{ item }} with_items: - cronie-anacron - name: artboard backup thing - action: copy src=$files/artboard/artboard-backup dest=/etc/cron.daily/artboard-backup mode=0755 + action: copy src="{{ files }}/artboard/artboard-backup" dest=/etc/cron.daily/artboard-backup mode=0755 - name: make artboard subdir action: file path=/srv/persist/artboard mode=0755 state=directory @@ -65,7 +65,7 @@ action: file state=link src=/srv/persist/artboard path=/var/www/html/artboard - name: add apache confs - action: copy src=$files/artboard/$item dest=/etc/httpd/conf.d/$item backup=true + action: copy src="{{ files }}/artboard/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}" backup=true with_items: - artboard.conf - redirect.conf @@ -75,4 +75,4 @@ action: service name=httpd state=started handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/blockerbugs-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/blockerbugs-dev.cloud.fedoraproject.org.yml index a7e5371792..cdb4e0de0f 100644 --- a/playbooks/hosts/blockerbugs-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/blockerbugs-dev.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: blockerbugs-dev.cloud.fedoraproject.org @@ -21,14 +21,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/iptables.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/iptables.yml" - name: mount up blockerbugs-dev to /srv/persistent mount: name=/srv/persistent src='LABEL=blockerbugs-dev' fstype=ext4 state=mounted handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml index 5b410cfeca..b330830b84 100644 --- a/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/copr-be-dev.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: copr-be-dev.cloud.fedoraproject.org @@ -18,19 +18,19 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/iptables.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/iptables.yml" - name: copy copr.repo - action: copy src=$files/copr/fe/yum/copr.repo dest=/etc/yum.repos.d/copr.repo + action: copy src="{{ files }}/copr/fe/yum/copr.repo" dest=/etc/yum.repos.d/copr.repo # packages needed - name: add packages for copr-be - action: yum state=present name=$item + action: yum state=present name= {{ item }} with_items: - copr-selinux - copr-backend @@ -39,7 +39,7 @@ - name: make copr dirs - file: state=directory path=$item + file: state=directory path= {{ item }} with_items: - /var/lib/copr/jobs - /var/lib/copr/public_html/results @@ -49,44 +49,44 @@ chdir: /var/lib/copr/public_html/results - name: setup dirs there - action: file state=directory path=/home/copr/$item owner=copr group=copr mode=0700 + action: file state=directory path="/home/copr/{{ item }}" owner=copr group=copr mode=0700 with_items: - cloud - .ssh - name: add copr-buildsys keys to copr user path - action: copy src=$item dest=/home/copr/cloud/ owner=copr group=copr mode=0600 - with_fileglob: $private/files/openstack/copr-copr/* + action: copy src={{ item }} dest=/home/copr/cloud/ owner=copr group=copr mode=0600 + with_fileglob: "{{ private }}/files/openstack/copr-copr/*" - name: setup privkey for copr user - action: copy src=$private/files/copr/buildsys.priv dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600 + action: copy src="{{ private }}/files/copr/buildsys.priv" dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600 - name: setup copr user ssh config file - action: copy src=$files/copr/ssh_config dest=/home/copr/.ssh/config owner=copr group=copr mode=600 + action: copy src="{{ files }}/copr/ssh_config" dest=/home/copr/.ssh/config owner=copr group=copr mode=600 - name: create empty known_hosts action: copy src=/dev/null dest=/home/copr/.ssh/known_hosts owner=copr group=copr mode=600 - name: replace bashrc for copr user - action: copy src=$files/copr/copr_bashrc dest=/home/copr/.bashrc owner=copr group=copr mode=600 + action: copy src="{{ files }}/copr/copr_bashrc" dest=/home/copr/.bashrc owner=copr group=copr mode=600 - name: auth_key so we can login to localhost as the copr user from the copr user action: authorized_key user=copr key="{{ item }}" with_file: - - ${files}/copr/provision/files/buildsys.pub + - "{{ files }}/copr/provision/files/buildsys.pub" - name: copy .boto file - action: copy src=$files/copr/boto dest=/home/copr/.boto owner=copr group=copr + action: copy src="{{ files }}/copr/boto" dest=/home/copr/.boto owner=copr group=copr # setup webserver - name: add config for copr-repo path - action: copy src=$files/copr/lighttpd/lighttpd.conf dest=/etc/lighttpd/lighttpd.conf owner=root group=root mode=0644 + action: copy src="{{ files }}/copr/lighttpd/lighttpd.conf" dest=/etc/lighttpd/lighttpd.conf owner=root group=root mode=0644 notify: - restart lighttpd # mime default to text/plain and enable dirlisting for indexes - name: update lighttpd configs - action: copy src=$files/copr/lighttpd/$item dest=/etc/lighttpd/conf.d/$item owner=root group=root mode=0644 + action: copy src="{{ files }}/copr/lighttpd/{{ item }}" dest="/etc/lighttpd/conf.d/{{ item }}" owner=root group=root mode=0644 with_items: - dirlisting.conf - mime.conf @@ -98,7 +98,7 @@ # setup dirs for the ansible execution off of provisioning - name: dirs from provision - action: file state=directory path=/home/copr/provision/$item owner=copr group=copr + action: file state=directory path="/home/copr/provision/{{ item }}" owner=copr group=copr with_items: - action_plugins - library @@ -108,13 +108,12 @@ - provision_config - name: put ansible.cfg for all this into /etc/ansible/ on the system - action: copy src=$files/copr/provision/ansible.cfg dest=/etc/ansible/ansible.cfg + action: copy src="{{ files }}/copr/provision/ansible.cfg" dest=/etc/ansible/ansible.cfg tags: - provision_config - - name: put some files into the provision subdir - action: copy src=$files/copr/provision/$item dest=/home/copr/provision/$item + action: copy src="{{ files }}/copr/provision/{{ item }}" dest="/home/copr/provision/{{ item }}" with_items: - inventory - builderpb.yml @@ -123,21 +122,21 @@ - provision_config - name: put files into the files subdir off of provisioning - action: copy src=$item dest=/home/copr/provision/files/ - with_fileglob: $files/copr/provision/files/* + action: copy src={{ item }} dest=/home/copr/provision/files/ + with_fileglob: "{{ files }}/copr/provision/files/*" tags: - provision_config # ansible lacks a recurse - so we need this until then - name: put files into the files/mock subdir off of provisioning - action: copy src=$item dest=/home/copr/provision/files/mock - with_fileglob: $files/copr/provision/files/mock/* + action: copy src={{ item }} dest=/home/copr/provision/files/mock + with_fileglob: "{{ files }}/copr/provision/files/mock/*" tags: - provision_config - name: copy copr-be.conf - action: copy src=$files/copr/copr-be.conf-dev dest=/etc/copr/copr-be.conf + action: copy src="{{ files }}/copr/copr-be.conf-dev" dest=/etc/copr/copr-be.conf handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml index 7b33587495..30d734c81e 100644 --- a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.142 @@ -18,16 +18,16 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" # Roles are run first, before tasks, regardless of where you place them here. roles: - /srv/web/infra/ansible/roles/fedmsg_base tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/iptables.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/iptables.yml" - name: prepare mount point action: file state=directory path=/var/lib/copr/public_html @@ -39,15 +39,15 @@ #- name: copy copr.repo # action: copy src=$files/copr/fe/yum/copr.repo dest=/etc/yum.repos.d/copr.repo - - Set the hostname + - name: set the hostname shell: hostname copr-be.cloud.fedoraproject.org - name: copy .forward file - action: copy src=$files/copr/forward dest=/root/.forward owner=root group=root + action: copy src="{{ files }}/copr/forward" dest=/root/.forward owner=root group=root # packages needed - name: add packages for copr-be - action: yum state=present name=$item + action: yum state=present name={{ item }} with_items: - copr-selinux - copr-backend @@ -57,7 +57,7 @@ - name: make copr dirs - file: state=directory path=$item + file: state=directory path={{ item }} with_items: - /var/lib/copr/jobs - /var/lib/copr/public_html/results @@ -66,44 +66,44 @@ action: command /usr/bin/umask 0000 chdir=/var/lib/copr/public_html/results - name: setup dirs there - action: file state=directory path=/home/copr/$item owner=copr group=copr mode=0700 + action: file state=directory path="/home/copr/{{ item }}" owner=copr group=copr mode=0700 with_items: - cloud - .ssh - name: add copr-buildsys keys to copr user path - action: copy src=$item dest=/home/copr/cloud/ owner=copr group=copr mode=0600 - with_fileglob: $private/files/openstack/copr-copr/* + action: copy src={{ item }} dest=/home/copr/cloud/ owner=copr group=copr mode=0600 + with_fileglob: "{{ private }}/files/openstack/copr-copr/*" - name: setup privkey for copr user - action: copy src=$private/files/copr/buildsys.priv dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600 + action: copy src="{{ private }}/files/copr/buildsys.priv" dest=/home/copr/.ssh/id_rsa owner=copr group=copr mode=600 - name: setup copr user ssh config file - action: copy src=$files/copr/ssh_config dest=/home/copr/.ssh/config owner=copr group=copr mode=600 + action: copy src="{{ files }}/copr/ssh_config" dest=/home/copr/.ssh/config owner=copr group=copr mode=600 - name: create empty known_hosts action: copy src=/dev/null dest=/home/copr/.ssh/known_hosts owner=copr group=copr mode=600 - name: replace bashrc for copr user - action: copy src=$files/copr/copr_bashrc dest=/home/copr/.bashrc owner=copr group=copr mode=600 + action: copy src="{{ files }}/copr/copr_bashrc" dest=/home/copr/.bashrc owner=copr group=copr mode=600 - name: auth_key so we can login to localhost as the copr user from the copr user action: authorized_key user=copr key="{{ item }}" with_file: - - ${files}/copr/provision/files/buildsys.pub + - "{{ files }}/copr/provision/files/buildsys.pub" - name: copy .boto file - action: copy src=$files/copr/boto dest=/home/copr/.boto owner=copr group=copr + action: copy src="{{ files }}/copr/boto" dest=/home/copr/.boto owner=copr group=copr # setup webserver - name: add config for copr-repo path - action: copy src=$files/copr/lighttpd/lighttpd.conf dest=/etc/lighttpd/lighttpd.conf owner=root group=root mode=0644 + action: copy src="{{ files }}/copr/lighttpd/lighttpd.conf" dest=/etc/lighttpd/lighttpd.conf owner=root group=root mode=0644 notify: - restart lighttpd # mime default to text/plain and enable dirlisting for indexes - name: update lighttpd configs - action: copy src=$files/copr/lighttpd/$item dest=/etc/lighttpd/conf.d/$item owner=root group=root mode=0644 + action: copy src="{{ files }}/copr/lighttpd/{{ item }}" dest="/etc/lighttpd/conf.d/{{ item }}" owner=root group=root mode=0644 with_items: - dirlisting.conf - mime.conf @@ -118,7 +118,7 @@ # setup dirs for the ansible execution off of provisioning - name: dirs from provision - action: file state=directory path=/home/copr/provision/$item owner=copr group=copr + action: file state=directory path="/home/copr/provision/{{ item }}" owner=copr group=copr with_items: - action_plugins - library @@ -128,13 +128,13 @@ - provision_config - name: put ansible.cfg for all this into /etc/ansible/ on the system - action: copy src=$files/copr/provision/ansible.cfg dest=/etc/ansible/ansible.cfg + action: copy src="{{ files }}/copr/provision/ansible.cfg" dest=/etc/ansible/ansible.cfg tags: - provision_config - name: put some files into the provision subdir - action: copy src=$files/copr/provision/$item dest=/home/copr/provision/$item + action: copy src="{{ files }}/copr/provision/{{ item }}" dest="/home/copr/provision/{{ item }}" with_items: - inventory - builderpb.yml @@ -143,20 +143,20 @@ - provision_config - name: put files into the files subdir off of provisioning - action: copy src=$item dest=/home/copr/provision/files/ - with_fileglob: $files/copr/provision/files/* + action: copy src={{ item }} dest=/home/copr/provision/files/ + with_fileglob: "{{ files }}/copr/provision/files/*" tags: - provision_config # ansible lacks a recurse - so we need this until then - name: put files into the files/mock subdir off of provisioning - action: copy src=$item dest=/home/copr/provision/files/mock - with_fileglob: $files/copr/provision/files/mock/* + action: copy src={{ item }} dest=/home/copr/provision/files/mock + with_fileglob: "{{ files }}/copr/provision/files/mock/*" tags: - provision_config - name: copy copr-be.conf - template: src=$files/copr/copr-be.conf dest=/etc/copr/copr-be.conf mode=640 + template: src="{{ files }}/copr/copr-be.conf" dest=/etc/copr/copr-be.conf mode=640 notify: - restart copr-backend tags: @@ -164,7 +164,7 @@ - name: fedmsg certs copy: > - src=$private/files/fedmsg-certs/keys/copr-copr-be.cloud.fedoraproject.org.crt + src="{{ private }}/files/fedmsg-certs/keys/copr-copr-be.cloud.fedoraproject.org.crt" dest=/etc/pki/fedmsg/ mode=644 owner=root @@ -172,7 +172,7 @@ - name: fedmsg keys copy: > - src=$private/files/fedmsg-certs/keys/copr-copr-be.cloud.fedoraproject.org.key + src="{{ private }}/files/fedmsg-certs/keys/copr-copr-be.cloud.fedoraproject.org.key" dest=/etc/pki/fedmsg/ mode=0640 owner=root @@ -180,11 +180,11 @@ # open up ports (22, 80, 443) - name: poke holes in the firewall - action: command lokkit $item + action: command lokkit {{ item }} with_items: - --service=ssh - --service=https - --service=http handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml index ab9cf66648..e28cb5e40b 100644 --- a/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/copr-fe-dev.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: copr-fe-dev.cloud.fedoraproject.org @@ -18,18 +18,18 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/iptables.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/iptables.yml" - name: copy copr.repo - action: copy src=$files/copr/fe/yum/copr.repo dest=/etc/yum.repos.d/copr.repo + action: copy src="{{ files }}/copr/fe/yum/copr.repo" dest=/etc/yum.repos.d/copr.repo - name: install copr-fe pkgs - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - copr-frontend - copr-selinux @@ -39,19 +39,19 @@ - packages - name: copy apache files to conf.d - action: copy src=$files/copr/fe/httpd/$item dest=/etc/httpd/conf.d/$item + action: copy src="{{ files }}/copr/fe/httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}" with_items: - coprs.conf - welcome.conf - name: copy pg_hba.conf - action: copy src=$files/copr/fe/pg/pg_hba.conf dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600 + action: copy src="{{ files }}/copr/fe/pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600 - name: enable services - action: service state=running enabled=yes name=$item + action: service state=running enabled=yes name={{ item }} with_items: - httpd - postgresql handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml index 4167200eb0..6baea10df3 100644 --- a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.144 @@ -18,14 +18,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" - name: mount up disk of copr fe action: mount name=/srv/copr-fe src='LABEL=copr-fe' fstype=ext4 state=mounted - - include: $tasks/iptables.yml + - include: "{{ tasks }}/iptables.yml" - name: mount up bind mount for postgres action: mount src=/srv/copr-fe/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted @@ -33,14 +33,14 @@ #- name: copy copr.repo # action: copy src=$files/copr/fe/yum/copr.repo dest=/etc/yum.repos.d/copr.repo - - Set the hostname + - name: set the hostname shell: hostname copr-fe.cloud.fedoraproject.org - name: copy .forward file - action: copy src=$files/copr/forward dest=/root/.forward owner=root group=root + action: copy src="{{ files }}/copr/forward" dest=/root/.forward owner=root group=root - name: install copr-fe pkgs - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - copr-frontend - copr-selinux @@ -51,35 +51,35 @@ - packages - name: install copr configs - template: src=$files/copr/copr.conf dest=/etc/copr/copr.conf mode=600 + template: src="{{ files }}/copr/copr.conf" dest=/etc/copr/copr.conf mode=600 notify: - restart httpd tags: - config - name: copy apache files to conf.d - action: copy src=$files/copr/fe/httpd/$item dest=/etc/httpd/conf.d/$item + action: copy src="{{ files }}/copr/fe/httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}" with_items: - coprs.conf - welcome.conf - name: copy pg_hba.conf - action: copy src=$files/copr/fe/pg/pg_hba.conf dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600 + action: copy src="{{ files }}/copr/fe/pg/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600 # open up ports (22, 80, 443) - name: poke holes in the firewall - action: command lokkit $item + action: command lokkit {{ item }} with_items: - --service=ssh - --service=https - --service=http - name: enable services - action: service state=running enabled=yes name=$item + action: service state=running enabled=yes name={{ item }} with_items: - httpd - postgresql - fail2ban handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/elections-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/elections-dev.cloud.fedoraproject.org.yml index 4b708ea087..077c8dbd7e 100644 --- a/playbooks/hosts/elections-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/elections-dev.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.162 @@ -18,18 +18,18 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" - name: mount up disk of persistent storage action: mount name=/srv/persist src='LABEL=elections' fstype=ext4 state=mounted # open up ports (22, 80, 443) - name: poke holes in the firewall - action: command lokkit $item + action: command lokkit {{ item }} with_items: - --service=ssh - --service=https @@ -37,7 +37,7 @@ # packages needed - name: add packages for repo - action: yum state=present name=$item + action: yum state=present name={{ item }} with_items: - rsync - openssh-clients @@ -53,4 +53,4 @@ action: service name=httpd state=started handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/fedocal.dev.fedoraproject.org.yml b/playbooks/hosts/fedocal.dev.fedoraproject.org.yml index bf414de3c0..5334be3dbf 100644 --- a/playbooks/hosts/fedocal.dev.fedoraproject.org.yml +++ b/playbooks/hosts/fedocal.dev.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.147 @@ -21,16 +21,16 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/postfix_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/postfix_basic.yml" # packages needed - name: add packages for repo - action: yum state=present name=$item + action: yum state=present name={{ item }} with_items: - euca2ools - rsync @@ -38,7 +38,7 @@ - system-config-firewall-base - name: install dependencies of fedocal - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - mod_wsgi - mod_ssl @@ -61,9 +61,9 @@ # open up tcp ports - name: poke holes in the firewall - action: command lokkit -p '${item}:tcp' - with_items: $tcp_ports + action: command lokkit -p '{{ item }}:tcp' + with_items: "{{ tcp_ports }}" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/hrf.cloud.fedoraproject.org.yml b/playbooks/hosts/hrf.cloud.fedoraproject.org.yml index 6dc504b4c9..efa32a22a4 100644 --- a/playbooks/hosts/hrf.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/hrf.cloud.fedoraproject.org.yml @@ -5,10 +5,10 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" - name: provision instance hosts: hrf.cloud.fedoraproject.org @@ -17,14 +17,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: deploy hrf hosts: hrf.cloud.fedoraproject.org @@ -33,12 +33,12 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - name: install deps - yum: state=present name=$item + yum: state=present name={{ item }} with_items: - httpd - python-flask diff --git a/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml index c58d720ea0..979408c3cd 100644 --- a/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/lists-dev.cloud.fedoraproject.org.yml @@ -5,10 +5,10 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" - name: provisions basics onto system/setup paths hosts: lists-dev.cloud.fedoraproject.org @@ -17,14 +17,14 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" vars: - mailman_vardir: /srv/persist/mailman tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/postfix_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/postfix_basic.yml" - name: mount up disk of persistent storage action: mount name=/srv/persist src='LABEL=lists-dev' fstype=ext4 state=mounted @@ -43,7 +43,7 @@ dest=/etc/yum.repos.d/fedora-hyperkitty.repo mode=0444 - name: install packages - yum: state=installed name=$item + yum: state=installed name={{ item }} with_items: - httpd - mod_ssl @@ -72,7 +72,7 @@ command: /usr/bin/postgresql-setup initdb creates=/var/lib/pgsql/data/postgresql.conf - name: copy pg_hba.conf - copy: src=$files/lists-dev/pg_hba.conf dest=/var/lib/pgsql/data/pg_hba.conf + copy: src="{{ files }}/lists-dev/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf notify: - restart postgresql - name: start postgresql @@ -80,7 +80,7 @@ # open up ports (22, 80, 443, 25) - name: poke holes in the firewall - command: lokkit $item + command: lokkit {{ item }} with_items: - --service=ssh - --service=https @@ -89,12 +89,12 @@ # packages needed to be gone - name: erase packages - action: yum state=absent name=$item + action: yum state=absent name={{ item }} with_items: - cronie-anacron handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" @@ -105,23 +105,23 @@ sudo_user: postgres vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" vars: - mailman_vardir: /srv/persist/mailman tasks: - name: mailman DB user - postgresql_user: name=mailman password=$lists_dev_mm_db_pass + postgresql_user: name=mailman password={{ lists_dev_mm_db_pass }} - name: hyperkitty DB user - postgresql_user: name=hyperkitty password=$lists_dev_hk_db_pass + postgresql_user: name=hyperkitty password={{ lists_dev_hk_db_pass }} - name: kittystore DB user - postgresql_user: name=kittystore password=$lists_dev_ks_db_pass + postgresql_user: name=kittystore password={{ lists_dev_ks_db_pass }} - name: postorius DB user - postgresql_user: name=postorius password=$lists_dev_ps_db_pass + postgresql_user: name=postorius password={{ lists_dev_ps_db_pass }} - name: databases creation - postgresql_db: name=$item owner=$item encoding=UTF-8 + postgresql_db: name={{ item }} owner={{ item }} encoding=UTF-8 with_items: - mailman - hyperkitty @@ -133,8 +133,8 @@ gather_facts: no vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" vars: - mailman_vardir: /srv/persist/mailman @@ -147,12 +147,12 @@ - restart mailman - name: set the mailman conffile - template: src=$files/lists-dev/mailman.cfg.j2 dest=/etc/mailman.cfg + template: src="{{ files }}/lists-dev/mailman.cfg.j2" dest=/etc/mailman.cfg notify: - restart mailman - name: install kittystore and hyperkitty - yum: state=installed name=$item + yum: state=installed name={{ item }} with_items: - kittystore - hyperkitty @@ -169,13 +169,13 @@ file: path=/var/log/hyperkitty/hyperkitty.log state=file owner=root group=apache mode=664 - name: hyperkitty logging -- rotation - copy: src=$files/lists-dev/hyperkitty.logrotate.conf + copy: src="{{ files }}/lists-dev/hyperkitty.logrotate.conf" dest=/etc/logrotate.d/hyperkitty # settings / conf - name: install the hyperkitty/postorius settings file - template: src=$files/lists-dev/$item.settings_local.py.j2 - dest=/etc/$item/sites/default/settings_local.py + template: src="{{ files }}/lists-dev/{{ item.settings_local.py.j2 }}" + dest="/etc/{{ item }}/sites/default/settings_local.py" owner=root group=apache mode=0640 with_items: - hyperkitty @@ -185,8 +185,8 @@ - restart mailman - name: install the hyperkitty/postorius urls file - copy: src=$files/lists-dev/$item.urls.py - dest=/etc/$item/sites/default/urls.py + copy: src="files/lists-dev/{{ item }}.urls.py" + dest="/etc/{{ item }}/sites/default/urls.py" owner=root group=root mode=0644 with_items: - hyperkitty @@ -196,8 +196,8 @@ - restart mailman - name: install the hyperkitty/postorius httpd conf file - copy: src=$files/lists-dev/$item.apache.conf - dest=/etc/httpd/conf.d/$item.conf + copy: src="{{ files }}/lists-dev/{{ item }}.apache.conf" + dest="/etc/httpd/conf.d/{{ item }}.conf" with_items: - hyperkitty - postorius @@ -205,22 +205,22 @@ - reload apache - name: set the hyperkitty conffile in mailman - copy: src=$files/lists-dev/hyperkitty.cfg dest=/etc/mailman.d/hyperkitty.cfg + copy: src="{{ files }}/lists-dev/hyperkitty.cfg" dest=/etc/mailman.d/hyperkitty.cfg notify: - restart mailman - name: set the postfix conffile - template: src=$files/lists-dev/postfix-main.cf.j2 dest=/etc/postfix/main.cf + template: src="{{ files }}/lists-dev/postfix-main.cf.j2" dest=/etc/postfix/main.cf notify: - restart postfix - name: set the mail aliases - copy: src=$files/lists-dev/aliases dest=/etc/aliases + copy: src="{{ files }}/lists-dev/aliases" dest=/etc/aliases notify: - reload aliases - name: easy access to the postgresql databases - template: src=$files/lists-dev/pgpass.j2 dest=/root/.pgpass + template: src="{{ files }}/lists-dev/pgpass.j2" dest=/root/.pgpass owner=root group=root mode=0600 @@ -231,17 +231,17 @@ # so no matter when it is run the right thing happens - name: run django syncdb - command: /usr/bin/django-admin syncdb --pythonpath=/etc/$item/sites/default --settings=settings + command: /usr/bin/django-admin syncdb --pythonpath="/etc/{{ item }}/sites/default" --settings=settings with_items: - hyperkitty - postorius - name: run django migrate command: /usr/bin/django-admin migrate --pythonpath=/etc/hyperkitty/sites/default --settings=settings hyperkitty - name: kittystore schema update - command: /usr/bin/kittystore-updatedb -s postgres://kittystore:${lists_dev_ks_db_pass}@localhost/kittystore + command: /usr/bin/kittystore-updatedb -s postgres://kittystore:{{ lists_dev_ks_db_pass }}@localhost/kittystore - name: copy the initial user fixture - copy: src=$files/lists-dev/postorius.initial-user.json + copy: src="{{ files }}/lists-dev/postorius.initial-user.json" dest=/etc/postorius/sites/default/initial-user.json owner=root group=apache mode=0640 @@ -249,11 +249,11 @@ command: /usr/bin/django-admin loaddata --pythonpath=/etc/postorius/sites/default --settings=settings /etc/postorius/sites/default/initial-user.json - name: html index - copy: src=$files/lists-dev/index.html dest=/var/www/html/index.html + copy: src="{{ files }}/lists-dev/index.html" dest=/var/www/html/index.html # Start services - name: start services - service: state=started enabled=yes name=$item + service: state=started enabled=yes name={{ item }} with_items: - httpd - postgresql @@ -262,6 +262,6 @@ handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" - name: reload aliases command: newaliases diff --git a/playbooks/hosts/logstash-dev.cloud.fedoraproject.org.yml b/playbooks/hosts/logstash-dev.cloud.fedoraproject.org.yml index 9d25547650..233f7727a4 100644 --- a/playbooks/hosts/logstash-dev.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/logstash-dev.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.146 @@ -18,15 +18,15 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" # packages needed - name: add packages for repo - action: yum state=present name=$item + action: yum state=present name={{ item }} with_items: - rsync - openssh-clients @@ -41,4 +41,4 @@ - mount_disk handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/hosts/shogun-ca.cloud.fedoraproject.org.yml b/playbooks/hosts/shogun-ca.cloud.fedoraproject.org.yml index a237af1f32..be337fb370 100644 --- a/playbooks/hosts/shogun-ca.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/shogun-ca.cloud.fedoraproject.org.yml @@ -5,11 +5,11 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml + - "{{ private }}/vars.yml" tasks: - - include: $tasks/persistent_cloud.yml - - include: $tasks/growroot_cloud.yml + - include: "{{ tasks }}/persistent_cloud.yml" + - include: "{{ tasks }}/growroot_cloud.yml" - name: provision instance hosts: 209.132.184.157 @@ -18,12 +18,12 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/cloud_setup_basic.yml - - include: $tasks/postfix_basic.yml + - include: "{{ tasks }}/cloud_setup_basic.yml" + - include: "{{ tasks }}/postfix_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/rdiff-backup.yml b/playbooks/rdiff-backup.yml index eecdfbf787..d896a0ed63 100644 --- a/playbooks/rdiff-backup.yml +++ b/playbooks/rdiff-backup.yml @@ -20,11 +20,11 @@ tasks: - name: run rdiff-backup hitting all the global targets - local_action: "shell rdiff-backup --create-full-path --print-statistics ${inventory_hostname}::${item} /fedora_backups/${inventory_hostname}/`basename ${item}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: ${inventory_hostname}:${item}' sysadmin-backup-members@fedoraproject.org" - with_items: $global_backup_targets + local_action: "shell rdiff-backup --create-full-path --print-statistics {{ inventory_hostname }}::{{ item }} /fedora_backups/{{ inventory_hostname }}/`basename {{ item }}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: {{ inventory_hostname }}:{{ item }}' sysadmin-backup-members@fedoraproject.org" + with_items: global_backup_targets when: global_backup_targets is defined - name: run rdiff-backup hitting all the host targets - local_action: "shell rdiff-backup --exclude='**.snapshot' --create-full-path --print-statistics ${inventory_hostname}::${item} /fedora_backups/${inventory_hostname}/`basename ${item}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: ${inventory_hostname}:${item}' sysadmin-backup-members@fedoraproject.org" - with_items: $host_backup_targets + local_action: "shell rdiff-backup --exclude='**.snapshot' --create-full-path --print-statistics {{ inventory_hostname }}::{{ item }} /fedora_backups/{{ inventory_hostname }}/`basename {{ item }}` | mail -r sysadmin-backup-members@fedoraproject.org -s 'rdiff-backup: {{ inventory_hostname }}:{{ item }}' sysadmin-backup-members@fedoraproject.org" + with_items: host_backup_targets when: host_backup_targets is defined diff --git a/playbooks/rkhunter_update.yml b/playbooks/rkhunter_update.yml index c69ea645e6..eb59fb609c 100644 --- a/playbooks/rkhunter_update.yml +++ b/playbooks/rkhunter_update.yml @@ -1,15 +1,15 @@ # requires --extra-vars="target='host1;host2;group etc' yumcommand=update'" - name: update all run rkhunter if installed - hosts: $target + hosts: "{{ target }}" user: root tasks: - name: expire-caches command: yum clean expire-cache - - name: yum -y ${yumcommand} - command: yum -y ${yumcommand} + - name: yum -y {{ yumcommand }} + command: yum -y {{ yumcommand }} async: 7200 poll: 15 diff --git a/playbooks/set_root_auth_keys.yml b/playbooks/set_root_auth_keys.yml index d3ab519f90..1004d99179 100644 --- a/playbooks/set_root_auth_keys.yml +++ b/playbooks/set_root_auth_keys.yml @@ -1,13 +1,13 @@ # optionally can take --extra-vars="hostbase=hostnamebase root_auth_users='user1 user2 user3'" - name: set auth keys - hosts: $target + hosts: "{{ target }}" user: root gather_facts: False vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" vars: - root_auth_users: '' @@ -15,6 +15,6 @@ - name: add root keys for sysadmin-main and other allowed users action: authorized_key user=root key="{{ item }}" with_pipe: - - "${auth_keys_from_fas} @sysadmin-main ${root_auth_users}" + - "{{ auth_keys_from_fas }} @sysadmin-main {{ root_auth_users }}" diff --git a/playbooks/sign_and_import.yml b/playbooks/sign_and_import.yml index c7611932b6..40d4fd2c35 100644 --- a/playbooks/sign_and_import.yml +++ b/playbooks/sign_and_import.yml @@ -27,10 +27,10 @@ # TODO -- I'd also like to fail if there are no *.rpm files in there. - name: sign all the rpms with our gpg key - shell: /bin/rpm --resign ${rpmdir}/*.rpm + shell: /bin/rpm --resign "{{ rpmdir }}/*.rpm" - name: make a directory where we store the rpms afterwards - file: path=${rpmdir}-old state=directory + file: path={{ rpmdir }}-old state=directory diff --git a/playbooks/transient_post_provision.yml b/playbooks/transient_post_provision.yml index eeaf954dc3..b0395d1915 100644 --- a/playbooks/transient_post_provision.yml +++ b/playbooks/transient_post_provision.yml @@ -5,7 +5,7 @@ tasks: - name: add it to the special group - local_action: add_host hostname=$target groupname=tmp_just_created + local_action: add_host hostname={{ target }} groupname=tmp_just_created - name: provision instance hosts: tmp_just_created @@ -14,12 +14,12 @@ vars_files: - /srv/web/infra/ansible/vars/global.yml - - ${private}/vars.yml - - ${vars}/${ansible_distribution}.yml + - "{{ private }}/vars.yml" + - "{{ vars }}/{{ ansible_distribution }}.yml" tasks: - - include: $tasks/growroot_cloud.yml - - include: $tasks/cloud_setup_basic.yml + - include: "{{ tasks }}/growroot_cloud.yml" + - include: "{{ tasks }}/cloud_setup_basic.yml" handlers: - - include: $handlers/restart_services.yml + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/update_packages.yml b/playbooks/update_packages.yml index dc0619e721..a7c2673b31 100644 --- a/playbooks/update_packages.yml +++ b/playbooks/update_packages.yml @@ -6,7 +6,7 @@ # TODO -- how do make it easy to select the infra-testing repo? - name: push packages out - hosts: $target + hosts: "{{ target }}" user: root tasks: @@ -14,5 +14,5 @@ - name: expire-caches command: yum clean expire-cache - - name: yum update ${package} - yum: name=${package} state=latest + - name: yum update {{ package }} + yum: name={{ package }} state=latest diff --git a/playbooks/vhost_halt_guests.yml b/playbooks/vhost_halt_guests.yml index b00d2134de..d888b6d8c9 100644 --- a/playbooks/vhost_halt_guests.yml +++ b/playbooks/vhost_halt_guests.yml @@ -20,7 +20,7 @@ - name: find instances - hosts: $vhost + hosts: "{{ vhost }}" user: root tasks: @@ -29,8 +29,8 @@ register: vmlist - name: add them to myvms_new group - local_action: add_host hostname=$item groupname=myvms_new - with_items: ${vmlist.list_vms} + local_action: add_host hostname={{ item }} groupname=myvms_new + with_items: "{{ vmlist.list_vms }}" - name: halt instances @@ -40,7 +40,7 @@ tasks: - name: tell nagios to shush - action: nagios action=silence host=${inventory_hostname_short} + action: nagios action=silence host={{ inventory_hostname_short }} delegate_to: noc01.phx2.fedoraproject.org - name: echo-y @@ -49,4 +49,4 @@ # if one of them is down we don't care - name: wait for them to die - local_action: wait_for port=22 delay=30 timeout=300 state=stopped host=${inventory_hostname} + local_action: wait_for port=22 delay=30 timeout=300 state=stopped host={{ inventory_hostname }} diff --git a/roles/badges-backend/tasks/main.yml b/roles/badges-backend/tasks/main.yml index fd1d44b93b..174aec072e 100644 --- a/roles/badges-backend/tasks/main.yml +++ b/roles/badges-backend/tasks/main.yml @@ -2,7 +2,7 @@ # Configuration for the fedbadges consumer - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - python-fedbadges - python-psycopg2 @@ -12,7 +12,7 @@ - name: copy database configuration template: > - src=$item dest=/etc/fedmsg.d/$item + src={{ item }} dest="/etc/fedmsg.d/{{ item }}" owner=fedmsg group=fedmsg mode=0600 with_items: - datanommer.py @@ -45,7 +45,7 @@ - name: copy over all our badge definitions copy: > - src=$item + src={{ item }} dest=/usr/share/badges/rules/ owner=fedmsg group=fedmsg mode=0644 with_fileglob: @@ -71,7 +71,7 @@ - name: ensure badges cron directories exist file: > state=directory - path=$item + path={{ item }} mode=755 owner=root when: env != "staging" @@ -84,8 +84,8 @@ - name: oldschool badge award scripts copy: > - src=cron/$item - dest=/usr/share/badges/cronjobs/$item + src="cron/{{ item }}" + dest="/usr/share/badges/cronjobs/{{ item }}" owner=fedmsg mode=744 when: env != "staging" @@ -100,8 +100,8 @@ - name: oldschool badge award cronjobs copy: > - src=cron/$item.cron - dest=/etc/cron.d/$item + src="cron/{{ item }}.cron" + dest="/etc/cron.d/{{ item }}" owner=root mode=644 when: env != "staging" @@ -135,8 +135,8 @@ - name: copy over the badge-admin one-off scripts copy: > - src=$item - dest=/usr/local/bin/$item + src={{ item }} + dest="/usr/local/bin/{{ item }}" owner=root group=sysadmin-badges mode=750 diff --git a/roles/badges-frontend/tasks/main.yml b/roles/badges-frontend/tasks/main.yml index bdc7290257..f1e312eb6d 100644 --- a/roles/badges-frontend/tasks/main.yml +++ b/roles/badges-frontend/tasks/main.yml @@ -2,7 +2,7 @@ # Configuration for the tahrir webapp - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - python-tahrir - python-psycopg2 @@ -15,7 +15,7 @@ - name: copy tahrir app configuration template: > - src=$item dest=/etc/tahrir/$item + src={{ item }} dest="/etc/tahrir/{{ item }}" owner=tahrir group=tahrir mode=0600 with_items: - tahrir.ini @@ -26,7 +26,7 @@ - name: copy tahrir wsgi script copy: > - src=$item dest=/usr/share/tahrir/$item + src={{ item }} dest="/usr/share/tahrir/{{ item }}" owner=apache group=apache mode=0644 with_items: - tahrir.wsgi @@ -37,7 +37,7 @@ - name: copy tahrir httpd config copy: > - src=$item dest=/etc/httpd/conf.d/$item + src={{ item }} dest="/etc/httpd/conf.d/{{ item }}" owner=apache group=apache mode=0644 with_items: - tahrir.conf @@ -67,7 +67,7 @@ - name: copy over all our .rst site docs copy: > - src=$item + src={{ item }} dest=/usr/share/badges/sitedocs owner=root group=root mode=0644 with_fileglob: @@ -86,7 +86,7 @@ - name: copy over all our badge images copy: > - src=$item + src={{ item }} dest=/usr/share/badges/pngs/ owner=root group=root mode=0644 with_fileglob: diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index 08351a2ea6..9693700fdb 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -13,7 +13,7 @@ - name: sshd_config copy: src={{ item }} dest=/etc/ssh/sshd_config mode=600 first_available_file: - - ${sshd_config} + - "{{ sshd_config }}" - ssh/sshd_config.{{ ansible_fqdn }} - ssh/sshd_config.{{ host_group }} - ssh/sshd_config.{{ dist_tag }} @@ -73,7 +73,7 @@ - name: iptables template: src={{ item }} dest=/etc/sysconfig/iptables mode=600 backup=yes first_available_file: - - $iptables + - "{{ iptables }}" - iptables/iptables.{{ ansible_fqdn }} - iptables/iptables.{{ host_group }} - iptables/iptables.{{ env }} @@ -88,7 +88,7 @@ - name: /etc/resolv.conf copy: src={{ item }} dest=/etc/resolv.conf first_available_file: - - ${resolvconf} + - "{{ resolvconf }}" - resolv.conf/{{ ansible_fqdn }} - resolv.conf/{{ host_group }} - resolv.conf/{{ datacenter }} @@ -100,7 +100,7 @@ - name: rsyslog.conf copy: src={{ item }} dest=/etc/rsyslog.conf mode=644 first_available_file: - - $rsyslogconf + - "{{ rsyslogconf }}" - rsyslog/rsyslog.conf.{{ ansible_fqdn }} - rsyslog/rsyslog.conf.{{ host_group }} - rsyslog/rsyslog.conf.{{ datacenter }} @@ -115,7 +115,7 @@ - name: /etc/postfix/main.cf copy: src={{ item }} dest=/etc/postfix/main.cf first_available_file: - - $postfix_maincf + - "{{ postfix_maincf }}" - postfix/main.cf.{{ ansible_fqdn }} - postfix/main.cf.{{ host_group }} - postfix/main.cf.{{ postfix_group }} @@ -137,7 +137,7 @@ # - name: Install common scripts - copy: src=$item dest=/usr/local/bin/ owner=root group=root mode=0755 + copy: src={{ item }} dest=/usr/local/bin/ owner=root group=root mode=0755 with_fileglob: common-scripts/* tags: - config diff --git a/roles/fas_client/tasks/main.yml b/roles/fas_client/tasks/main.yml index a0cc00f0bb..a6db87dc26 100644 --- a/roles/fas_client/tasks/main.yml +++ b/roles/fas_client/tasks/main.yml @@ -9,7 +9,7 @@ # nss_db is needed to store user/group info. # - name: install package needed for fas-client - yum: state=installed name=$item + yum: state=installed name={{ item }} with_items: - fas-clients - cronie @@ -18,7 +18,7 @@ - name: hotfix - python-fedora proxyclient.py copy: > - src=$files/hotfix/python-fedora/proxyclient.py + src="{{ files }}/hotfix/python-fedora/proxyclient.py" dest=/usr/lib/python2.6/site-packages/fedora/client/proxyclient.py owner=root mode=644 when: is_rhel == 'True' @@ -54,11 +54,11 @@ # Currently the default template is used, but could be modified on a host basis. # - name: setup /etc/fas.conf for client use - template: src=$item dest=/etc/fas.conf owner=root mode=600 + template: src={{ item }} dest=/etc/fas.conf owner=root mode=600 first_available_file: - - ${ansible_fqdn}.fas.conf.j2 - - ${ansible_hostname}.fas.conf.j2 - - ${ansible_hostname}.fas.conf.j2 + - "{{ ansible_fqdn }}.fas.conf.j2" + - "{{ ansible_hostname }}.fas.conf.j2" + - "{{ ansible_hostname }}.fas.conf.j2" - fas.conf.j2 tags: - config diff --git a/roles/fedmsg-hub/tasks/main.yml b/roles/fedmsg-hub/tasks/main.yml index 558297cb55..975ae2af41 100644 --- a/roles/fedmsg-hub/tasks/main.yml +++ b/roles/fedmsg-hub/tasks/main.yml @@ -2,7 +2,7 @@ # Setup a fedmsg-hub - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - fedmsg-hub tags: diff --git a/roles/fedmsg_base/tasks/main.yml b/roles/fedmsg_base/tasks/main.yml index dfb9e1c3ff..e2ed27177f 100644 --- a/roles/fedmsg_base/tasks/main.yml +++ b/roles/fedmsg_base/tasks/main.yml @@ -3,7 +3,7 @@ # This is the base set of files needed for fedmsg - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - fedmsg tags: @@ -15,7 +15,7 @@ - config - name: setup basic /etc/fedmsg.d/ contents - template: src=$item.j2 dest=/etc/fedmsg.d/$item owner=root group=root mode=644 + template: src="{{ item }}.j2" dest="/etc/fedmsg.d/{{ item }}" owner=root group=root mode=644 with_items: - ssl.py - endpoints.py @@ -36,7 +36,7 @@ - name: install fedmsg ca.cert copy: > - src=$puppet_private/fedmsg-certs/keys/ca.crt + src="{{ puppet_private }}/fedmsg-certs/keys/ca.crt" dest=/etc/pki/fedmsg/ca.crt owner=root group=root @@ -46,24 +46,24 @@ - name: fedmsg certs copy: > - src=$private/files/fedmsg-certs/keys/{{item['service']}}-{{ansible_fqdn}}.crt + src="{{ private }}/files/fedmsg-certs/keys/{{item['service']}}-{{ansible_fqdn}}.crt" dest=/etc/pki/fedmsg/ mode=644 owner={{item['owner']}} group={{item['group']}} - with_items: ${fedmsg_certs} + with_items: "{{ fedmsg_certs }}" when: fedmsg_certs != [] tags: - config - name: fedmsg keys copy: > - src=$private/files/fedmsg-certs/keys/{{item['service']}}-{{ansible_fqdn}}.key + src="{{ private }}/files/fedmsg-certs/keys/{{item['service']}}-{{ansible_fqdn}}.key" dest=/etc/pki/fedmsg/ mode=0640 owner={{item['owner']}} group={{item['group']}} - with_items: ${fedmsg_certs} + with_items: "{{ fedmsg_certs }}" when: fedmsg_certs != [] tags: - config diff --git a/roles/fedocal/tasks/main.yml b/roles/fedocal/tasks/main.yml index 5152ddcdc5..bc65b34c84 100644 --- a/roles/fedocal/tasks/main.yml +++ b/roles/fedocal/tasks/main.yml @@ -7,7 +7,7 @@ - packages - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - fedocal - python-psycopg2 diff --git a/roles/gallery/tasks/main.yml b/roles/gallery/tasks/main.yml index c61401cd40..e5cf9cea1c 100644 --- a/roles/gallery/tasks/main.yml +++ b/roles/gallery/tasks/main.yml @@ -7,7 +7,7 @@ - packages - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - gallery3 - gallery3-openid diff --git a/roles/geoip/tasks/main.yml b/roles/geoip/tasks/main.yml index da72a52b66..3cde271237 100644 --- a/roles/geoip/tasks/main.yml +++ b/roles/geoip/tasks/main.yml @@ -6,8 +6,8 @@ - packages - name: push over the geoip db once - copy: src=$item dest=/usr/share/GeoIP/ - with_fileglob: $bigfiles/geoip/*.dat + copy: src={{ item }} dest=/usr/share/GeoIP/ + with_fileglob: "{{ bigfiles }}/geoip/*.dat" - name: geoip syncing script via cron copy: src=geoip_sync dest=/etc/cron.d/geoip_sync mode=0644 diff --git a/roles/iscsi_client/tasks/main.yml b/roles/iscsi_client/tasks/main.yml index 5e20605ce9..30c5644d72 100644 --- a/roles/iscsi_client/tasks/main.yml +++ b/roles/iscsi_client/tasks/main.yml @@ -2,10 +2,9 @@ # # This task sets up iscsid and mpathd on a machine. # - # - name: install packages needed for iscsi_client - yum: state=installed name=$item + yum: state=installed name={{ item }} with_items: - iscsi-initiator-utils - device-mapper-multipath diff --git a/roles/koji_db/tasks/main.yml b/roles/koji_db/tasks/main.yml index fd217b00de..6606ee586f 100644 --- a/roles/koji_db/tasks/main.yml +++ b/roles/koji_db/tasks/main.yml @@ -6,7 +6,7 @@ # create a koji db user to own the db with the kojidatabasepassword from private # - name: koji db user - postgresql_user: name=koji password=$aarch64kojidatabasepassword + postgresql_user: name=koji password={{ aarch64kojidatabasepassword }} tags: - db when: is_kojidb == "True" diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml index 2f59763cad..26366f6d2f 100644 --- a/roles/koji_hub/tasks/main.yml +++ b/roles/koji_hub/tasks/main.yml @@ -3,7 +3,7 @@ # Setup koji hub server. # - name: install koji hub server packages - yum: name=$item state=installed + yum: name={{ item }} state=installed with_items: - koji-hub - koji-web diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml index dc93017ec5..18f121e8a8 100644 --- a/roles/mailman/tasks/main.yml +++ b/roles/mailman/tasks/main.yml @@ -35,7 +35,7 @@ # Packages # - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - mailman3 - mailman3-selinux @@ -93,11 +93,11 @@ # - name: create the configuration directory - file: path=${mailman_webui_confdir} state=directory + file: path={{ mailman_webui_confdir }} state=directory - name: install the hyperkitty settings file template: src=settings.py.j2 - dest=${mailman_webui_confdir}/settings.py + dest="{{ mailman_webui_confdir }}/settings.py" owner=root group=apache mode=0640 tags: - config @@ -107,14 +107,14 @@ - name: install the hyperkitty settings admin file template: src=settings_admin.py.j2 - dest=${mailman_webui_confdir}/settings_admin.py + dest="{{ mailman_webui_confdir }}/settings_admin.py" owner=root group=root mode=0600 tags: - config - name: install the hyperkitty urls file copy: src=urls.py - dest=${mailman_webui_confdir}/urls.py + dest="{{ mailman_webui_confdir }}/urls.py" owner=root group=root mode=0644 tags: - config @@ -124,7 +124,7 @@ - name: install the hyperkitty wsgi file copy: src=webui.wsgi - dest=${mailman_webui_confdir}/webui.wsgi + dest="{{ mailman_webui_confdir }/webui.wsgi" owner=root group=root mode=0644 tags: - config @@ -133,7 +133,7 @@ - name: install the hyperkitty/postorius dummy httpd conf file template: src=apache-dummy.conf.j2 - dest=/etc/httpd/conf.d/$item.conf + dest=/etc/httpd/conf.d/{{ item }}.conf with_items: - hyperkitty - postorius @@ -151,15 +151,15 @@ - reload apache - name: copy the manage.py script - command: /bin/cp /etc/hyperkitty/sites/default/manage.py ${mailman_webui_confdir}/manage.py - creates=${mailman_webui_confdir}/manage.py + command: /bin/cp /etc/hyperkitty/sites/default/manage.py "{{ mailman_webui_confdir }}/manage.py" + creates="{{ mailman_webui_confdir }}/manage.py" - name: create the kittystore plain text index dir - file: path=${mailman_webui_basedir}/kittystore_search_index + file: path="{{ mailman_webui_basedir }}/kittystore_search_index" state=directory owner=mailman group=mailman mode=0755 - name: create the hyperkitty static files dir - file: path=${mailman_webui_basedir}/static + file: path="{{ mailman_webui_basedir }}/static" state=directory owner=root group=root mode=0755 - name: install the kittystore cache cronjob @@ -172,14 +172,14 @@ # - name: copy the mailman-hyperkitty conffile template: src=mailman-hyperkitty.cfg.j2 - dest=${mailman_webui_confdir}/mailman-hyperkitty.cfg + dest="{{ mailman_webui_confdir }}/mailman-hyperkitty.cfg" tags: - config notify: - restart mailman3 - name: symlink the hyperkitty conffile in mailman directory - file: src=${mailman_webui_confdir}/mailman-hyperkitty.cfg + file: src="{{ mailman_webui_confdir }}/mailman-hyperkitty.cfg" dest=/etc/mailman3.d/hyperkitty.cfg state=link tags: - config @@ -196,7 +196,7 @@ owner=root group=root mode=0644 - name: create the scripts dir - file: path=${mailman_webui_basedir}/bin + file: path="{{ mailman_webui_basedir }}/bin" state=directory owner=root group=root mode=0755 - name: install the migration environment @@ -205,7 +205,7 @@ owner=root group=root mode=0644 - name: install the scripts - copy: src=${item} dest=${mailman_webui_basedir}/bin/${item} + copy: src={{ item }} dest="{{ mailman_webui_basedir }}/bin/{{ item }}" owner=root group=root mode=0755 with_items: - yamlget @@ -224,7 +224,7 @@ template: src=post-transaction.action.j2 dest=/etc/yum/post-actions/hyperkitty.action - name: run the post-update script - command: ${mailman_webui_basedir}/bin/post-update.sh + command: "{{ mailman_webui_basedir }}/bin/post-update.sh" # Postfix diff --git a/roles/mirrorlist/tasks/main.yml b/roles/mirrorlist/tasks/main.yml index 6fb68afdb7..61946dcc4c 100644 --- a/roles/mirrorlist/tasks/main.yml +++ b/roles/mirrorlist/tasks/main.yml @@ -5,7 +5,7 @@ user: name=mirrormanager uid=441 state=present home=/home/mirrormanager createhome=yes - name: install supervisor and mirrormanager - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - supervisor - mirrormanager diff --git a/roles/nagios_client/tasks/main.yml b/roles/nagios_client/tasks/main.yml index bf045b0179..da18f8bc5d 100644 --- a/roles/nagios_client/tasks/main.yml +++ b/roles/nagios_client/tasks/main.yml @@ -3,7 +3,7 @@ --- # install pkgs: - name: install nagios client pkgs - yum: name=$item state=installed + yum: name={{ item }} state=installed with_items: - nrpe - nagios-plugins @@ -18,7 +18,7 @@ - packages - name: install local nrpe check scripts that are not packaged - copy: src=scripts/$item dest={{ libdir }}/nagios/plugins/$item mode=0755 owner=nagios group=nagios + copy: src="scripts/{{ item }}" dest="{{ libdir }}/nagios/plugins/{{ item }}" mode=0755 owner=nagios group=nagios with_items: - check_postfix_queue - check_raid.py diff --git a/roles/notifs-backend/tasks/main.yml b/roles/notifs-backend/tasks/main.yml index 202e54740c..594321e268 100644 --- a/roles/notifs-backend/tasks/main.yml +++ b/roles/notifs-backend/tasks/main.yml @@ -2,7 +2,7 @@ # Configuration for the notifications consumer - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - python-fmn-consumer - python-psycopg2 @@ -10,7 +10,7 @@ - name: copy database configuration template: > - src=$item dest=/etc/fedmsg.d/$item + src={{ item }} dest=/etc/fedmsg.d/{{ item }} owner=fedmsg group=fedmsg mode=0600 with_items: - fmn.consumer.py diff --git a/roles/notifs-frontend/tasks/main.yml b/roles/notifs-frontend/tasks/main.yml index 56f9c643f8..ef16ea38be 100644 --- a/roles/notifs-frontend/tasks/main.yml +++ b/roles/notifs-frontend/tasks/main.yml @@ -42,7 +42,7 @@ state=directory - name: copy live docs - copy: src=$item dest=/usr/lib/python2.6/site-packages/fmn/web/docs + copy: src={{ item }} dest=/usr/lib/python2.6/site-packages/fmn/web/docs with_fileglob: fedora-sitedocs/*.rst - name: apply selinux type to static files diff --git a/roles/nuancier/tasks/main.yml b/roles/nuancier/tasks/main.yml index 60cbd53455..2f434f1d2f 100644 --- a/roles/nuancier/tasks/main.yml +++ b/roles/nuancier/tasks/main.yml @@ -7,7 +7,7 @@ - packages - name: install needed packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - nuancier-lite - python-psycopg2 @@ -20,7 +20,7 @@ - name: copy sundry nuancier configuration template: src={{ item.file }} - dest={{ item.location }}/{{ item.dest }} + dest="{{ item.location }}/{{ item.dest }}" owner=apache group=apache mode=0600 with_items: - { file: nuancier_admin.cfg, location: /etc/nuancier, dest: nuancier-lite.cfg } @@ -49,7 +49,7 @@ - name: replace the nuancier configuration file by the one with the normal user template: src={{ item.file }} - dest={{ item.location }}/{{ item.file }} + dest="{{ item.location }}/{{ item.file }}" owner=apache group=apache mode=0600 with_items: - { file: nuancier-lite.cfg, location: /etc/nuancier } @@ -79,7 +79,7 @@ - name: hotfix python-fedora-flask to include latest flask_fas_openid template: src={{ item.file }} - dest={{ item.location }}/{{ item.file }} + dest="{{ item.location }}/{{ item.file }}" owner=apache group=apache mode=0600 with_items: - { file: flask_fas_openid.py, location: /usr/lib/python2.6/site-packages/ } diff --git a/roles/postgresql_server/tasks/main.yml b/roles/postgresql_server/tasks/main.yml index 735c22b87d..0c47c5535a 100644 --- a/roles/postgresql_server/tasks/main.yml +++ b/roles/postgresql_server/tasks/main.yml @@ -3,7 +3,7 @@ # Setup postgresql server. # - name: install postgresql server packages - yum: name=$item state=installed + yum: name={{ item }} state=installed with_items: - postgresql-server - postgresql-contrib diff --git a/tasks/2fa_client.yml b/tasks/2fa_client.yml index 99e0e587fa..2b6756614c 100644 --- a/tasks/2fa_client.yml +++ b/tasks/2fa_client.yml @@ -5,30 +5,30 @@ - packages - name: /etc/pki/tls/private/totpcgi.pem - copy: src=$puppet_private/2fa-certs/keys/${inventory_hostname}.pem dest=/etc/pki/tls/private/totpcgi.pem mode=0400 + copy: src="{{ puppet_private }}/2fa-certs/keys/{{ inventory_hostname }}.pem" dest=/etc/pki/tls/private/totpcgi.pem mode=0400 tags: - config - name: /etc/pki/tls/private/totpcgi-ca.cert - copy: src=$puppet_private/2fa-certs/keys/ca.crt dest=/etc/pki/tls/private/totpcgi-ca.cert mode=0400 + copy: src="{{ puppet_private }}/2fa-certs/keys/ca.crt" dest=/etc/pki/tls/private/totpcgi-ca.cert mode=0400 tags: - config - name: /etc/pam_url.conf - split for staging/phx2/everyone else - template: src=$item dest=/etc/pam_url.conf mode=0644 + template: src={{ item }} dest=/etc/pam_url.conf mode=0644 with_first_found: - - $files/2fa/pam_url.conf.${inventory_hostname} - - $files/2fa/pam_url.conf.${ansible_domain} - - $files/2fa/pam_url.conf.j2 + - "{{ files }}/2fa/pam_url.conf.{{ inventory_hostname }}" + - "{{ files }}/2fa/pam_url.conf.{{ ansible_domain }}" + - "{{ files }}/2fa/pam_url.conf.j2" tags: - config - name: /etc/pam.d/sudo - copy: src=$item dest=/etc/pam.d/sudo mode=0644 + copy: src={{ item }} dest=/etc/pam.d/sudo mode=0644 with_first_found: - - $files/2fa/sudo.pam.${inventory_hostname} - - $files/2fa/sudo.pam.${ansible_domain} - - $files/2fa/sudo.pam + - "{{ files }}/2fa/sudo.pam.{{ inventory_hostname }}" + - "{{ files }}/2fa/sudo.pam.{{ ansible_domain }}" + - "{{ files }}/2fa/sudo.pam" tags: - config diff --git a/tasks/accelerate_prep.yml b/tasks/accelerate_prep.yml index f82d3cac61..56736c2596 100644 --- a/tasks/accelerate_prep.yml +++ b/tasks/accelerate_prep.yml @@ -1,6 +1,6 @@ --- - name: install needed packages for accelerated mode - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - python-keyczar tags: diff --git a/tasks/apache.yml b/tasks/apache.yml index 77266f070c..8fd4289417 100644 --- a/tasks/apache.yml +++ b/tasks/apache.yml @@ -1,7 +1,7 @@ --- # install apache(httpd) - name: install apache - yum: name=$item state=installed + yum: name={{ item }} state=installed with_items: - httpd - httpd-tools @@ -20,7 +20,7 @@ # install hash randomization hotfix - name: hotfix - copy over new httpd init script - copy: src=$files/hotfix/httpd/httpd.init dest=/etc/init.d/httpd + copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd owner=root group=root mode=0755 notify: - restart apache @@ -30,7 +30,7 @@ - apache - name: hotfix - copy over new httpd sysconfig - copy: src=$files/hotfix/httpd/httpd.sysconfig dest=/etc/sysconfig/httpd + copy: src="{{ files }}/hotfix/httpd/httpd.sysconfig" dest=/etc/sysconfig/httpd notify: - restart apache tags: @@ -39,7 +39,7 @@ - apache - name: add appserver headers.conf - template: src=$files/httpd/headers.conf.j2 dest=/etc/httpd/conf.d/headers.conf + template: src="{{ files }}/httpd/headers.conf.j2" dest=/etc/httpd/conf.d/headers.conf notify: - restart apache tags: @@ -47,10 +47,10 @@ - apache - name: add apache_status location for collectd - template: src=$files/httpd/apachestatus.conf dest=/etc/httpd/conf.d/apachestatus.conf + template: src="{{ files }}/httpd/apachestatus.conf" dest=/etc/httpd/conf.d/apachestatus.conf notify: - restart apache tags: - config - apache - \ No newline at end of file + diff --git a/tasks/cloud_setup_basic.yml b/tasks/cloud_setup_basic.yml index 803bf988b2..b5d3d821c2 100644 --- a/tasks/cloud_setup_basic.yml +++ b/tasks/cloud_setup_basic.yml @@ -6,7 +6,7 @@ - packages - name: ntp pkgs - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - ntpdate - ntp @@ -22,13 +22,13 @@ - packages - name: put step-tickers in place - action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers + action: copy src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers - name: enable the service action: service name=ntpd state=running enabled=true - name: edit hostname to be instance name - prefix hostbase var if it exists - action: shell hostname ${hostbase}`curl -s http://169.254.169.254/latest/meta-data/instance-id` + action: shell hostname {{ hostbase }}`curl -s http://169.254.169.254/latest/meta-data/instance-id` tags: - config @@ -42,7 +42,7 @@ - name: add root keys for sysadmin-main and other allowed users action: authorized_key user=root key="{{ item }}" with_pipe: - - "${auth_keys_from_fas} @sysadmin-main ${root_auth_users}" + - "{{ auth_keys_from_fas }} @sysadmin-main {{ root_auth_users }}" tags: - config ignore_errors: true diff --git a/tasks/collectd/client.yml b/tasks/collectd/client.yml index 73395e3567..5fe0a6d5bb 100644 --- a/tasks/collectd/client.yml +++ b/tasks/collectd/client.yml @@ -11,13 +11,13 @@ # install collected.conf - name: /etc/collectd.conf - template: src=$files/collectd/collectd.conf.j2 dest=/etc/collectd.conf + template: src="{{ files }}/collectd/collectd.conf.j2" dest=/etc/collectd.conf notify: - restart collectd # install collectd-network config - name: /etc/collectd.d/network.conf - copy: src=$files/collectd/network-client.conf dest=/etc/collectd.d/network.conf + copy: src="{{ files }}/collectd/network-client.conf" dest=/etc/collectd.d/network.conf notify: - restart collectd @@ -26,13 +26,13 @@ yum: state=installed name=collectd-apache notify: - restart collectd - when_set: $collectd_apache + when_set: {{ collectd_apache }} - name: /etc/collectd/apache.conf - copy: src=$files/collectd/apache.conf dest=/etc/collectd.d/apache.conf + copy: src="{{ files }}/collectd/apache.conf" dest=/etc/collectd.d/apache.conf notify: - restart collectd - when_set: $collectd_apache + when_set: {{ collectd_apache }} # each of the below should move to a separate task list @@ -60,4 +60,4 @@ # webproxy - \ No newline at end of file + diff --git a/tasks/common_scripts.yml b/tasks/common_scripts.yml index 08251b8c81..dc70a174b6 100644 --- a/tasks/common_scripts.yml +++ b/tasks/common_scripts.yml @@ -5,7 +5,7 @@ # - name: Install common scripts - action: copy src=$item dest=/usr/local/bin/ owner=root group=root mode=0755 - with_fileglob: $files/common-scripts/* + action: copy src={{ item }} dest=/usr/local/bin/ owner=root group=root mode=0755 + with_fileglob: "{{ files }}/common-scripts/*" tags: - config diff --git a/tasks/growroot_cloud.yml b/tasks/growroot_cloud.yml index f4f8c30eed..ffba124b4a 100644 --- a/tasks/growroot_cloud.yml +++ b/tasks/growroot_cloud.yml @@ -17,13 +17,13 @@ - name: reboot the box action: command /sbin/reboot - when: ${growpart.rc} == 0 + when: "{{ growpart.rc }} == 0" ignore_errors: true - name: wait for it to come back (should be quick) - local_action: wait_for host=${inventory_hostname} port=22 delay=10 timeout=120 - when: ${growpart.rc} == 0 + local_action: wait_for host={{ inventory_hostname }} port=22 delay=10 timeout=120 + when: "{{ growpart.rc }} == 0" - name: resize the /dev/vda 2 fs action: command resize2fs /dev/vda2 - when: ${growpart.rc} == 0 + when: "{{ growpart.rc }} == 0" diff --git a/tasks/hosts.yml b/tasks/hosts.yml index 9bd00686a9..1bd3efdf38 100644 --- a/tasks/hosts.yml +++ b/tasks/hosts.yml @@ -10,9 +10,9 @@ # Note that if it's not set it will just skip this play and do nothing. # - name: setup /etc/hosts for some clients - action: copy src=$item dest=/etc/hosts + action: copy src={{ item }} dest=/etc/hosts with_first_found: - - files: $files/hosts/${ansible_fqdn}-hosts $files/hosts/${ansible_hostname}-hosts $files/hosts/${ansible_domain}-hosts $files/hosts/${host_group}-hosts + - files: "{{ files }}/hosts/{{ ansible_fqdn }}-hosts" "{{ files }}/hosts/{{ ansible_hostname }}-hosts" "{{ files }}/hosts/{{ ansible_domain }}-hosts" "{{ files }}/hosts/{{ host_group }}-hosts" skip: true tags: - config diff --git a/tasks/iptables.yml b/tasks/iptables.yml index 887d1177b4..a61d8ffda3 100644 --- a/tasks/iptables.yml +++ b/tasks/iptables.yml @@ -22,13 +22,13 @@ - service - name: iptables - action: template src=$item dest=/etc/sysconfig/iptables mode=600 backup=yes + action: template src={{ item }} dest=/etc/sysconfig/iptables mode=600 backup=yes with_first_found: - - $iptables - - $files/iptables/iptables.${ansible_fqdn} - - $files/iptables/iptables.${host_group} - - $files/iptables/iptables.${env} - - $files/iptables/iptables + - "{{ iptables }}" + - "{{ files }}/iptables/iptables.{{ ansible_fqdn }}" + - "{{ files }}/iptables/iptables.{{ host_group }}" + - "{{ files }}/iptables/iptables.{{ env }}" + - "{{ files }}/iptables/iptables" notify: - restart iptables tags: diff --git a/tasks/keyserver.yml b/tasks/keyserver.yml index 07db62dbab..9cf3e2ca60 100644 --- a/tasks/keyserver.yml +++ b/tasks/keyserver.yml @@ -16,12 +16,12 @@ owner=sks group=sks mode=0755 - name: /srv/sks/membership - copy: src=$files/keyserver/membership dest=/srv/sks/membership owner=sks group=sks mode=0644 + copy: src="{{ files }}/keyserver/membership" dest=/srv/sks/membership owner=sks group=sks mode=0644 tags: - config - name: /srv/sks/sksconf - copy: src=$files/keyserver/sksconf dest=/srv/sks/sksconf owner=sks group=sks mode=0644 + copy: src="{{ files }}/keyserver/sksconf" dest=/srv/sks/sksconf owner=sks group=sks mode=0644 tags: - config @@ -32,47 +32,47 @@ owner=sks group=sks mode=0755 - name: /srv/sks/web/index.html - copy: src=$files/keyserver/index.html dest=/srv/sks/web/index.html owner=sks group=sks mode=0644 + copy: src="{{ files }}/keyserver/index.html" dest=/srv/sks/web/index.html owner=sks group=sks mode=0644 tags: - config - name: /srv/sks/web/css.css - copy: src=$files/keyserver/css.css dest=/srv/sks/web/css.css owner=sks group=sks mode=0644 + copy: src="{{ files }}/keyserver/css.css" dest=/srv/sks/web/css.css owner=sks group=sks mode=0644 tags: - config - name: /etc/httpd/conf.d/sks.conf - copy: src=$files/keyserver/sks.conf dest=/etc/httpd/conf.d/sks.conf owner=root group=root mode=0644 + copy: src="{{ files }}/keyserver/sks.conf" dest=/etc/httpd/conf.d/sks.conf owner=root group=root mode=0644 tags: - config - name: /etc/httpd/conf.d/ssl.conf - copy: src=$files/keyserver/ssl.conf dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644 + copy: src="{{ files }}/keyserver/ssl.conf" dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644 tags: - config - name: /etc/pki/tls/wildcard-2013.fedoraproject.org.cert - copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.cert dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.cert owner=root group=root mode=0600 + copy: src="{{ puppet_private }}/httpd/wildcard-2013.fedoraproject.org.cert" dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.cert owner=root group=root mode=0600 tags: - config - name: /etc/pki/tls/wildcard-2013.fedoraproject.org.key - copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.key dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.key owner=root group=root mode=0600 + copy: src="{{ puppet_private }}/httpd/wildcard-2013.fedoraproject.org.key" dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.key owner=root group=root mode=0600 tags: - config - name: /etc/pki/tls/wildcard-2013.fedoraproject.org.intermediate.cert - copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.intermediate.cert dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.intermediate.cert owner=root group=root mode=0600 + copy: src="{{ puppet_private }}/httpd/wildcard-2013.fedoraproject.org.intermediate.cert" dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.intermediate.cert owner=root group=root mode=0600 tags: - config - name: /etc/pki/tls/keys_fedoraproject_org.crt.pem - copy: src=$puppet_private/keys_fedoraproject_org.crt.pem dest=/etc/pki/tls/keys_fedoraproject_org.crt.pem owner=root group=root mode=0600 + copy: src="{{ puppet_private }}/keys_fedoraproject_org.crt.pem" dest=/etc/pki/tls/keys_fedoraproject_org.crt.pem owner=root group=root mode=0600 tags: - config - name: /etc/pki/tls/keys_fedoraproject_org.key - copy: src=$puppet_private/keys_fedoraproject_org.key dest=/etc/pki/tls/keys_fedoraproject_org.key owner=root group=root mode=0600 + copy: src="{{ puppet_private }}/keys_fedoraproject_org.key" dest=/etc/pki/tls/keys_fedoraproject_org.key owner=root group=root mode=0600 tags: - config diff --git a/tasks/koji/base_builder.yml b/tasks/koji/base_builder.yml index 073fa66c44..cc1a0d6110 100644 --- a/tasks/koji/base_builder.yml +++ b/tasks/koji/base_builder.yml @@ -1,5 +1,5 @@ - name: set root passwd - action: user name=root password=$builder_rootpw state=present + action: user name=root password={{ builder_rootpw }} state=present - name: add mock user as 425 action: user name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes @@ -11,7 +11,7 @@ action: file state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock - name: add mock ssh keys - action: copy src=$files/kojibuilder/mock_auth_keys dest=/var/lib/mock/.ssh/authorized_keys mode=640 owner=mock group=mock + action: copy src="{{ files }}/kojibuilder/mock_auth_keys" dest=/var/lib/mock/.ssh/authorized_keys mode=640 owner=mock group=mock - name: add kojibuilder action: user name=kojibuilder groups=mock @@ -23,10 +23,10 @@ action: file state=directory path=/home/mockbuilder/.ssh mode=700 owner=mockbuilder group=mockbuilder - name: mockbuilder ssh key - action: copy src=$files/kojibuilder/ftbfs_auth_keys dest=/home/mockbuilder/.ssh/authorized_keys mode=644 owner=mockbuilder group=mockbuilder + action: copy src="{{ files }}/kojibuilder/ftbfs_auth_keys" dest=/home/mockbuilder/.ssh/authorized_keys mode=644 owner=mockbuilder group=mockbuilder - name: make a bunch of dirs - action: file state=directory path=$item + action: file state=directory path={{ item }} with_items: - /pub - /mnt/fedora_koji @@ -35,16 +35,16 @@ - /var/spool/rsyslog - name: add builder infra yum repo - action: copy src=$files/kojibuilder/builder-infrastructure.repo dest=/etc/yum.repos.d/builder-infrastructure.repo + action: copy src="{{ files }}/kojibuilder/builder-infrastructure.repo" dest=/etc/yum.repos.d/builder-infrastructure.repo - name: clean up packages we do not need - action: yum state=removed pkg=$item + action: yum state=removed pkg={{ item }} with_items: - audit - 'cronie\*' - name: add pkgs - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - yum-utils - koji-builder @@ -56,49 +56,49 @@ - ntpdate - name: /etc/kojid/kojid.conf - action: copy src=$files/kojibuilder/kojid.conf dest=/etc/kojid/kojid.conf + action: copy src="{{ files }}/kojibuilder/kojid.conf" dest=/etc/kojid/kojid.conf when: not inventory_hostname.startswith(('arm01','arm03')) notify: - restart kojid - name: arm /etc/kojid/kojid.conf - action: copy src=$files/kojibuilder/arm-kojid.conf dest=/etc/kojid/kojid.conf + action: copy src="{{ files }}/kojibuilder/arm-kojid.conf" dest=/etc/kojid/kojid.conf when: inventory_hostname.startswith(('arm01','arm03')) notify: - restart kojid - name: /etc/koji/koji.conf - action: copy src=$files/kojibuilder/koji.conf dest=/etc/koji.conf + action: copy src="{{ files }}/kojibuilder/koji.conf" dest=/etc/koji.conf when: not inventory_hostname.startswith(('arm01','arm03')) - name: /etc/koji/koji.conf - action: copy src=$files/kojibuilder/arm-koji.conf dest=/etc/koji.conf + action: copy src="{{ files }}/kojibuilder/arm-koji.conf" dest=/etc/koji.conf when: inventory_hostname.startswith(('arm01','arm03')) - name: copy over koji ca cert - action: copy src=$private/files/koji/buildercerts/fedora-ca.cert dest=/etc/kojid/cacert.pem + action: copy src="{{ private }}/files/koji/buildercerts/fedora-ca.cert" dest=/etc/kojid/cacert.pem - name: copy over /etc/security/limits.conf - action: copy src=$files/kojibuilder/limits.conf dest=/etc/security/limits.conf + action: copy src="{{ files }}/kojibuilder/limits.conf" dest=/etc/security/limits.conf - name: copy over builder cert to /etc/kojid/kojibuilder.pem - action: copy src=$private/files/koji/buildercerts/${inventory_hostname}.pem dest=/etc/kojid/kojibuilder.pem mode=600 + action: copy src="{{ private }}/files/koji/buildercerts/{{ inventory_hostname }}.pem" dest=/etc/kojid/kojibuilder.pem mode=600 - name: chkconfig kojid on and leave it running action: service name=kojid enabled=on # action: service name=kojid enabled=on state=started - name: copy over authorized keys for root - action: copy src=$files/kojibuilder/root_auth_keys dest=/root/.ssh/authorized_keys mode=644 + action: copy src="{{ files }}/kojibuilder/root_auth_keys" dest=/root/.ssh/authorized_keys mode=644 # idmapd and make sure it's set to run - name: idmapd.conf - action: copy src=$files/kojibuilder/idmapd.conf dest=/etc/idmapd.conf + action: copy src="{{ files }}/kojibuilder/idmapd.conf" dest=/etc/idmapd.conf tags: - configs - name: enable nfs-related services and run them - action: service name=$item enabled=true state=started + action: service name={{ item }} enabled=true state=started with_items: - rpcidmapd - rpcbind @@ -106,7 +106,7 @@ - nfslock - name: route config for netapp network - action: copy src=$files/kojibuilder/route-eth1 dest=/etc/sysconfig/network-scripts/route-eth1 + action: copy src="{{ files }}/kojibuilder/route-eth1" dest=/etc/sysconfig/network-scripts/route-eth1 - name: run netapp route command: /etc/sysconfig/network-scripts/ifup-routes eth1 @@ -122,7 +122,7 @@ # mock configs for pungify job # TODO: restore this to "copy:", this is a temporary "fix" for https://github.com/ansible/ansible/issues/4377 - name: put extra special mock configs in - template: src=$files/kojibuilder/builders/$item dest=/etc/mock/$item mode=644 + template: src="{{ files }}/kojibuilder/builders/{{ item }}" dest="/etc/mock/{{ item }}" mode=644 with_items: - fedora-branched-pungi-armhfp.cfg - fedora-branched-pungi-i386.cfg @@ -132,14 +132,14 @@ - fedora-rawhide-pungi-armhfp.cfg - name: mock site-defaults.cfg - action: copy src=$files/kojibuilder/builders/site-defaults.cfg dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock + action: copy src="{{ files }}/kojibuilder/builders/site-defaults.cfg" dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock when: not inventory_hostname.startswith('bkernel') - name: ntp steptickers - action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers + action: copy src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers - name: ntp.conf - action: copy src=$files/common/ntp.conf dest=/etc/ntp.conf + action: copy src="{{ files }}/common/ntp.conf" dest=/etc/ntp.conf - name: enable ntpd action: service name=ntpd enabled=true state=started diff --git a/tasks/koji/bkernel-setup.yml b/tasks/koji/bkernel-setup.yml index 50501160ec..11f392f5fb 100644 --- a/tasks/koji/bkernel-setup.yml +++ b/tasks/koji/bkernel-setup.yml @@ -1,6 +1,6 @@ --- - name: add pkgs for bkernel boxes - action: yum state=latest pkg=$item enablerepo=epel-test + action: yum state=latest pkg={{ item }} enablerepo=epel-test with_items: - pesign - ccid @@ -22,11 +22,11 @@ action: service name=pesign state=started enabled=true - name: when you awake you will remember nothing - action: copy src=$files/kojibuilder/history_off.sh dest=/etc/profile.d/history_off.sh mode=0644 + action: copy src="{{ files }}/kojibuilder/history_off.sh" dest=/etc/profile.d/history_off.sh mode=0644 - name: mock site-defaults.cfg - action: copy src=$files/kojibuilder/builders/bkernel-site-defaults.cfg dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock + action: copy src="{{ files }}/kojibuilder/builders/bkernel-site-defaults.cfg" dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock - name: make sure our bkernel boxes have static ip - action: template src=$files/kojibuilder/builders/bkernel-eth0-network dest=/etc/sysconfig/network-scripts/ifcfg-eth0 + action: template src="{{ files }}/kojibuilder/builders/bkernel-eth0-network" dest=/etc/sysconfig/network-scripts/ifcfg-eth0 diff --git a/tasks/koji/builder_kernel_config.yml b/tasks/koji/builder_kernel_config.yml index f9e8a03641..239b4f16c9 100644 --- a/tasks/koji/builder_kernel_config.yml +++ b/tasks/koji/builder_kernel_config.yml @@ -5,7 +5,7 @@ action: command /sbin/grubby --update-kernel=ALL --args=max_loop=64 - name: special pkgs for the x86_64 builders - yum: state=installed pkg=$item + yum: state=installed pkg={{ item }} with_items: - kmod-hfsplus when: is_rhel == 'True' diff --git a/tasks/koji/releng_config.yml b/tasks/koji/releng_config.yml index 29bf29fc32..d3d03ee4d2 100644 --- a/tasks/koji/releng_config.yml +++ b/tasks/koji/releng_config.yml @@ -1,5 +1,5 @@ - name: set root passwd - action: user name=root password=$builder_rootpw state=present + action: user name=root password={{ builder_rootpw }} state=present - name: add mock user as 425 action: user name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes @@ -8,7 +8,7 @@ - name: add mock ssh dir action: file state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock - name: add mock ssh keys - action: copy src=$files/kojibuilder/mock_auth_keys dest=/var/lib/mock/.ssh/authorized_keys mode=644 owner=mock group=mock + action: copy src="{{ files }}/kojibuilder/mock_auth_keys" dest=/var/lib/mock/.ssh/authorized_keys mode=644 owner=mock group=mock - name: add ftpsync group action: group name=ftpsync gid=263 system=yes state=present @@ -17,7 +17,7 @@ action: user name=ftpsync uid=263 group=ftpsync system=yes home=/var/tmp/ftpsync createhome=yes system=yes state=present - name: add the ftpsync update-fullfilelist script - action: copy src=$files/releng/update-fullfilelist dest=/usr/local/bin/update-fullfilelist owner=ftpsync group=ftpsync mode=555 + action: copy src="{{ files }}/releng/update-fullfilelist" dest=/usr/local/bin/update-fullfilelist owner=ftpsync group=ftpsync mode=555 - name: add masher group action: group name=masher gid=751 system=yes state=present @@ -28,18 +28,18 @@ - name: add masher ssh dir action: file state=directory path=/home/masher/.ssh mode=700 owner=masher group=masher - name: add masher ssh keys - action: copy src=$files/releng/mash/masher.$item dest=/home/masher/.ssh/$item mode=600 owner=masher group=masher + action: copy src="{{ files }}/releng/mash/masher.{{ item }}" dest="/home/masher/.ssh/{{ item }}" mode=600 owner=masher group=masher with_items: - id_rsa.pub - config - name: add masher ssh priv key - action: copy src=$private/files/mash/masher.id_rsa dest=/home/masher/.ssh/id_rsa mode=600 owner=masher group=masher + action: copy src="{{ private }}/files/mash/masher.id_rsa" dest=/home/masher/.ssh/id_rsa mode=600 owner=masher group=masher - name: add masher koji cert/key - action: copy src=$private/files/mash/masher.pem dest=/home/masher/.fedora.cert mode=600 owner=masher group=masher + action: copy src="{{ private }}/files/mash/masher.pem dest=/home/masher/.fedora.cert" mode=600 owner=masher group=masher - name: add masher koji ca cert - action: copy src=$private/files/koji/buildercerts/fedora-ca.cert dest=/home/masher/.fedora-server-ca.cert + action: copy src="{{ private }}/files/koji/buildercerts/fedora-ca.cert" dest=/home/masher/.fedora-server-ca.cert # rawhide group - name: rawhide group @@ -49,7 +49,7 @@ action: user name=rawhide uid=265 group=rawhide home=/tmp comment="rawhide compose account" - name: make a bunch of dirs - action: file state=directory path=$item + action: file state=directory path={{ item }} with_items: - /pub - /pub/fedora @@ -67,17 +67,17 @@ action: file src=/mnt/fedora_koji/compose/cache dest=/srv/pungi/cache state=link - name: add builder infra yum repo - action: copy src=$files/kojibuilder/builder-infrastructure.repo dest=/etc/yum.repos.d/builder-infrastructure.repo + action: copy src="{{ files }}/kojibuilder/builder-infrastructure.repo" dest=/etc/yum.repos.d/builder-infrastructure.repo tags: - configs - name: add releng yum repo - action: copy src=$files/releng/releng.repo dest=/etc/yum.repos.d/releng.repo + action: copy src="{{ files }}/releng/releng.repo" dest=/etc/yum.repos.d/releng.repo tags: - configs - name: add pkgs - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - yum-utils - koji @@ -93,12 +93,12 @@ - pykickstart - name: /etc/koji/koji.conf - action: copy src=$files/kojibuilder/koji.conf dest=/etc/koji.conf + action: copy src="{{ files }}/kojibuilder/koji.conf" dest=/etc/koji.conf # mock configs - name: put extra special mock configs in - action: copy src=$files/releng/$item dest=/etc/mock/$item mode=644 + action: copy src="{{ files }}/releng/{{ item }}" dest="/etc/mock/{{ item }}" mode=644 with_items: - fedora-branched-compose-armhfp.cfg - fedora-rawhide-compose-armhfp.cfg @@ -109,12 +109,12 @@ # idmapd and make sure it's set to run - name: idmapd.conf - action: copy src=$files/kojibuilder/idmapd.conf dest=/etc/idmapd.conf + action: copy src="{{ files }}/kojibuilder/idmapd.conf" dest=/etc/idmapd.conf tags: - configs - name: enable nfs-related services and run them - action: service name=$item enabled=true state=started + action: service name={{ item }} enabled=true state=started with_items: - rpcidmapd - rpcbind @@ -123,7 +123,7 @@ - name: route to netapp network - action: copy src=$files/kojibuilder/route-eth1 dest=/etc/sysconfig/network-scripts/route-eth1 + action: copy src="{{ files }}/kojibuilder/route-eth1" dest=/etc/sysconfig/network-scripts/route-eth1 notify: - restart netapproute @@ -138,26 +138,26 @@ # put cron job in for branched compose - name: branched compose cron - action: copy src=$files/releng/branched dest=/etc/cron.d/branched + action: copy src="{{ files }}/releng/branched" dest=/etc/cron.d/branched when: inventory_hostname.startswith('releng01') # put cron job in for rawhide compose - name: rawhide compose cron - action: copy src=$files/releng/rawhide dest=/etc/cron.d/rawhide + action: copy src="{{ files }}/releng/rawhide" dest=/etc/cron.d/rawhide when: inventory_hostname.startswith('releng02') - name: sudoers defaults - action: copy src=$private/files/sudo/releng-sudoers dest=/etc/sudoers mode=0440 + action: copy src="{{ private }}/files/sudo/releng-sudoers" dest=/etc/sudoers mode=0440 tags: - configs - name: sudoers for ftpsync - action: copy src=$private/files/sudo/ftpsync-sudo dest=/etc/sudoers.d/ftpsync mode=0440 + action: copy src="{{ private }}/files/sudo/ftpsync-sudo" dest=/etc/sudoers.d/ftpsync mode=0440 tags: - configs # fedmsg message buss stuff. - name: fedmsg install - action: yum state=installed pkg=$item + action: yum state=installed pkg={{ item }} with_items: - fedmsg # needed for now, until moksha 0.8.8-4 pulls it in. @@ -173,7 +173,7 @@ tags: - fedmsg - name: fedmsg files - action: copy src=$files/releng/fedmsg/$item dest=/etc/fedmsg.d/$item mode=644 + action: copy src="{{ files }}/releng/fedmsg/{{ item }}" dest="/etc/fedmsg.d/{{ item }}" mode=644 with_items: - ircbot.py - ssl.py @@ -182,32 +182,32 @@ tags: - fedmsg - name: fedmsg ca - action: copy src=$private/files/fedmsg-certs/keys/$item dest=/etc/pki/fedmsg/$item mode=644 + action: copy src="{{ private }}/files/fedmsg-certs/keys/{{ item }}" dest="/etc/pki/fedmsg/{{ item }}" mode=644 with_items: - ca.crt - name: fedmsg cert - action: copy src=$private/files/fedmsg-certs/keys/$item dest=/etc/pki/fedmsg/$item mode=644 + action: copy src="{{ private }}/files/fedmsg-certs/keys/{{ item }}" dest="/etc/pki/fedmsg/{{ item }}" mode=644 with_items: - bodhi-releng01.phx2.fedoraproject.org.crt tags: - fedmsg when: inventory_hostname.startswith('releng01') - name: fedmsg key - action: copy src=$private/files/fedmsg-certs/keys/$item dest=/etc/pki/fedmsg/$item mode=640 group=masher + action: copy src="{{ private }}/files/fedmsg-certs/keys/{{ item }}" dest="/etc/pki/fedmsg/{{ item }}" mode=640 group=masher with_items: - bodhi-releng01.phx2.fedoraproject.org.key tags: - fedmsg when: inventory_hostname.startswith('releng01') - name: fedmsg cert - action: copy src=$private/files/fedmsg-certs/keys/$item dest=/etc/pki/fedmsg/$item mode=644 + action: copy src="{{ private }}/files/fedmsg-certs/keys/{{ item }}" dest="/etc/pki/fedmsg/{{ item }}" mode=644 with_items: - bodhi-releng02.phx2.fedoraproject.org.crt tags: - fedmsg when: inventory_hostname.startswith('releng02') - name: fedmsg key - action: copy src=$private/files/fedmsg-certs/keys/$item dest=/etc/pki/fedmsg/$item mode=640 group=masher + action: copy src="{{ private }}/files/fedmsg-certs/keys/{{ item }}" dest="/etc/pki/fedmsg/{{ item }}" mode=640 group=masher with_items: - bodhi-releng02.phx2.fedoraproject.org.key tags: diff --git a/tasks/mod_wsgi.yml b/tasks/mod_wsgi.yml index fe3edf08c8..9ccfaee323 100644 --- a/tasks/mod_wsgi.yml +++ b/tasks/mod_wsgi.yml @@ -6,7 +6,7 @@ - packages - name: wsgi.conf - copy: src=$files/mod_wsgi/wsgi.conf dest=/etc/httpd/conf.d/wsgi.conf + copy: src="{{ files }}/mod_wsgi/wsgi.conf" dest=/etc/httpd/conf.d/wsgi.conf notify: - restart apache tags: diff --git a/tasks/mysql_server.yml b/tasks/mysql_server.yml index 0ff3c2375a..165c6f1a0c 100644 --- a/tasks/mysql_server.yml +++ b/tasks/mysql_server.yml @@ -3,14 +3,14 @@ # Setup mysql server. # - name: install mysql server packages - yum: name=$item state=installed + yum: name={{ item }} state=installed with_items: - mysql-server tags: - packages - name: install our my.cnf - copy: src=$files/mysql/my.cnf dest=/etc/my.cnf owner=root group=root mode=0644 + copy: src="{{ files }}/mysql/my.cnf" dest=/etc/my.cnf owner=root group=root mode=0644 - name: Set mysql-server to run service: name=mysqld enabled=yes state=running diff --git a/tasks/openvpn_client.yml b/tasks/openvpn_client.yml index d0ac62857d..c825b803a8 100644 --- a/tasks/openvpn_client.yml +++ b/tasks/openvpn_client.yml @@ -6,35 +6,35 @@ - packages - name: /etc/openvpn/ca.crt from vpn/openvpn/keys/ca.crt - copy: src=$puppet_private/vpn/openvpn/keys/ca.crt dest=/etc/openvpn/ca.crt mode=0600 owner=root group=root + copy: src="{{ puppet_private }}/vpn/openvpn/keys/ca.crt" dest=/etc/openvpn/ca.crt mode=0600 owner=root group=root tags: - config notify: - restart openvpn - name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem - copy: src=$puppet_private/vpn/openvpn/keys/crl.pem dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root + copy: src="{{ puppet_private }}/vpn/openvpn/keys/crl.pem" dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root tags: - config notify: - restart openvpn - name: /etc/openvpn/openvpn.conf - copy: src=$files/openvpn/client.conf dest=/etc/openvpn/openvpn.conf + copy: src="{{ files }}/openvpn/client.conf" dest=/etc/openvpn/openvpn.conf tags: - config notify: - restart openvpn - name: /etc/openvpn/client.crt - copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.crt dest=/etc/openvpn/client.crt mode=0600 owner=root group=root + copy: src="{{ puppet_private }}/vpn/openvpn/keys/{{ inventory_hostname }}.crt" dest=/etc/openvpn/client.crt mode=0600 owner=root group=root tags: - config notify: - restart openvpn - name: /etc/openvpn/client.key - copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.key dest=/etc/openvpn/client.key mode=0600 owner=root group=root + copy: src="{{ puppet_private }}/vpn/openvpn/keys/{{ inventory_hostname }}.key" dest=/etc/openvpn/client.key mode=0600 owner=root group=root tags: - config notify: diff --git a/tasks/persistent_cloud.yml b/tasks/persistent_cloud.yml index 42ab388e6b..28e1a107e1 100644 --- a/tasks/persistent_cloud.yml +++ b/tasks/persistent_cloud.yml @@ -1,25 +1,25 @@ --- - name: check it out - local_action: shell nc -d -z -w 5 ${inventory_hostname} 22 >>/dev/null + local_action: shell nc -d -z -w 5 {{ inventory_hostname }} 22 >>/dev/null register: host_is_up ignore_errors: true - name: spin it up - local_action: ec2 keypair=${keypair} image=${image} type=${instance_type} wait=true group=${security_group} ec2_access_key=$persist_access_key ec2_secret_key=$persist_secret_key ec2_url=$os_ec2_url + local_action: ec2 keypair={{ keypair }} image={{ image }} type={{ instance_type }} wait=true group={{ security_group }} ec2_access_key={{ persist_access_key }} ec2_secret_key={{ persist_secret_key }} ec2_url={{ os_ec2_url }} register: inst_res when: host_is_up|failed - name: assign it a special ip - local_action: shell euca-associate-address --config ${persist_config} -i ${inst_res.instances[0].id} ${public_ip} + local_action: shell euca-associate-address --config {{ persist_config }} -i {{ inst_res.instances[0].id }} {{ public_ip }} when: host_is_up|failed - name: wait for the reassignation - local_action: wait_for host=${public_ip} port=22 delay=20 timeout=300 + local_action: wait_for host={{ public_ip }} port=22 delay=20 timeout=300 when: host_is_up|failed # attach and mount volumes - name: attach volumes to the system - local_action: shell euca-attach-volume --config ${persist_config} -i ${inst_res.instances[0].id} $item - with_items: $volumes + local_action: shell euca-attach-volume --config {{ persist_config }} -i {{ inst_res.instances[0].id }} {{ item }} + with_items: "{{ volumes }}" when: volumes is defined and host_is_up|failed diff --git a/tasks/postfix_basic.yml b/tasks/postfix_basic.yml index 58abe9726f..a5fb46052c 100644 --- a/tasks/postfix_basic.yml +++ b/tasks/postfix_basic.yml @@ -5,14 +5,14 @@ - packages - name: /etc/postfix/main.cf - action: copy src=$item dest=/etc/postfix/main.cf + action: copy src={{ item }} dest=/etc/postfix/main.cf with_first_found: - - $postfix_maincf - - $files/postfix/main.cf.${ansible_fqdn} - - $files/postfix/main.cf.${inventory_hostname} - - $files/postfix/main.cf.${host_group} - - $files/postfix/main.cf.${postfix_group} - - $files/postfix/main.cf + - "{{ postfix_maincf }}" + - "{{ files }}/postfix/main.cf.{{ ansible_fqdn }}" + - "{{ files }}/postfix/main.cf.{{ inventory_hostname }}" + - "{{ files }}/postfix/main.cf.{{ host_group }}" + - "{{ files }}/postfix/main.cf.{{ postfix_group }}" + - "{{ files }}/postfix/main.cf" notify: - restart postfix tags: diff --git a/tasks/rdiff_backup_server.yml b/tasks/rdiff_backup_server.yml index a214fd367c..c58ca0d1e4 100644 --- a/tasks/rdiff_backup_server.yml +++ b/tasks/rdiff_backup_server.yml @@ -1,7 +1,7 @@ --- # tasklist for setting up a rdiff backup server. - name: install rdiff-backup - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - rdiff-backup - git @@ -10,11 +10,11 @@ - packages - name: setup rdiff backup script - copy: src=$files/rdiff-backup/run-rdiff-backups dest=/usr/local/bin/run-rdiff-backups mode=755 + copy: src="{{ files }}/rdiff-backup/run-rdiff-backups" dest=/usr/local/bin/run-rdiff-backups mode=755 tags: - config - name: setup rdiff backup cron - copy: src=$files/rdiff-backup/run-rdiff-backups.cron dest=/etc/cron.d/run-rdiff-backups + copy: src="{{ files }}/rdiff-backup/run-rdiff-backups.cron" dest=/etc/cron.d/run-rdiff-backups tags: - config diff --git a/tasks/serialgetty.yml b/tasks/serialgetty.yml index a98b222577..5a452f7eb0 100644 --- a/tasks/serialgetty.yml +++ b/tasks/serialgetty.yml @@ -1,7 +1,7 @@ --- - name: upstart serial setup - action: copy src=$files/common/ttyS0.conf dest=/etc/init/ttyS0.conf + action: copy src="{{ files }}/common/ttyS0.conf" dest=/etc/init/ttyS0.conf when: is_rhel == 'True' tags: - configs diff --git a/tasks/sign_setup.yml b/tasks/sign_setup.yml index 2482951b12..4a4045167b 100644 --- a/tasks/sign_setup.yml +++ b/tasks/sign_setup.yml @@ -1,7 +1,7 @@ --- - name: put builder-repo on system - action: copy src=$files/sign/$item dest=/etc/yum.repos.d/$item + action: copy src="{{ files }}/sign/{{ item }}" dest="/etc/yum.repos.d/{{ item }}" with_items: - builder-rpms.repo when: is_rhel == 'True' @@ -10,7 +10,7 @@ - packages - name: install sigul - action: yum state=installed name=$item + action: yum state=installed name={{ item }} with_items: - sigul - ntp @@ -20,24 +20,24 @@ - packages - name: setup /etc/sigul/bridge.conf file - action: template src=$files/sign/bridge.conf.j2 dest=/etc/sigul/bridge.conf owner=root group=sigul mode=640 + action: template src="{{ files }}/sign/bridge.conf.j2" dest=/etc/sigul/bridge.conf owner=root group=sigul mode=640 tags: - config - name: setup /etc/sigul/server.conf file - action: copy src=$files/sign/server.conf dest=/etc/sigul/server.conf owner=root group=sigul mode=640 + action: copy src="{{ files }}/sign/server.conf" dest=/etc/sigul/server.conf owner=root group=sigul mode=640 - name: ntp steptickers - action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers + action: copy src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers - name: ntp.conf - action: copy src=$files/common/ntp.conf dest=/etc/ntp.conf + action: copy src="{{ files }}/common/ntp.conf" dest=/etc/ntp.conf - name: enable ntpd action: service name=ntpd enabled=true state=started - name: /etc/hosts - action: copy src=$files/hosts/sign-hosts dest=/etc/hosts + action: copy src="{{ files }}/hosts/sign-hosts" dest=/etc/hosts tags: - configs diff --git a/tasks/sudo.yml b/tasks/sudo.yml index f63e4c4f4f..2f50014e2c 100644 --- a/tasks/sudo.yml +++ b/tasks/sudo.yml @@ -7,16 +7,16 @@ # Put in place the default sysadmin-main sudoers file. # - name: setup /etc/sudoers.d/sysadmin-main - action: copy src=$private/files/sudo/sysadmin-main dest=/etc/sudoers.d/ owner=root group=root mode=0600 + action: copy src="{{ private }}/files/sudo/sysadmin-main" dest=/etc/sudoers.d/ owner=root group=root mode=0600 tags: - config # # This will move a /etc/sudoers.d/ file in place # - name: setup /etc/sudoers.d/sudoer file for client use - action: copy src=$item dest=/etc/sudoers.d/ owner=root group=root mode=0600 + action: copy src={{ item }} dest=/etc/sudoers.d/ owner=root group=root mode=0600 with_first_found: - - files: ${sudoers} ${private}/files/sudo/${ansible_fqdn}-sudoers ${private}/files/sudo/${ansible_hostname}-sudoers ${private}/files/sudo/${ansible_domain}-sudoers + - files: "{{ sudoers }}" "{{ private }}/files/sudo/{{ ansible_fqdn }}-sudoers" "{{ private }}/files/sudo/{{ ansible_hostname }}-sudoers" "{{ private }}/files/sudo/{{ ansible_domain }}-sudoers" skip: true tags: - config diff --git a/tasks/transient_cloud.yml b/tasks/transient_cloud.yml index 1235636ec8..77b4d3203f 100644 --- a/tasks/transient_cloud.yml +++ b/tasks/transient_cloud.yml @@ -1,16 +1,16 @@ --- - name: spin it up - local_action: ec2 keypair=${keypair} image=${image} type=${instance_type} wait=true group=${security_group} ec2_access_key=$transient_access_key ec2_secret_key=$transient_secret_key ec2_url=$os_ec2_url + local_action: ec2 keypair={{ keypair }} image={{ image }} type={{ instance_type }} wait=true group={{ security_group }} ec2_access_key={{ transient_access_key }} ec2_secret_key={{ transient_secret_key }} ec2_url={{ os_ec2_url }} register: inst_res - name: add it to the special group - local_action: add_host hostname=${inst_res.instances[0].public_ip} groupname=tmp_just_created + local_action: add_host hostname={{ inst_res.instances[0].public_ip }} groupname=tmp_just_created - name: mail off about where it is - local_action: mail to=sysadmin-main-members@fedoraproject.org from=ansible-create@fedoraproject.org subject=${inst_res.instances[0].public_ip} msg="cloud instance created on ${inst_res.instances[0].public_ip}\n instance id - ${inst_res.instances[0].id} - ${hostbase} ${root_auth_users} " + local_action: mail to=sysadmin-main-members@fedoraproject.org from=ansible-create@fedoraproject.org subject={{ inst_res.instances[0].public_ip }} msg="cloud instance created on {{ inst_res.instances[0].public_ip }}\n instance id - {{ inst_res.instances[0].id }} - {{ hostbase }} {{ root_auth_users }} " - name: wait for the host to be hot - local_action: wait_for host=${inst_res.instances[0].public_ip} port=22 delay=2 timeout=300 + local_action: wait_for host={{ inst_res.instances[0].public_ip }} port=22 delay=2 timeout=300 diff --git a/tasks/virthost.yml b/tasks/virthost.yml index 4b3ea2dfe7..9f224744c7 100644 --- a/tasks/virthost.yml +++ b/tasks/virthost.yml @@ -5,7 +5,7 @@ selinux: policy=targeted state=enforcing - name: install libvirt packages - yum: pkg=$item state=installed + yum: pkg={{ item }} state=installed with_items: - qemu-kvm - libvirt @@ -18,7 +18,7 @@ # This provides us with the ability to use virt-manager from non root accounts. # - name: install libvirtd.conf - copy: src=$files/virthost/libvirtd.conf dest=/etc/libvirt/libvirtd.conf + copy: src="{{ files }}/virthost/libvirtd.conf" dest=/etc/libvirt/libvirtd.conf notify: - restart libvirtd tags: diff --git a/tasks/yumrepos.yml b/tasks/yumrepos.yml index 9559dbf721..26fee37039 100644 --- a/tasks/yumrepos.yml +++ b/tasks/yumrepos.yml @@ -1,6 +1,6 @@ --- - name: put rhel repos on system - action: copy src=$files/common/$item dest=/etc/yum.repos.d/$item + action: copy src="{{ files }}/common/{{ item }}" dest="/etc/yum.repos.d/{{ item }}" with_items: - epel6.repo - rhel6.repo @@ -10,7 +10,7 @@ - packages - name: put fedora repos on x86 systems - action: copy src=$files/common/$item dest=/etc/yum.repos.d/$item + action: copy src="{{ files }}/common/{{ item }}" dest="/etc/yum.repos.d/{{ item }}" with_items: - fedora.repo - fedora-updates.repo @@ -21,7 +21,7 @@ - packages - name: put fedora repos on arm systems - action: copy src=$files/common/$item-arm dest=/etc/yum.repos.d/$item + action: copy src="{{ files }}/common/{{ item-arm }}" dest="/etc/yum.repos.d/{{ item }}" with_items: - fedora.repo - fedora-updates.repo @@ -32,7 +32,7 @@ - packages - name: add infrastructure repo - action: copy src=$files/common/$item dest=/etc/yum.repos.d/$item + action: copy src="{{ files }}/common/{{ item }}" dest="/etc/yum.repos.d/{{ item }}" with_items: - infrastructure.repo - infrastructure-testing.repo