freifunk/ansible-ffibk
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Retouch tasks due to 'become' defaults to True

Browse source
This commit is contained in:
Tobias Hachmer 2017-09-17 14:43:54 +02:00
parent 951ab924a5
commit 1c928881fc
14 changed files with 5 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
roles/ffmwu-build/handlers/main.yml
View file

@ -1,15 +1,12 @@
--- ---
- name: check apache syntax - name: check apache syntax
command: /usr/sbin/apachectl -t command: /usr/sbin/apachectl -t
become: true
- name: restart systemd unit apache2 - name: restart systemd unit apache2
systemd: systemd:
name: apache2 name: apache2
state: restarted state: restarted
become: true
- name: update apt cache - name: update apt cache
apt: apt:
update_cache: yes update_cache: yes
become: true

1
roles/ffmwu-build/tasks/git-repos.yml
View file

@ -4,3 +4,4 @@
repo: https://github.com/freifunk-mwu/sites-ffmwu.git repo: https://github.com/freifunk-mwu/sites-ffmwu.git
dest: /home/admin/clones/sites-ffmwu dest: /home/admin/clones/sites-ffmwu
version: stable version: stable
become: false

2
roles/git-fastd-peers/tasks/main.yml
View file

@ -30,6 +30,7 @@
dest: "/etc/fastd/{{ item.key }}VPN/peers" dest: "/etc/fastd/{{ item.key }}VPN/peers"
update: no update: no
with_dict: "{{ meshes }}" with_dict: "{{ meshes }}"
become: false
- name: clone fastd peer intragate repos - name: clone fastd peer intragate repos
git: git:
@ -37,3 +38,4 @@
dest: "/etc/fastd/{{ item.key }}igVPN/peers" dest: "/etc/fastd/{{ item.key }}igVPN/peers"
update: no update: no
with_dict: "{{ meshes }}" with_dict: "{{ meshes }}"
become: false

3
roles/git-repos/tasks/main.yml
View file

@ -5,7 +5,6 @@
state: present state: present
with_items: with_items:
- git - git
become: true
- name: ensure git directory is present - name: ensure git directory is present
file: file:
@ -14,10 +13,10 @@
mode: 0755 mode: 0755
owner: admin owner: admin
group: admin group: admin
become: true
- name: clone git repositories - name: clone git repositories
git: git:
repo: "{{ item.value.repo_url }}" repo: "{{ item.value.repo_url }}"
dest: "/home/admin/clones/{{ item.key }}" dest: "/home/admin/clones/{{ item.key }}"
with_dict: "{{ common_repos }}" with_dict: "{{ common_repos }}"
become: false

5
roles/localtestvm/tasks/loctevm-provide-prereq.inc.yml
View file

@ -18,15 +18,14 @@
- name: ensure admin user - name: ensure admin user
user: comment="FFMWU Administrator" name=admin shell=/bin/bash state=present user: comment="FFMWU Administrator" name=admin shell=/bin/bash state=present
become: True
- name: ensure users ssh key to admin user - name: ensure users ssh key to admin user
authorized_key: user=admin key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}" authorized_key: user=admin key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
exclusive=no exclusive=no
become: True
- name: ensure users ssh key to bootstrap user - name: ensure users ssh key to bootstrap user
authorized_key: user=hein key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}" authorized_key: user=hein key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
become: false
- name: ensure no-pw sudo capability for admin and bootstrap user - name: ensure no-pw sudo capability for admin and bootstrap user
lineinfile: lineinfile:
@ -35,8 +34,6 @@
line: "admin,hein ALL = (root) NOPASSWD: ALL" line: "admin,hein ALL = (root) NOPASSWD: ALL"
mode: 0440 mode: 0440
validate: visudo -c -f %s validate: visudo -c -f %s
become: True
- name: from this point on prevent pw for bootstrap user - name: from this point on prevent pw for bootstrap user
user: user=hein password=X user: user=hein password=X
become: True

1
roles/network-batman/handlers/main.yml
View file

@ -3,4 +3,3 @@
systemd: systemd:
name: sysfsutils name: sysfsutils
state: restarted state: restarted
become: true

1
roles/network-meshbridge/handlers/main.yml
View file

@ -3,4 +3,3 @@
systemd: systemd:
name: sysfsutils name: sysfsutils
state: restarted state: restarted
become: true

2
roles/service-bird-ffrl/handlers/main.yml
View file

@ -3,10 +3,8 @@
systemd: systemd:
name: bird name: bird
state: reloaded state: reloaded
become: true
- name: reload bird6 - name: reload bird6
systemd: systemd:
name: bird6 name: bird6
state: reloaded state: reloaded
become: true

2
roles/service-bird-ffrl/tasks/main.yml
View file

@ -10,7 +10,6 @@
with_items: with_items:
- 4 - 4
- 6 - 6
become: true
- name: write ffrl peer configuration - name: write ffrl peer configuration
template: template:
@ -23,4 +22,3 @@
with_items: with_items:
- 4 - 4
- 6 - 6
become: true

4
roles/service-bird-icvpn/handlers/main.yml
View file

@ -3,13 +3,11 @@
systemd: systemd:
name: bird name: bird
state: reloaded state: reloaded
become: true
- name: reload bird6 - name: reload bird6
systemd: systemd:
name: bird6 name: bird6
state: reloaded state: reloaded
become: true
- name: set file attrs 4 - name: set file attrs 4
file: file:
@ -17,7 +15,6 @@
mode: 0640 mode: 0640
owner: bird owner: bird
group: bird group: bird
become: true
- name: set file attrs 6 - name: set file attrs 6
file: file:
@ -25,4 +22,3 @@
mode: 0640 mode: 0640
owner: bird owner: bird
group: bird group: bird
become: true

3
roles/service-bird-icvpn/tasks/main.yml
View file

@ -10,7 +10,6 @@
with_items: with_items:
- 4 - 4
- 6 - 6
become: true
- name: write initial icvpn roa config - name: write initial icvpn roa config
shell: /usr/bin/python3 /home/admin/clones/icvpn-scripts/mkroa -{{ item.key }} -f bird -x mwu -m {{ item.value.max_prefix }} -s /home/admin/clones/icvpn-meta > /etc/bird/icvpn_ipv{{ item.key }}_roa.conf shell: /usr/bin/python3 /home/admin/clones/icvpn-scripts/mkroa -{{ item.key }} -f bird -x mwu -m {{ item.value.max_prefix }} -s /home/admin/clones/icvpn-meta > /etc/bird/icvpn_ipv{{ item.key }}_roa.conf
@ -25,7 +24,6 @@
max_prefix: 20 max_prefix: 20
6: 6:
max_prefix: 64 max_prefix: 64
become: true
- name: write icvpn bird configuration - name: write icvpn bird configuration
template: template:
@ -38,4 +36,3 @@
with_items: with_items:
- 4 - 4
- 6 - 6
become: true

3
roles/service-bird/handlers/main.yml
View file

@ -2,16 +2,13 @@
- name: reload systemd - name: reload systemd
systemd: systemd:
daemon_reload: yes daemon_reload: yes
become: true
- name: reload bird - name: reload bird
systemd: systemd:
name: bird name: bird
state: reloaded state: reloaded
become: true
- name: reload bird6 - name: reload bird6
systemd: systemd:
name: bird6 name: bird6
state: reloaded state: reloaded
become: true

1
roles/service-dhcpd/handlers/main.yml
View file

@ -4,4 +4,3 @@
name: isc-dhcp-server name: isc-dhcp-server
enabled: yes enabled: yes
state: restarted state: restarted
become: true

1
roles/service-haveged/handlers/main.yml
View file

@ -2,4 +2,3 @@
- name: reload systemd - name: reload systemd
systemd: systemd:
daemon_reload: yes daemon_reload: yes
become: true