Migrate all with_* loops to new loop directive

This commit is contained in:
Tobias Hachmer 2018-09-16 12:38:33 +02:00 committed by Julian Labus
parent 2b8ff2184c
commit 69a12e0696
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
35 changed files with 76 additions and 114 deletions

View file

@ -5,7 +5,7 @@
name: "{{ item }}" name: "{{ item }}"
update_cache: yes update_cache: yes
cache_valid_time: 21600 cache_valid_time: 21600
with_items: loop:
- build-essential - build-essential
- ecdsautils - ecdsautils
- gawk - gawk

View file

@ -0,0 +1,3 @@
---
git_packages:
- "git"

View file

@ -1,10 +1,8 @@
--- ---
- name: install git packages - name: install git packages
package: package:
name: "{{ item }}" name: "{{ git_packages }}"
state: present state: present
with_items:
- git
- name: ensure git directory is present - name: ensure git directory is present
file: file:
@ -20,5 +18,5 @@
dest: "/home/admin/clones/{{ item.key }}" dest: "/home/admin/clones/{{ item.key }}"
version: "{{ item.value.version }}" version: "{{ item.value.version }}"
force: "{{ item.value.force }}" force: "{{ item.value.force }}"
with_dict: "{{ common_repos }}" loop: "{{ common_repos | dict2items }}"
become: false become: false

View file

@ -0,0 +1,5 @@
---
batman_packages:
- "linux-headers-amd64"
- "batman-adv-dkms"
- "batctl"

View file

@ -1,12 +1,8 @@
--- ---
- name: install batman-module and linux headers - name: install batman-module and linux headers
package: package:
name: "{{ item }}" name: "{{ batman_packages }}"
state: present state: present
with_items:
- linux-headers-amd64
- batman-adv-dkms
- batctl
- name: configure batman module to load on system boot - name: configure batman module to load on system boot
template: template:

View file

@ -4,14 +4,14 @@
src: dummy.j2 src: dummy.j2
dest: "/etc/network/interfaces.d/{{ item.id }}0" dest: "/etc/network/interfaces.d/{{ item.id }}0"
notify: reload network interfaces notify: reload network interfaces
with_items: "{{ meshes }}" loop: "{{ meshes }}"
- name: create batman interfaces - name: create batman interfaces
template: template:
src: batman.j2 src: batman.j2
dest: "/etc/network/interfaces.d/{{ item.id }}bat" dest: "/etc/network/interfaces.d/{{ item.id }}bat"
notify: reload network interfaces notify: reload network interfaces
with_items: "{{ meshes }}" loop: "{{ meshes }}"
- name: flush handlers - name: flush handlers
meta: flush_handlers meta: flush_handlers

View file

@ -5,18 +5,14 @@
src: fastd-mesh.j2 src: fastd-mesh.j2
dest: "/etc/network/interfaces.d/{{ item.0.id }}vpn-{{ item.1.mtu }}" dest: "/etc/network/interfaces.d/{{ item.0.id }}vpn-{{ item.1.mtu }}"
notify: reload network interfaces notify: reload network interfaces
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: create fastd backbone interfaces - name: create fastd backbone interfaces
template: template:
src: fastd-backbone.j2 src: fastd-backbone.j2
dest: "/etc/network/interfaces.d/{{ item.0.id }}igvpn-{{ item.1.mtu }}" dest: "/etc/network/interfaces.d/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
notify: reload network interfaces notify: reload network interfaces
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
- name: flush handlers - name: flush handlers
meta: flush_handlers meta: flush_handlers

View file

@ -4,7 +4,7 @@
src: ffrl.j2 src: ffrl.j2
dest: "/etc/network/interfaces.d/{{ item.key }}" dest: "/etc/network/interfaces.d/{{ item.key }}"
notify: reload network interfaces notify: reload network interfaces
with_dict: "{{ ffrl_exit_server }}" loop: "{{ ffrl_exit_server | dict2items }}"
- name: create ffrl-nat dummy interface - name: create ffrl-nat dummy interface
template: template:

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- iptables - iptables
- iptables-persistent - iptables-persistent
@ -16,7 +16,7 @@
modprobe: modprobe:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- nf_conntrack - nf_conntrack
- nf_conntrack_ipv4 - nf_conntrack_ipv4
@ -25,7 +25,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"
state: present state: present
with_items: "{{ sysctl_settings_netfilter }}" loop: "{{ sysctl_settings_netfilter }}"
- name: write iptables configuration - name: write iptables configuration
template: template:

View file

@ -4,13 +4,13 @@
src: bridge.j2 src: bridge.j2
dest: "/etc/network/interfaces.d/{{ item.id }}br" dest: "/etc/network/interfaces.d/{{ item.id }}br"
notify: reload network interfaces notify: reload network interfaces
with_items: "{{ meshes }}" loop: "{{ meshes }}"
- name: set sysfs variables - name: set sysfs variables
template: template:
src: sysfs.j2 src: sysfs.j2
dest: "/etc/sysfs.d/99-{{ item.id }}br.conf" dest: "/etc/sysfs.d/99-{{ item.id }}br.conf"
with_items: "{{ meshes }}" loop: "{{ meshes }}"
notify: activate sysfs variables notify: activate sysfs variables
- name: flush handlers - name: flush handlers

View file

@ -5,4 +5,4 @@
regexp: '^{{ item.value }}' regexp: '^{{ item.value }}'
line: "{{ item.value }}{{ '\t' }}{{ item.key }}" line: "{{ item.value }}{{ '\t' }}{{ item.key }}"
state: present state: present
with_dict: "{{ routing_tables }}" loop: "{{ routing_tables | dict2items }}"

View file

@ -15,7 +15,7 @@
owner: root owner: root
group: root group: root
mode: 0750 mode: 0750
with_items: loop:
- ffmwu-add-static-routes.sh - ffmwu-add-static-routes.sh
- ffmwu-del-static-routes.sh - ffmwu-del-static-routes.sh
notify: restart systemd unit ffmwu-static-routes notify: restart systemd unit ffmwu-static-routes
@ -42,7 +42,7 @@
owner: root owner: root
group: root group: root
mode: 0750 mode: 0750
with_items: loop:
- ffmwu-add-ip-rules.sh - ffmwu-add-ip-rules.sh
- ffmwu-del-ip-rules.sh - ffmwu-del-ip-rules.sh
notify: restart systemd unit ffmwu-ip-rules notify: restart systemd unit ffmwu-ip-rules
@ -58,7 +58,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"
state: present state: present
with_items: "{{ sysctl_settings_routing_basic }}" loop: "{{ sysctl_settings_routing_basic }}"
- name: set gateway sysctl settings for routing - name: set gateway sysctl settings for routing
when: ffmwu_server_type == "gateway" when: ffmwu_server_type == "gateway"
@ -66,4 +66,4 @@
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"
state: present state: present
with_items: "{{ sysctl_settings_routing_gateway }}" loop: "{{ sysctl_settings_routing_gateway }}"

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- dirmngr - dirmngr
- apt-transport-https - apt-transport-https
@ -19,4 +19,4 @@
repo: "{{ item.repo }}" repo: "{{ item.repo }}"
update_cache: "{{ item.update_cache }}" update_cache: "{{ item.update_cache }}"
filename: "{{ item.name }}" filename: "{{ item.name }}"
with_items: "{{ repos }}" loop: "{{ repos }}"

View file

@ -18,9 +18,8 @@
- name: ensure common packages are installed - name: ensure common packages are installed
package: package:
name: "{{ item }}" name: "{{ packages }}"
state: present state: present
with_items: "{{ packages }}"
- name: ensure vim is default editor - name: ensure vim is default editor
alternatives: alternatives:

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- bind9 - bind9
- bind9-doc - bind9-doc
- bind9utils - bind9utils
@ -43,7 +43,7 @@
group: bind group: bind
mode: 0644 mode: 0644
notify: restart bind9 notify: restart bind9
with_items: "{{ meshes }}" loop: "{{ meshes }}"
- name: write initial icvpn bind config - name: write initial icvpn bind config
shell: /usr/bin/python3 /home/admin/clones/icvpn-scripts/mkdns -f bind -x mwu -x bingen -s /home/admin/clones/icvpn-meta > /etc/bind/named.conf.icvpn shell: /usr/bin/python3 /home/admin/clones/icvpn-scripts/mkdns -f bind -x mwu -x bingen -s /home/admin/clones/icvpn-meta > /etc/bind/named.conf.icvpn

View file

@ -52,7 +52,7 @@
owner: admin owner: admin
group: bird group: bird
notify: reload systemd unit bird notify: reload systemd unit bird
with_items: loop:
- /etc/bird/icvpn_ipv4_peers.conf - /etc/bird/icvpn_ipv4_peers.conf
- /etc/bird/icvpn_ipv4_roa.conf - /etc/bird/icvpn_ipv4_roa.conf
@ -63,7 +63,7 @@
owner: admin owner: admin
group: bird group: bird
notify: reload systemd unit bird6 notify: reload systemd unit bird6
with_items: loop:
- /etc/bird/icvpn_ipv6_peers.conf - /etc/bird/icvpn_ipv6_peers.conf
- /etc/bird/icvpn_ipv6_roa.conf - /etc/bird/icvpn_ipv6_roa.conf

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- bird-bgp - bird-bgp
- bird-doc - bird-doc
@ -54,6 +54,6 @@
name: bird{{ item }} name: bird{{ item }}
enabled: yes enabled: yes
state: started state: started
with_items: loop:
- "" - ""
- 6 - 6

View file

@ -1,9 +1,8 @@
--- ---
- name: install dhcp packages - name: install dhcp packages
package: package:
name: "{{ item }}" name: "{{ kea_packages }}"
state: present state: present
with_items: "{{ kea_packages }}"
- name: create systemd override dir for kea-dhcp4-server.service - name: create systemd override dir for kea-dhcp4-server.service
file: file:

View file

@ -3,6 +3,4 @@
systemd: systemd:
name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}" name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
state: restarted state: restarted
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances

View file

@ -4,9 +4,7 @@
path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}" path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
state: directory state: directory
mode: 0755 mode: 0755
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
- name: create fastd peer backbone directories - name: create fastd peer backbone directories
file: file:
@ -15,9 +13,7 @@
mode: 0755 mode: 0755
owner: admin owner: admin
group: admin group: admin
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
- name: clone fastd peer backbone repos - name: clone fastd peer backbone repos
git: git:
@ -25,9 +21,7 @@
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers" dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
version: "{{ item.1.peers.version }}" version: "{{ item.1.peers.version }}"
update: yes update: yes
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
become: false become: false
- name: template fastd backbone config - name: template fastd backbone config
@ -35,24 +29,18 @@
src: fastd-backbone.conf.j2 src: fastd-backbone.conf.j2
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/fastd.conf" dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/fastd.conf"
notify: restart fastd backbone instances notify: restart fastd backbone instances
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
- name: write fastd backbone secret - name: write fastd backbone secret
template: template:
src: fastd-secret.conf.j2 src: fastd-secret.conf.j2
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/secret.conf" dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/secret.conf"
notify: restart fastd backbone instances notify: restart fastd backbone instances
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances
- name: configure systemd unit fastd@ - name: configure systemd unit fastd@
systemd: systemd:
name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}" name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
enabled: yes enabled: yes
state: started state: started
with_subelements: loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- "{{ meshes }}"
- fastd.backbone.instances

View file

@ -7,6 +7,4 @@
systemd: systemd:
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}" name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
state: restarted state: restarted
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances

View file

@ -4,9 +4,7 @@
path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}" path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}"
state: directory state: directory
mode: 0755 mode: 0755
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: create fastd peer mesh directories - name: create fastd peer mesh directories
file: file:
@ -15,9 +13,7 @@
mode: 0755 mode: 0755
owner: admin owner: admin
group: admin group: admin
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: create fastd peer mesh directories for ffbin - name: create fastd peer mesh directories for ffbin
file: file:
@ -26,7 +22,7 @@
mode: 0755 mode: 0755
owner: admin owner: admin
group: admin group: admin
with_items: loop:
- 1406 - 1406
- 1312 - 1312
@ -36,9 +32,7 @@
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers" dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
version: "{{ item.1.peers.version }}" version: "{{ item.1.peers.version }}"
update: no update: no
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
become: false become: false
- name: clone fastd peer mesh repo for ffbin - name: clone fastd peer mesh repo for ffbin
@ -47,7 +41,7 @@
dest: "/etc/fastd/mzvpn-{{ item }}/peers_bingen" dest: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
version: master version: master
update: no update: no
with_items: loop:
- 1406 - 1406
- 1312 - 1312
become: false become: false
@ -57,18 +51,14 @@
src: fastd-mesh.conf.j2 src: fastd-mesh.conf.j2
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/fastd.conf" dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/fastd.conf"
notify: restart fastd mesh instances notify: restart fastd mesh instances
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: write fastd mesh secret - name: write fastd mesh secret
template: template:
src: fastd-secret.conf.j2 src: fastd-secret.conf.j2
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/secret.conf" dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/secret.conf"
notify: restart fastd mesh instances notify: restart fastd mesh instances
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: copy peer_limit.conf if not exist - name: copy peer_limit.conf if not exist
copy: copy:
@ -79,9 +69,7 @@
mode: 0640 mode: 0640
force: no force: no
notify: restart fastd mesh instances notify: restart fastd mesh instances
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: set file attributes for peer_limit.conf - name: set file attributes for peer_limit.conf
file: file:
@ -90,9 +78,7 @@
owner: admin owner: admin
group: admin group: admin
notify: restart fastd mesh instances notify: restart fastd mesh instances
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances
- name: write systemd unit fastd-sync-meshkeys.service - name: write systemd unit fastd-sync-meshkeys.service
template: template:
@ -151,7 +137,7 @@
name: "{{ item }}.timer" name: "{{ item }}.timer"
enabled: yes enabled: yes
state: started state: started
with_items: loop:
- fastd-sync-meshkeys - fastd-sync-meshkeys
- fastd-peer-limit-update - fastd-peer-limit-update
@ -160,6 +146,4 @@
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}" name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
enabled: yes enabled: yes
state: started state: started
with_subelements: loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- "{{ meshes }}"
- fastd.nodes.instances

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- fastd - fastd
- git - git

View file

@ -11,7 +11,7 @@
repo: "{{ item }}" repo: "{{ item }}"
update_cache: yes update_cache: yes
filename: nginx filename: nginx
with_items: loop:
- deb http://nginx.org/packages/debian/ stretch nginx - deb http://nginx.org/packages/debian/ stretch nginx
- deb-src http://nginx.org/packages/debian/ stretch nginx - deb-src http://nginx.org/packages/debian/ stretch nginx

View file

@ -9,7 +9,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- ntp - ntp
- ntp-doc - ntp-doc
- ntpdate - ntpdate

View file

@ -1,9 +1,8 @@
--- ---
- name: install postfix packages - name: install postfix packages
package: package:
name: "{{ item }}" name: "{{ nullmailer_packages }}"
state: present state: present
with_items: "{{ nullmailer_packages }}"
- name: write /etc/mailname - name: write /etc/mailname
template: template:

View file

@ -29,7 +29,7 @@
src: "{{ alertmanager_daemon_dir }}/{{ item }}" src: "{{ alertmanager_daemon_dir }}/{{ item }}"
dest: "/usr/local/bin/{{ item }}" dest: "/usr/local/bin/{{ item }}"
state: link state: link
with_items: loop:
- "alertmanager" - "alertmanager"
- "amtool" - "amtool"
@ -40,8 +40,7 @@
owner: "{{ prometheus_user }}" owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}" group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
with_items: loop: "{{ alertmanager_db_path }}"
- "{{ alertmanager_db_path }}"
- name: copy alertmanager systemd config - name: copy alertmanager systemd config
template: template:

View file

@ -21,7 +21,7 @@
owner: "{{ prometheus_user }}" owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}" group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
with_items: loop:
- "{{ prometheus_install_path }}" - "{{ prometheus_install_path }}"
- "{{ prometheus_config_path }}" - "{{ prometheus_config_path }}"

View file

@ -25,7 +25,7 @@
src: "{{ prometheus_daemon_dir }}/{{ item }}" src: "{{ prometheus_daemon_dir }}/{{ item }}"
dest: "/usr/local/bin/{{ item }}" dest: "/usr/local/bin/{{ item }}"
state: link state: link
with_items: loop:
- "prometheus" - "prometheus"
- "promtool" - "promtool"
@ -36,7 +36,7 @@
owner: "{{ prometheus_user }}" owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}" group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
with_items: loop:
- "{{ prometheus_rule_path }}" - "{{ prometheus_rule_path }}"
- "{{ prometheus_file_sd_config_path }}" - "{{ prometheus_file_sd_config_path }}"
- "{{ prometheus_db_path }}" - "{{ prometheus_db_path }}"
@ -54,7 +54,7 @@
src: "{{ playbook_dir }}/{{ item.value.src }}" src: "{{ playbook_dir }}/{{ item.value.src }}"
dest: "{{ prometheus_rule_path }}/{{ item.value.dest }}" dest: "{{ prometheus_rule_path }}/{{ item.value.dest }}"
validate: "{{ prometheus_daemon_dir }}/promtool check rules %s" validate: "{{ prometheus_daemon_dir }}/promtool check rules %s"
with_dict: '{{ prometheus_rule_files | default({}) }}' loop: '{{ prometheus_rule_files | dict2items | default({}) }}'
notify: notify:
- restart prometheus - restart prometheus

View file

@ -7,4 +7,4 @@
systemd: systemd:
name: "respondd-{{ item.id }}" name: "respondd-{{ item.id }}"
state: restarted state: restarted
with_items: "{{ meshes }}" loop: "{{ meshes }}"

View file

@ -29,11 +29,11 @@
notify: notify:
- reload systemd - reload systemd
- restart respondd - restart respondd
with_items: "{{ meshes }}" loop: "{{ meshes }}"
- name: configure systemd unit files - name: configure systemd unit files
systemd: systemd:
name: "respondd-{{ item.id }}" name: "respondd-{{ item.id }}"
enabled: yes enabled: yes
state: started state: started
with_items: "{{ meshes }}" loop: "{{ meshes }}"

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- tinc - tinc
- name: clone icvpn repo - name: clone icvpn repo

View file

@ -3,7 +3,7 @@
package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: loop:
- vnstat - vnstat
- vnstati - vnstati

View file

@ -4,7 +4,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"
state: present state: present
with_items: "{{ sysctl_settings }}" loop: "{{ sysctl_settings }}"
- name: create systemd override dir for systemd-sysctl.service - name: create systemd override dir for systemd-sysctl.service
file: file:

View file

@ -11,7 +11,7 @@
shell: "{{ item.shell }}" shell: "{{ item.shell }}"
home: "{{ item.home }}" home: "{{ item.home }}"
state: "{{ item.state }}" state: "{{ item.state }}"
with_items: "{{ system_users }}" loop: "{{ system_users }}"
- name: ensure ssh config directory is present - name: ensure ssh config directory is present
file: file:
@ -20,7 +20,7 @@
owner: "{{ item.name }}" owner: "{{ item.name }}"
group: "{{ item.name }}" group: "{{ item.name }}"
mode: '0700' mode: '0700'
with_items: "{{ system_users }}" loop: "{{ system_users }}"
- name: configure ssh public keys - name: configure ssh public keys
template: template:
@ -29,7 +29,7 @@
owner: "{{ item.name }}" owner: "{{ item.name }}"
group: "{{ item.name }}" group: "{{ item.name }}"
mode: '0600' mode: '0600'
with_items: "{{ system_users }}" loop: "{{ system_users }}"
- name: configure passwordless sudo access - name: configure passwordless sudo access
template: template:
@ -39,7 +39,7 @@
group: root group: root
mode: '0440' mode: '0440'
validate: "/usr/sbin/visudo -cf %s" validate: "/usr/sbin/visudo -cf %s"
with_items: "{{ system_users }}" loop: "{{ system_users }}"
- name: remove admin lines from /etc/sudoers - name: remove admin lines from /etc/sudoers
lineinfile: lineinfile: