Migrate all with_* loops to new loop directive

This commit is contained in:
Tobias Hachmer 2018-09-16 12:38:33 +02:00 committed by Julian Labus
parent 2b8ff2184c
commit 69a12e0696
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
35 changed files with 76 additions and 114 deletions

View file

@ -5,7 +5,7 @@
name: "{{ item }}"
update_cache: yes
cache_valid_time: 21600
with_items:
loop:
- build-essential
- ecdsautils
- gawk

View file

@ -0,0 +1,3 @@
---
git_packages:
- "git"

View file

@ -1,10 +1,8 @@
---
- name: install git packages
package:
name: "{{ item }}"
name: "{{ git_packages }}"
state: present
with_items:
- git
- name: ensure git directory is present
file:
@ -20,5 +18,5 @@
dest: "/home/admin/clones/{{ item.key }}"
version: "{{ item.value.version }}"
force: "{{ item.value.force }}"
with_dict: "{{ common_repos }}"
loop: "{{ common_repos | dict2items }}"
become: false

View file

@ -0,0 +1,5 @@
---
batman_packages:
- "linux-headers-amd64"
- "batman-adv-dkms"
- "batctl"

View file

@ -1,12 +1,8 @@
---
- name: install batman-module and linux headers
package:
name: "{{ item }}"
name: "{{ batman_packages }}"
state: present
with_items:
- linux-headers-amd64
- batman-adv-dkms
- batctl
- name: configure batman module to load on system boot
template:

View file

@ -4,14 +4,14 @@
src: dummy.j2
dest: "/etc/network/interfaces.d/{{ item.id }}0"
notify: reload network interfaces
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
- name: create batman interfaces
template:
src: batman.j2
dest: "/etc/network/interfaces.d/{{ item.id }}bat"
notify: reload network interfaces
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
- name: flush handlers
meta: flush_handlers

View file

@ -5,18 +5,14 @@
src: fastd-mesh.j2
dest: "/etc/network/interfaces.d/{{ item.0.id }}vpn-{{ item.1.mtu }}"
notify: reload network interfaces
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: create fastd backbone interfaces
template:
src: fastd-backbone.j2
dest: "/etc/network/interfaces.d/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
notify: reload network interfaces
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- name: flush handlers
meta: flush_handlers

View file

@ -4,7 +4,7 @@
src: ffrl.j2
dest: "/etc/network/interfaces.d/{{ item.key }}"
notify: reload network interfaces
with_dict: "{{ ffrl_exit_server }}"
loop: "{{ ffrl_exit_server | dict2items }}"
- name: create ffrl-nat dummy interface
template:

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- iptables
- iptables-persistent
@ -16,7 +16,7 @@
modprobe:
name: "{{ item }}"
state: present
with_items:
loop:
- nf_conntrack
- nf_conntrack_ipv4
@ -25,7 +25,7 @@
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
with_items: "{{ sysctl_settings_netfilter }}"
loop: "{{ sysctl_settings_netfilter }}"
- name: write iptables configuration
template:

View file

@ -4,13 +4,13 @@
src: bridge.j2
dest: "/etc/network/interfaces.d/{{ item.id }}br"
notify: reload network interfaces
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
- name: set sysfs variables
template:
src: sysfs.j2
dest: "/etc/sysfs.d/99-{{ item.id }}br.conf"
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
notify: activate sysfs variables
- name: flush handlers

View file

@ -5,4 +5,4 @@
regexp: '^{{ item.value }}'
line: "{{ item.value }}{{ '\t' }}{{ item.key }}"
state: present
with_dict: "{{ routing_tables }}"
loop: "{{ routing_tables | dict2items }}"

View file

@ -15,7 +15,7 @@
owner: root
group: root
mode: 0750
with_items:
loop:
- ffmwu-add-static-routes.sh
- ffmwu-del-static-routes.sh
notify: restart systemd unit ffmwu-static-routes
@ -42,7 +42,7 @@
owner: root
group: root
mode: 0750
with_items:
loop:
- ffmwu-add-ip-rules.sh
- ffmwu-del-ip-rules.sh
notify: restart systemd unit ffmwu-ip-rules
@ -58,7 +58,7 @@
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
with_items: "{{ sysctl_settings_routing_basic }}"
loop: "{{ sysctl_settings_routing_basic }}"
- name: set gateway sysctl settings for routing
when: ffmwu_server_type == "gateway"
@ -66,4 +66,4 @@
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
with_items: "{{ sysctl_settings_routing_gateway }}"
loop: "{{ sysctl_settings_routing_gateway }}"

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- dirmngr
- apt-transport-https
@ -19,4 +19,4 @@
repo: "{{ item.repo }}"
update_cache: "{{ item.update_cache }}"
filename: "{{ item.name }}"
with_items: "{{ repos }}"
loop: "{{ repos }}"

View file

@ -18,9 +18,8 @@
- name: ensure common packages are installed
package:
name: "{{ item }}"
name: "{{ packages }}"
state: present
with_items: "{{ packages }}"
- name: ensure vim is default editor
alternatives:

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- bind9
- bind9-doc
- bind9utils
@ -43,7 +43,7 @@
group: bind
mode: 0644
notify: restart bind9
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
- name: write initial icvpn bind config
shell: /usr/bin/python3 /home/admin/clones/icvpn-scripts/mkdns -f bind -x mwu -x bingen -s /home/admin/clones/icvpn-meta > /etc/bind/named.conf.icvpn

View file

@ -52,7 +52,7 @@
owner: admin
group: bird
notify: reload systemd unit bird
with_items:
loop:
- /etc/bird/icvpn_ipv4_peers.conf
- /etc/bird/icvpn_ipv4_roa.conf
@ -63,7 +63,7 @@
owner: admin
group: bird
notify: reload systemd unit bird6
with_items:
loop:
- /etc/bird/icvpn_ipv6_peers.conf
- /etc/bird/icvpn_ipv6_roa.conf

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- bird-bgp
- bird-doc
@ -54,6 +54,6 @@
name: bird{{ item }}
enabled: yes
state: started
with_items:
loop:
- ""
- 6

View file

@ -1,9 +1,8 @@
---
- name: install dhcp packages
package:
name: "{{ item }}"
name: "{{ kea_packages }}"
state: present
with_items: "{{ kea_packages }}"
- name: create systemd override dir for kea-dhcp4-server.service
file:

View file

@ -3,6 +3,4 @@
systemd:
name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
state: restarted
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"

View file

@ -4,9 +4,7 @@
path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
state: directory
mode: 0755
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- name: create fastd peer backbone directories
file:
@ -15,9 +13,7 @@
mode: 0755
owner: admin
group: admin
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- name: clone fastd peer backbone repos
git:
@ -25,9 +21,7 @@
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
version: "{{ item.1.peers.version }}"
update: yes
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
become: false
- name: template fastd backbone config
@ -35,24 +29,18 @@
src: fastd-backbone.conf.j2
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/fastd.conf"
notify: restart fastd backbone instances
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- name: write fastd backbone secret
template:
src: fastd-secret.conf.j2
dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/secret.conf"
notify: restart fastd backbone instances
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
- name: configure systemd unit fastd@
systemd:
name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
enabled: yes
state: started
with_subelements:
- "{{ meshes }}"
- fastd.backbone.instances
loop: "{{ meshes | subelements('fastd.backbone.instances') }}"

View file

@ -7,6 +7,4 @@
systemd:
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
state: restarted
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"

View file

@ -4,9 +4,7 @@
path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}"
state: directory
mode: 0755
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: create fastd peer mesh directories
file:
@ -15,9 +13,7 @@
mode: 0755
owner: admin
group: admin
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: create fastd peer mesh directories for ffbin
file:
@ -26,7 +22,7 @@
mode: 0755
owner: admin
group: admin
with_items:
loop:
- 1406
- 1312
@ -36,9 +32,7 @@
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
version: "{{ item.1.peers.version }}"
update: no
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
become: false
- name: clone fastd peer mesh repo for ffbin
@ -47,7 +41,7 @@
dest: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
version: master
update: no
with_items:
loop:
- 1406
- 1312
become: false
@ -57,18 +51,14 @@
src: fastd-mesh.conf.j2
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/fastd.conf"
notify: restart fastd mesh instances
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: write fastd mesh secret
template:
src: fastd-secret.conf.j2
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/secret.conf"
notify: restart fastd mesh instances
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: copy peer_limit.conf if not exist
copy:
@ -79,9 +69,7 @@
mode: 0640
force: no
notify: restart fastd mesh instances
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: set file attributes for peer_limit.conf
file:
@ -90,9 +78,7 @@
owner: admin
group: admin
notify: restart fastd mesh instances
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: write systemd unit fastd-sync-meshkeys.service
template:
@ -151,7 +137,7 @@
name: "{{ item }}.timer"
enabled: yes
state: started
with_items:
loop:
- fastd-sync-meshkeys
- fastd-peer-limit-update
@ -160,6 +146,4 @@
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
enabled: yes
state: started
with_subelements:
- "{{ meshes }}"
- fastd.nodes.instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- fastd
- git

View file

@ -11,7 +11,7 @@
repo: "{{ item }}"
update_cache: yes
filename: nginx
with_items:
loop:
- deb http://nginx.org/packages/debian/ stretch nginx
- deb-src http://nginx.org/packages/debian/ stretch nginx

View file

@ -9,7 +9,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- ntp
- ntp-doc
- ntpdate

View file

@ -1,9 +1,8 @@
---
- name: install postfix packages
package:
name: "{{ item }}"
name: "{{ nullmailer_packages }}"
state: present
with_items: "{{ nullmailer_packages }}"
- name: write /etc/mailname
template:

View file

@ -29,7 +29,7 @@
src: "{{ alertmanager_daemon_dir }}/{{ item }}"
dest: "/usr/local/bin/{{ item }}"
state: link
with_items:
loop:
- "alertmanager"
- "amtool"
@ -40,8 +40,7 @@
owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o="
with_items:
- "{{ alertmanager_db_path }}"
loop: "{{ alertmanager_db_path }}"
- name: copy alertmanager systemd config
template:

View file

@ -21,7 +21,7 @@
owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o="
with_items:
loop:
- "{{ prometheus_install_path }}"
- "{{ prometheus_config_path }}"

View file

@ -25,7 +25,7 @@
src: "{{ prometheus_daemon_dir }}/{{ item }}"
dest: "/usr/local/bin/{{ item }}"
state: link
with_items:
loop:
- "prometheus"
- "promtool"
@ -36,7 +36,7 @@
owner: "{{ prometheus_user }}"
group: "{{ prometheus_group }}"
mode: "u=rwx,g=rx,o="
with_items:
loop:
- "{{ prometheus_rule_path }}"
- "{{ prometheus_file_sd_config_path }}"
- "{{ prometheus_db_path }}"
@ -54,7 +54,7 @@
src: "{{ playbook_dir }}/{{ item.value.src }}"
dest: "{{ prometheus_rule_path }}/{{ item.value.dest }}"
validate: "{{ prometheus_daemon_dir }}/promtool check rules %s"
with_dict: '{{ prometheus_rule_files | default({}) }}'
loop: '{{ prometheus_rule_files | dict2items | default({}) }}'
notify:
- restart prometheus

View file

@ -7,4 +7,4 @@
systemd:
name: "respondd-{{ item.id }}"
state: restarted
with_items: "{{ meshes }}"
loop: "{{ meshes }}"

View file

@ -29,11 +29,11 @@
notify:
- reload systemd
- restart respondd
with_items: "{{ meshes }}"
loop: "{{ meshes }}"
- name: configure systemd unit files
systemd:
name: "respondd-{{ item.id }}"
enabled: yes
state: started
with_items: "{{ meshes }}"
loop: "{{ meshes }}"

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- tinc
- name: clone icvpn repo

View file

@ -3,7 +3,7 @@
package:
name: "{{ item }}"
state: present
with_items:
loop:
- vnstat
- vnstati

View file

@ -4,7 +4,7 @@
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
with_items: "{{ sysctl_settings }}"
loop: "{{ sysctl_settings }}"
- name: create systemd override dir for systemd-sysctl.service
file:

View file

@ -11,7 +11,7 @@
shell: "{{ item.shell }}"
home: "{{ item.home }}"
state: "{{ item.state }}"
with_items: "{{ system_users }}"
loop: "{{ system_users }}"
- name: ensure ssh config directory is present
file:
@ -20,7 +20,7 @@
owner: "{{ item.name }}"
group: "{{ item.name }}"
mode: '0700'
with_items: "{{ system_users }}"
loop: "{{ system_users }}"
- name: configure ssh public keys
template:
@ -29,7 +29,7 @@
owner: "{{ item.name }}"
group: "{{ item.name }}"
mode: '0600'
with_items: "{{ system_users }}"
loop: "{{ system_users }}"
- name: configure passwordless sudo access
template:
@ -39,7 +39,7 @@
group: root
mode: '0440'
validate: "/usr/sbin/visudo -cf %s"
with_items: "{{ system_users }}"
loop: "{{ system_users }}"
- name: remove admin lines from /etc/sudoers
lineinfile: