moved apt and pip package handling to sparate role - first step to streamline roles

roles/ffmwu-meshing/meta/main.yml

@@ -1,4 +1,8 @@
 ---
 
 dependencies:
-- ffmwu-server
+- { role: ffmwu-server }
+- { role: packages, pkg_repo_list: "{{meshing_pkg_repo_list}}",
+                    pkg_pkg_list: "{{meshing_pkg_pkg_list}}",
+                    pkg_pip_list: "{{meshing_pkg_pip_list}}",
+                    really_do: "{{ansible_managed_meshing}}" }

roles/ffmwu-meshing/tasks/main.yml

@@ -8,8 +8,6 @@
   when: (not ansible_managed_meshing is defined) or (not ansible_managed_meshing)
 
 - block:
-    # arp and python packages
-  - include: packages.yml
 
     # backend scripts
   - include: backend-scripts.yml

roles/ffmwu-meshing/tasks/packages.yml

@@ -1,29 +0,0 @@
----
-
-- include: repos.yml
-
-- name: ensure mandatory packages
-  apt:
-    state: present
-    name: "{{mwu_m_item}}"
-    update_cache: yes
-    cache_valid_time: 21600
-  with_items:
-    - git
-    - haveged
-    - python3-pip
-    - fastd
-    - batctl
-    - batman-adv-source
-  loop_control:
-    loop_var: mwu_m_item
-  become: True
-
-- name: ensure manatory python libs
-  pip: name={{mwu_m_item}} executable=pip3
-  with_items:
-    - py-cpuinfo
-#    - photon_core
-  loop_control:
-    loop_var: mwu_m_item
-  become: True

roles/ffmwu-meshing/tasks/repos.yml

@@ -1,39 +0,0 @@
----
-
-- name: ensure neoraider key for fastd package
-  apt_key:
-    state: present
-    id: 16EF3F64CB201D9C
-    keyserver: keyserver.ubuntu.com
-  become: True
-
-- name: ensure neoraider fastd repo
-  apt_repository:
-    state: present
-    repo: 'deb https://repo.universe-factory.net/debian/ sid main'
-    update_cache: no
-    filename: freifunk
-  become: True
-
-- name: ensure freifunk-mwu key for batman package
-  apt_key:
-    state: present
-    id: 286CC7A4
-    keyserver: keyserver.ubuntu.com
-  become: True
-
-- name: ensure freifunk-mwu batman repo
-  apt_repository:
-    state: present
-    repo: 'deb http://ppa.launchpad.net/freifunk-mwu/batman-adv/ubuntu trusty main'
-    update_cache: no
-    filename: freifunk
-  become: True
-
-- name: ensure freifunk-mwu batman source repo
-  apt_repository:
-    state: present
-    repo: 'deb-src http://ppa.launchpad.net/freifunk-mwu/batman-adv/ubuntu trusty main'
-    update_cache: yes
-    filename: freifunk
-  become: True

roles/ffmwu-meshing/vars/main.yml

@@ -0,0 +1,33 @@
+---
+
+meshing_pkg_repo_list:
+  repo_keys:
+  - neoraider:
+    id: "16EF3F64CB201D9C"
+    server: keyserver.ubuntu.com
+  - freifunk-mwu:
+    id: "286CC7A4"
+    server: keyserver.ubuntu.com
+  repos:
+  - fastd:
+    repo: 'deb https://repo.universe-factory.net/debian/ sid main'
+    update_cache: no
+  - batman:
+    repo: 'deb http://ppa.launchpad.net/freifunk-mwu/batman-adv/ubuntu trusty main'
+    update_cache: no
+  - batman_src:
+    repo: 'deb-src http://ppa.launchpad.net/freifunk-mwu/batman-adv/ubuntu trusty main'
+    update_cache: yes
+
+meshing_pkg_pkg_list:
+- git
+- haveged
+- python3-pip
+- fastd
+- batctl
+- batman-adv-source
+
+meshing_pkg_pip_list: # example
+- py-cpuinfo
+
+#- photon_core

roles/ffmwu-server/meta/main.yml

@@ -1,3 +1,7 @@
 ---
 dependencies:
-- ffmwu-prereqs
+- { role: ffmwu-prereqs }
+- { role: packages, server_pkg_repo_list: "{{meshing_pkg_repo_list}}",
+                    server_pkg_pkg_list: "{{meshing_pkg_pkg_list}}",
+                    server_pkg_pip_list: "{{meshing_pkg_pip_list}}",
+                    really_do: "{{ansible_managed_server}}" }

roles/ffmwu-server/tasks/main.yml

@@ -16,27 +16,6 @@
     authorized_key: exclusive=True state=present user=admin
                 key={{ mwu_s_admin_keys ~ ( h_v_add_auth_keys | default('') ) }}
 
-  - name: ensure some basic packages
-    apt:
-      state: present
-      name: "{{mwu_s_item}}"
-      update_cache: yes
-      cache_valid_time: 21600
-    with_items:
-      - software-properties-common
-      - apt-transport-https
-      - man-db
-      - mosh
-      - ntp
-      - sudo
-      - sysfsutils
-      - vim
-      - vnstat
-      - vnstati
-    loop_control:
-      loop_var: mwu_s_item
-    become: True
-
   - name: ensure vim is default editor
     alternatives: name=editor path=/usr/bin/vim.basic
     become: True

roles/ffmwu-server/vars/main.yml

@@ -1,5 +1,25 @@
 ---
 
+# for package role :::::::::::::::::::::::::::::::::::::::::::::::::
+
+# not def: server_pkg_repo_list
+
+server_pkg_pkg_list:
+- software-properties-common
+- apt-transport-https
+- man-db
+- mosh
+- ntp
+- sudo
+- sysfsutils
+- vim
+- vnstat
+- vnstati
+
+# not def: server_pkg_pip_list
+
+# for tasks ::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+
 mwu_s_admin_keys: |
     ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA2ProGXZXgOu1qAkY1COL4vvIdMpBAi/eg7/SvQRUrm1H8typyJHJPOvaMO8ozm9r4HQ7hZRL6Mf25IhTx9HFvlKwEbMpqUrIudBV/r07E0q4fjWWEY3OTUjSOUkArviKnYzhM8zYD9pSq6gXcCBXVGgNZsIEIeESvct/p8gB2dPI0DB81HEimCWHu1ge6KqClukxQZtmszT8rQZKWFK/yJkEBdAJtfcZSJg0IhqfJ7Zhuu4qPc8uAy7EkdsaidbU09tWVxdhHD27JAh3gFr62f+L4D9OKhl96sopEqkJmsYQe9GgjoUiKYD4DAvOWU3MmNsgc6xwRmgsaYcQaHVZEy/uF2XCLN1Ahq6UI6R/RDrMkxNVR+AF6BKagPGiId9UTNWM1BvARAMBjakptW6rU3Bwb8In3vItQT9rhG6RQcCBuAqLphXXqlGNsPDeY1E/T9uYRfeS6MIE+3VwuC2Q/NVWMXa2np9JgCjC29ur1w1+BiBeU3iwv+shHqq0zoNyX/EizkPuG8IyK1MrVY1sOUVcQzFFV+PMn8DMWgJpm0eeXJyxa3KBTovtINsFCWfDWtojkB0aC5/XKZAbVC4pOKNRROctRpcdLERNqV9dZ5TkIriB1N2/Z48hjQPimjlFrR8+v1pt37YP/2lvAbOf1sTysu8ey9pFTt7jiiTR5NM= kaba
     ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9iZOonZ/WGmtgpZgs9vibpq6HJhpvuciBa8vzjysIYYiqNGgLvtZxw/2Af0/ykTdsP09A28RVGJXel6u8I2b16a0e+H2yBbUn8pXFow8xODPXezN0J/U7CDb8mRF9SkBJEzqVt1ndchJWU/qTi/nqbPfNaurB8EXkIDGcmDiCci25RVBDUvSSQBP+XIxQICJgeJ66CYcrD1Sry65H8tVSsWr6+fruNFZQRYyxAFu/7wW3J/RfFJQJFF9WNRzspChsjYRqrYdZCCx6GZ0qQxK4hwqfVbv3cPjZGFfcLrQaOCUMIiDUVEVmmdp0phE7eYDYewxD2Yaw1+fIJ+hWal6F moritz@wwwserv.de

roles/packages/read.me

@@ -0,0 +1,32 @@
+This role installs apt and python packages on the target host. Necessary
+apt repos can be defined.
+It expects the arguments pkg_repo_list, pkg_pkg_list and pkg_pip_list
+to be filled. If any argument is undefined, the repectibe action will
+be skipped. See below for examples.
+
+pkg_repo_list: # example
+  repo_keys:
+  - cool_guy:
+    id: "67678686"
+    server: keyserver.ubuntu.com
+  - smart_guy:
+    id: "2f2f2f2f2"
+    server: keyserver.ubuntu.com
+  repos:
+  - cool_game:
+    repo: 'deb http://ppa.launchpad.net/cool/game/ubuntu trusty main'
+    update_cache: no
+  - smart_tool:
+    repo: 'deb http://ppa.launchpad.net/samrt/tool/ubuntu trusty main'
+    update_cache: yes   # smart to have yes on last and only last entry
+
+pkg_pkg_list: # example
+- cool-game
+- smart-tool
+- python3-pip   # remember this one when wanting to use pkg_pip_list
+
+pkg_pip_list: # example
+- smart-tool-py-interface
+
+# this flag controls the execution of the role; used to subdue if needed
+really_do: True

roles/packages/tasks/main.yml

@@ -0,0 +1,63 @@
+---
+
+# we don't want to disrupt servers where this role is manually maintained!
+# thus: warning and block statement
+
+- name: full-stop if package role is manually maintained on this server
+  debug: msg="package role skipped to not disrupt manual maintenance - set really_do to True to enable ansible control"
+  when: (not really_do is defined) or (not really_do)
+
+# observe value of really_do
+- block:
+
+  # ensure apt keys and apt repos if defined
+  - block:
+
+    - name: ensure defined apt keys
+      apt_key:
+        state: present
+        id: "{{pkg_item.id}}"
+        keyserver: "{{pkg_item.server}}"
+      with_items: "{{ (pkg_repo_list|default({})).repo_keys | default([]) }}"
+      loop_control:
+        loop_var: pkg_item
+      become: True
+      # see defaults in with - when: (pkg_repo_list is defined) and (pkg_repo_list.repo_keys is defined)
+
+    - name: ensure defined apt repos
+      apt_repository:
+        state: present
+        repo: "{{pkg_item.repo}}"
+        update_cache: "{{pkg_item.update_cache}}"
+        filename: freifunk
+      with_items: "{{ (pkg_repo_list|default({})).repos | default([]) }}"
+      loop_control:
+        loop_var: pkg_item
+      become: True
+      # see defaults in with - when: (pkg_repo_list is defined) and (pkg_repo_list.repos is defined)
+
+    # see defaults in with - when: pkg_repo_list is defined
+  # end block
+
+  - name: ensure defined apt packages
+    apt:
+      state: present
+      name: "{{mwu_m_item}}"
+      update_cache: yes
+      cache_valid_time: 21600
+    with_items: "{{meshing_pkg_pkg_list | default([])}}"
+    loop_control:
+      loop_var: mwu_m_item
+    become: True
+    # see default in with - when: meshing_pkg_pkg_list is defined
+
+  - name: ensure defined python libs
+    pip: name={{mwu_m_item}} executable=pip3
+    with_items: "{{meshing_pkg_pip_list | default([])}}"
+    loop_control:
+      loop_var: mwu_m_item
+    become: True
+    # see default in with - when: meshing_pkg_pip_list is defined
+
+  when: (really_do is defined) and (really_do)
+# end block