From f1b1a9fd90056b2d42b2cb41e71af254e2c07268 Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Thu, 27 Feb 2020 11:26:52 +0100 Subject: debian: update for hash_behaviour = replace --- group_vars/all | 11 ++++----- roles/debian/defaults/main.yml | 48 +++++++++++++++++++++++++----------- roles/debian/tasks/apt.yml | 18 ++++++++++++-- roles/debian/tasks/locale.yml | 10 ++++---- roles/debian/tasks/networkd.yml | 4 ++- roles/debian/tasks/resolved.yml | 4 ++- roles/debian/tasks/sshd.yml | 7 ------ roles/debian/tasks/sudo.yml | 7 ------ roles/debian/tasks/systemd.yml | 6 +++++ roles/debian/tasks/timesyncd.yml | 4 ++- roles/debian/templates/hosts.j2 | 2 +- roles/debian/templates/locale.gen.j2 | 2 +- roles/debian/templates/locale.j2 | 2 +- roles/mail1/vars/main.yml | 6 ++--- 14 files changed, 80 insertions(+), 51 deletions(-) diff --git a/group_vars/all b/group_vars/all index 59c098c..9a8b07f 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,10 +1,9 @@ --- -locale: - generated: # must be sorted - - da_DK.UTF-8 UTF-8 - - en_US.UTF-8 UTF-8 - default: - LANG: 'en_US.UTF-8' +locale_generated: # must be sorted +- da_DK.UTF-8 UTF-8 +- en_US.UTF-8 UTF-8 +locale_default: + LANG: 'en_US.UTF-8' timezone: 'Europe/Copenhagen' diff --git a/roles/debian/defaults/main.yml b/roles/debian/defaults/main.yml index 5bb1192..a0708c2 100644 --- a/roles/debian/defaults/main.yml +++ b/roles/debian/defaults/main.yml @@ -4,23 +4,34 @@ use_resolved: true use_networkd: true use_timesyncd: true -locale: - generated: # must be sorted - - en_US.UTF-8 UTF-8 - default: - LANG: 'en_US.UTF-8' - -systemd_conf: {} -journald_conf: {} -logind_conf: {} -resolved_conf: {} -networkd_conf: {} +locale_generated: # must be sorted +- en_US.UTF-8 UTF-8 +locale_default: + LANG: 'en_US.UTF-8' + +systemd_conf_default: {} +systemd_conf_role: {} + +journald_conf_default: {} +journald_conf_role: {} + +logind_conf_default: {} +logind_conf_role: {} + +resolved_conf_default: {} +resolved_conf_role: {} + +networkd_conf_default: {} +networkd_conf_role: {} networkd_ignore: [] -timesyncd_conf: {} -apt_preferences: {} +timesyncd_conf_default: {} +timesyncd_conf_role: {} + +apt_preferences_default: {} +apt_preferences_role: {} -apt_repos: +apt_repos_default: base: uri: 'https://deb.debian.org/debian' suite: '{{ apt_release is defined|ternary(apt_release,ansible_distribution_release) }}' @@ -33,8 +44,12 @@ apt_repos: backports: uri: 'https://deb.debian.org/debian' suite: '{{ apt_release is defined|ternary(apt_release,ansible_distribution_release) }}-backports' +apt_repos_role: {} + +apt_sources_default: {} +apt_sources_role: {} -apt_packages: +apt_packages_default: 'netbase': present 'apt-transport-https': present 'dialog': present @@ -42,6 +57,9 @@ apt_packages: 'libnss-myhostname': present 'vim': present 'deborphan': present + 'openssh-server': present + 'sudo': present +apt_packages_role: {} sudo_group: 'sudo' diff --git a/roles/debian/tasks/apt.yml b/roles/debian/tasks/apt.yml index b3d0851..82bbedd 100644 --- a/roles/debian/tasks/apt.yml +++ b/roles/debian/tasks/apt.yml @@ -16,6 +16,8 @@ mode: 0755 - name: Remove packages + vars: + apt_packages: '{{ apt_packages_default|combine(apt_packages_role) }}' apt: name: "{{ apt_packages|dictsort(true)|selectattr(1,'equalto','absent')|map(attribute=0)|list }}" state: absent @@ -25,6 +27,8 @@ - packages - name: Create /etc/apt/preferences.d + vars: + apt_preferences: '{{ apt_preferences_default|combine(apt_preferences_role) }}' template: dest: '/etc/apt/preferences.d/{{ item.key }}' src: apt-preferences.j2 @@ -35,6 +39,8 @@ when: item.value - name: Remove /etc/apt/preferences.d + vars: + apt_preferences: '{{ apt_preferences_default|combine(apt_preferences_role) }}' file: path: '/etc/apt/preferences.d/{{ item.key }}' state: absent @@ -42,21 +48,27 @@ when: not item.value - name: Configure /etc/apt/sources.list + vars: + apt_repos: '{{ apt_repos_default|combine(apt_repos_role) }}' + apt_sources: '{{ apt_sources_default|combine(apt_sources_role) }}' template: dest: '/etc/apt/sources.list' src: sources.list.j2 owner: root group: root mode: 0644 - when: apt_sources is defined + when: 'apt_sources|length > 0' - name: Download repository keys + vars: + apt_repos: '{{ apt_repos_default|combine(apt_repos_role) }}' + apt_sources: '{{ apt_sources_default|combine(apt_sources_role) }}' apt_key: url: "{{ apt_repos[item.key]['key_url'] }}" id: "{{ apt_repos[item.key]['key_id'] }}" state: present with_dict: '{{ apt_sources }}' - when: apt_sources is defined and 'key_url' in apt_repos[item.key] + when: "'key_url' in apt_repos[item.key]" - name: Update apt cache apt: @@ -66,6 +78,8 @@ - packages - name: Install packages + vars: + apt_packages: '{{ apt_packages_default | combine(apt_packages_role) }}' apt: name: "{{ apt_packages|dictsort(true)|selectattr(1,'equalto','present')|map(attribute=0)|list }}" state: present diff --git a/roles/debian/tasks/locale.yml b/roles/debian/tasks/locale.yml index 72a0b65..bea2472 100644 --- a/roles/debian/tasks/locale.yml +++ b/roles/debian/tasks/locale.yml @@ -3,9 +3,9 @@ debconf: name: locales question: locales/locales_to_be_generated - value: "{{ locale.generated|join(', ') }}" + value: "{{ locale_generated|join(', ') }}" vtype: multiselect - register: locale_generated + register: locale_generated_debconf - name: dpkg-reconfigure locales block: @@ -18,10 +18,10 @@ - debconf: name: locales question: locales/locales_to_be_generated - value: "{{ locale.generated|join(', ') }}" + value: "{{ locale_generated|join(', ') }}" vtype: multiselect - command: dpkg-reconfigure -fnoninteractive locales - when: locale_generated is changed + when: locale_generated_debconf is changed - name: Setting default locale template: @@ -35,7 +35,7 @@ debconf: name: locales question: locales/default_environment_locale - value: '{{ locale.default.LANG }}' + value: '{{ locale_default.LANG }}' vtype: select # vim: set ts=2 sw=2 et: diff --git a/roles/debian/tasks/networkd.yml b/roles/debian/tasks/networkd.yml index 50791b3..084a844 100644 --- a/roles/debian/tasks/networkd.yml +++ b/roles/debian/tasks/networkd.yml @@ -1,5 +1,7 @@ --- -- name: Configure systemd-networkd +- name: Configure networkd.conf + vars: + networkd_conf: '{{ networkd_conf_default|combine(networkd_conf_role) }}' ini_file: path: '/etc/systemd/networkd.conf' no_extra_spaces: yes diff --git a/roles/debian/tasks/resolved.yml b/roles/debian/tasks/resolved.yml index 9a6d4c1..4fcc34b 100644 --- a/roles/debian/tasks/resolved.yml +++ b/roles/debian/tasks/resolved.yml @@ -1,5 +1,7 @@ --- -- name: Configure systemd-resolved +- name: Configure resolved.conf + vars: + resolved_conf: '{{ resolved_conf_default|combine(resolved_conf_role) }}' ini_file: path: '/etc/systemd/resolved.conf' no_extra_spaces: yes diff --git a/roles/debian/tasks/sshd.yml b/roles/debian/tasks/sshd.yml index 62aa1cc..4c257fe 100644 --- a/roles/debian/tasks/sshd.yml +++ b/roles/debian/tasks/sshd.yml @@ -1,11 +1,4 @@ --- -- name: Install SSH server - apt: - name: openssh-server - state: present - tags: - - packages - - name: Create private host keys copy: dest: '/etc/ssh/{{ item.key }}' diff --git a/roles/debian/tasks/sudo.yml b/roles/debian/tasks/sudo.yml index e52e1f6..f1a0328 100644 --- a/roles/debian/tasks/sudo.yml +++ b/roles/debian/tasks/sudo.yml @@ -1,11 +1,4 @@ --- -- name: Install sudo - apt: - name: sudo - state: present - tags: - - packages - - name: Configure sudo copy: dest: '/etc/sudoers' diff --git a/roles/debian/tasks/systemd.yml b/roles/debian/tasks/systemd.yml index 56a5898..a2b9e4b 100644 --- a/roles/debian/tasks/systemd.yml +++ b/roles/debian/tasks/systemd.yml @@ -1,5 +1,7 @@ --- - name: Configure systemd system.conf + vars: + systemd_conf: '{{ systemd_conf_default|combine(systemd_conf_role) }}' ini_file: path: '/etc/systemd/system.conf' no_extra_spaces: yes @@ -10,6 +12,8 @@ with_dict: '{{ systemd_conf }}' - name: Configure journald.conf + vars: + journald_conf: '{{ journald_conf_default|combine(journald_conf_role) }}' ini_file: path: '/etc/systemd/journald.conf' no_extra_spaces: yes @@ -20,6 +24,8 @@ with_dict: '{{ journald_conf }}' - name: Configure logind.conf + vars: + logind_conf: '{{ logind_conf_default|combine(logind_conf_role) }}' ini_file: path: '/etc/systemd/logind.conf' no_extra_spaces: yes diff --git a/roles/debian/tasks/timesyncd.yml b/roles/debian/tasks/timesyncd.yml index 180d8c2..9895d0b 100644 --- a/roles/debian/tasks/timesyncd.yml +++ b/roles/debian/tasks/timesyncd.yml @@ -1,5 +1,7 @@ --- -- name: Configure systemd-timesyncd +- name: Configure timesyncd.conf + vars: + timesyncd_conf: '{{ timesyncd_conf_default|combine(timesyncd_conf_role) }}' ini_file: path: '/etc/systemd/timesyncd.conf' no_extra_spaces: yes diff --git a/roles/debian/templates/hosts.j2 b/roles/debian/templates/hosts.j2 index bce5120..31e5684 100644 --- a/roles/debian/templates/hosts.j2 +++ b/roles/debian/templates/hosts.j2 @@ -5,7 +5,7 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters {% if hosts is defined %} -{% for addr, names in hosts %} +{% for addr, names in hosts|dictsort(true) %} {{ addr }} {{ names|join(' ') }} {% endfor %} {% endif %} diff --git a/roles/debian/templates/locale.gen.j2 b/roles/debian/templates/locale.gen.j2 index 2ab95c7..f324e1e 100644 --- a/roles/debian/templates/locale.gen.j2 +++ b/roles/debian/templates/locale.gen.j2 @@ -1,3 +1,3 @@ -{% for locale in locale.generated %} +{% for locale in locale_generated %} {{ locale }} {% endfor %} diff --git a/roles/debian/templates/locale.j2 b/roles/debian/templates/locale.j2 index cad9883..0e972d4 100644 --- a/roles/debian/templates/locale.j2 +++ b/roles/debian/templates/locale.j2 @@ -1,3 +1,3 @@ -{% for key, value in locale.default|dictsort(true) %} +{% for key, value in locale_default|dictsort(true) %} {{ key }}={{ value }} {% endfor %} diff --git a/roles/mail1/vars/main.yml b/roles/mail1/vars/main.yml index 85de002..3a8b9db 100644 --- a/roles/mail1/vars/main.yml +++ b/roles/mail1/vars/main.yml @@ -1,7 +1,7 @@ --- hostname: 'mail1' -apt_sources: +apt_sources_role: base: components: - main @@ -18,10 +18,10 @@ apt_sources: - contrib - non-free -apt_packages: +apt_packages_role: 'haveged': present -journald_conf: +journald_conf_role: 'Journal.Storage': 'persistent' users: -- cgit v1.2.1