diff --git a/ansible/consul-values.yml b/ansible/consul-values.yml index 0f73a64b..5f226ffd 100644 --- a/ansible/consul-values.yml +++ b/ansible/consul-values.yml @@ -4,7 +4,7 @@ - "group_vars/alpha-consul.yml" tasks: - name: make sure httplib2 is installed - sudo: yes + become: true apt: package=python-httplib2 state=present - name: put values into consul diff --git a/ansible/oneOffScripts/killWeaveContainers.yml b/ansible/oneOffScripts/killWeaveContainers.yml index fd6aadb6..b43c1826 100644 --- a/ansible/oneOffScripts/killWeaveContainers.yml +++ b/ansible/oneOffScripts/killWeaveContainers.yml @@ -3,5 +3,5 @@ serial: 1 tasks: - name: kill weave containers - sudo: yes + become: true shell: 'sudo docker ps | grep weaveworks/weave | cut -d" " -f 1 | xargs sudo docker kill' diff --git a/ansible/oneOffScripts/ntpForceUpdate.yml b/ansible/oneOffScripts/ntpForceUpdate.yml index 2fd84195..45a92f8f 100644 --- a/ansible/oneOffScripts/ntpForceUpdate.yml +++ b/ansible/oneOffScripts/ntpForceUpdate.yml @@ -5,6 +5,6 @@ # pl test on test box - name: Froce ntp update - sudo: yes + become: true shell: "service ntp stop && /usr/sbin/ntpdate pool.ntp.org && service ntp start" diff --git a/ansible/oneOffScripts/pullWeaveImage.yml b/ansible/oneOffScripts/pullWeaveImage.yml index b8a84497..7633bf89 100644 --- a/ansible/oneOffScripts/pullWeaveImage.yml +++ b/ansible/oneOffScripts/pullWeaveImage.yml @@ -2,5 +2,5 @@ gather_facts: no tasks: - name: pull weave image - sudo: yes + become: true shell: 'sudo docker pull weaveworks/weave:1.4.6' diff --git a/ansible/oneOffScripts/removeDockService.yml b/ansible/oneOffScripts/removeDockService.yml index 895debef..5ebd99ab 100644 --- a/ansible/oneOffScripts/removeDockService.yml +++ b/ansible/oneOffScripts/removeDockService.yml @@ -5,13 +5,13 @@ when: name is not defined - name: stop service - sudo: yes + become: true service: name={{ name }} state=stopped - name: remove files - sudo: yes + become: true file: path={{ item }} state=absent diff --git a/ansible/oneOffScripts/restartServiceOnAllHosts.yml b/ansible/oneOffScripts/restartServiceOnAllHosts.yml index 39204031..f14b9d43 100644 --- a/ansible/oneOffScripts/restartServiceOnAllHosts.yml +++ b/ansible/oneOffScripts/restartServiceOnAllHosts.yml @@ -6,7 +6,7 @@ when: name is not defined - name: restart {{ name }} - sudo: yes + become: true service: name={{ name }} state=restarted diff --git a/ansible/roles/apt_update/tasks/main.yml b/ansible/roles/apt_update/tasks/main.yml index 91b218c7..36fd4b1f 100644 --- a/ansible/roles/apt_update/tasks/main.yml +++ b/ansible/roles/apt_update/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: update cache for apt repository - sudo: yes + become: true apt: update_cache=yes diff --git a/ansible/roles/apt_upgrade/tasks/main.yml b/ansible/roles/apt_upgrade/tasks/main.yml index 0718e7e3..77cd827e 100644 --- a/ansible/roles/apt_upgrade/tasks/main.yml +++ b/ansible/roles/apt_upgrade/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: upgrade a server - sudo: yes + become: true apt: upgrade=full diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml index 278b2ed6..ee624a85 100644 --- a/ansible/roles/base_ubuntu/tasks/main.yml +++ b/ansible/roles/base_ubuntu/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: ensure registry.runnable in /etc/hosts - sudo: yes + become: true when: dock is not defined lineinfile: dest=/etc/hosts diff --git a/ansible/roles/builder/tasks/main.yml b/ansible/roles/builder/tasks/main.yml index f197599d..1e491877 100644 --- a/ansible/roles/builder/tasks/main.yml +++ b/ansible/roles/builder/tasks/main.yml @@ -1,14 +1,14 @@ --- # commands to build an image - name: create build folder - sudo: yes + become: true file: path="{{ build_dir }}/{{ name }}" state=directory - name: pull the git repository tags: deploy - sudo: yes + become: true git: repo="{{ repo }}" dest="{{ build_dir }}/{{ name }}/repo" @@ -18,7 +18,7 @@ force=yes - name: copy dockerfile to build folder - sudo: yes + become: true template: src={{ dockerfile }} dest="{{ build_dir }}/{{ name }}" diff --git a/ansible/roles/consul_value/tasks/main.yml b/ansible/roles/consul_value/tasks/main.yml index 630534bf..e750812f 100644 --- a/ansible/roles/consul_value/tasks/main.yml +++ b/ansible/roles/consul_value/tasks/main.yml @@ -6,7 +6,7 @@ - name: make sure httplib2 is installed run_once: true - sudo: yes + become: true apt: package=python-httplib2 state=present diff --git a/ansible/roles/container_kill_start/tasks/main.yml b/ansible/roles/container_kill_start/tasks/main.yml index 5a44446e..7029b5fd 100644 --- a/ansible/roles/container_kill_start/tasks/main.yml +++ b/ansible/roles/container_kill_start/tasks/main.yml @@ -17,7 +17,7 @@ # get current running container with this image - name: "look for running containers running {{ container_image }}" tags: deploy - sudo: yes + become: true script: findTagRunning.sh {{ container_image }} register: old_containers_id changed_when: old_containers_id.stdout != '' diff --git a/ansible/roles/custom_metrics/tasks/main.yml b/ansible/roles/custom_metrics/tasks/main.yml index c72ff9ce..fee6bab4 100644 --- a/ansible/roles/custom_metrics/tasks/main.yml +++ b/ansible/roles/custom_metrics/tasks/main.yml @@ -1,10 +1,10 @@ --- - name: create scripts directory - sudo: yes + become: true file: path=/opt/scripts state=directory - name: put script in place - sudo: yes + become: true copy: src={{ item }}.sh dest=/opt/scripts/{{ item }}.sh @@ -15,7 +15,7 @@ - docker_proc_status - name: put cron in place - sudo: yes + become: true cron: name="{{ item.name }}" minute={{ item.minutes }} diff --git a/ansible/roles/database/tasks/main.yml b/ansible/roles/database/tasks/main.yml index 3e818d5b..976fa1cc 100644 --- a/ansible/roles/database/tasks/main.yml +++ b/ansible/roles/database/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: create database directory - sudo: yes + become: true file: path={{ db_path }} state=directory diff --git a/ansible/roles/datadog/handlers/main.yml b/ansible/roles/datadog/handlers/main.yml index 54853617..4c23028e 100644 --- a/ansible/roles/datadog/handlers/main.yml +++ b/ansible/roles/datadog/handlers/main.yml @@ -1,5 +1,5 @@ - name: restart datadog-agent - sudo: yes + become: true service: name=datadog-agent - state=restarted \ No newline at end of file + state=restarted diff --git a/ansible/roles/datadog/tasks/main.yml b/ansible/roles/datadog/tasks/main.yml index 126f29f4..9c717f04 100644 --- a/ansible/roles/datadog/tasks/main.yml +++ b/ansible/roles/datadog/tasks/main.yml @@ -1,39 +1,39 @@ --- - name: add https transport - sudo: yes + become: true apt: name=apt-transport-https state=latest - name: add datadog apt key - sudo: yes + become: true apt_key: id=C7A7DA52 keyserver=keyserver.ubuntu.com state=present - name: add datadog repository - sudo: yes + become: true apt_repository: repo='deb http://apt.datadoghq.com/ stable main' state=present update_cache=yes - name: install dd agent - sudo: yes + become: true apt: name=datadog-agent state=latest - name: add docker to dd-agent group - sudo: yes + become: true when: no_datadog_docker_monitoring is not defined user: name=dd-agent groups=docker - name: create dd configdir - sudo: yes + become: true file: path=/etc/dd-agent/conf.d owner=root @@ -41,14 +41,14 @@ state=directory - name: Create main Datadog agent configuration file - sudo: yes + become: true template: src=datadog.conf.j2 dest=/etc/dd-agent/datadog.conf notify: restart datadog-agent - name: install network checks for dock services - sudo: yes + become: true when: docker_config == "docks" template: src=tcp_check.yaml.j2 @@ -56,7 +56,7 @@ notify: restart datadog-agent - name: install docker integration - sudo: yes + become: true when: no_datadog_docker_monitoring is not defined template: src=docker_daemon.yaml.j2 @@ -65,7 +65,7 @@ # assumes a config for {{ name }} exists - name: install datadog integrations - sudo: yes + become: true when: has_dd_integration is defined template: src="{{ name }}.yaml.j2" diff --git a/ansible/roles/docker_client/tasks/main.yml b/ansible/roles/docker_client/tasks/main.yml index dd0f40e4..79010a29 100644 --- a/ansible/roles/docker_client/tasks/main.yml +++ b/ansible/roles/docker_client/tasks/main.yml @@ -1,12 +1,12 @@ --- - name: create docker cert directory - sudo: yes + become: true file: path=/opt/ssl/docker/{{ name }} state=directory - name: copy docker CA - sudo: yes + become: true copy: src=certs/ca.pem dest=/opt/ssl/docker/{{ name }} @@ -15,7 +15,7 @@ group=root - name: copy docker client key and cert - sudo: yes + become: true copy: src=certs/{{ name }}/ dest=/opt/ssl/docker/{{ name }} diff --git a/ansible/roles/ec2/sg_configure/tasks/main.yml b/ansible/roles/ec2/sg_configure/tasks/main.yml index 1ebfbec5..d9056313 100644 --- a/ansible/roles/ec2/sg_configure/tasks/main.yml +++ b/ansible/roles/ec2/sg_configure/tasks/main.yml @@ -1,5 +1,5 @@ #- name: install Python Boto -# sudo: yes +# become: true # apt: name=python-boto state=latest - name: Bastion diff --git a/ansible/roles/git/tasks/main.yml b/ansible/roles/git/tasks/main.yml index 459fdce9..16d60db9 100644 --- a/ansible/roles/git/tasks/main.yml +++ b/ansible/roles/git/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: install git apt: name=git state=present - sudo: yes + become: true when: "ansible_distribution == 'Ubuntu'" diff --git a/ansible/roles/git_repo/tasks/main.yml b/ansible/roles/git_repo/tasks/main.yml index c832928d..b5c0c71e 100644 --- a/ansible/roles/git_repo/tasks/main.yml +++ b/ansible/roles/git_repo/tasks/main.yml @@ -4,7 +4,7 @@ msg: "application Installed: {{ app_name }}, branch : {{ git_branch }} " - name: create repository dir - sudo: yes + become: true file: path=/opt/runnable/{{ app_name }} state=directory @@ -12,7 +12,7 @@ - name: pull the git repository tags: deploy - sudo: yes + become: true git: repo={{ app_repo }} dest=/opt/runnable/{{ app_name }} diff --git a/ansible/roles/hipache/tasks/main.yml b/ansible/roles/hipache/tasks/main.yml index bce6c288..9a3afeb8 100644 --- a/ansible/roles/hipache/tasks/main.yml +++ b/ansible/roles/hipache/tasks/main.yml @@ -1,43 +1,43 @@ --- - name: create certs path - sudo: yes + become: true file: path=/etc/ssl/certs/{{ domain }} state=directory - name: create private cert path - sudo: yes + become: true file: path=/etc/ssl/private state=directory # the keys below must be placed inside devops-scripts/ansible/roles/hipache/files - name: copy ca.crt - sudo: yes + become: true template: src={{ domain }}-ca.crt dest=/etc/ssl/certs/{{ domain }}/ca.crt - name: copy {{ domain }}.crt - sudo: yes + become: true template: src={{ domain }}.crt dest=/etc/ssl/certs/{{ domain }}/{{ domain }}.crt - name: copy private ssl key - sudo: yes + become: true template: src={{ domain }}.key dest=/etc/ssl/private/{{ domain }}.key - name: create hipache config directory - sudo: yes + become: true file: path=/opt/hipache-conf state=directory - name: copy configs - sudo: yes + become: true template: src=config.json dest=/opt/hipache-conf diff --git a/ansible/roles/iptables/tasks/main.yml b/ansible/roles/iptables/tasks/main.yml index 091d798b..cd7d369b 100644 --- a/ansible/roles/iptables/tasks/main.yml +++ b/ansible/roles/iptables/tasks/main.yml @@ -8,17 +8,17 @@ state=present regexp=".+ \/etc\/firewall\.conf" insertbefore="exit 0" - sudo: yes + become: true - name: Place temp script file for iptables update template: src=iptables_apply_rule.sh.j2 dest={{ script_temp_path }} owner=root group=root mode=500 - sudo: yes + become: true - name: Apply iptables shell: "{{ script_temp_path }} '{{ item }}'" with_items: iptables_rule - sudo: yes + become: true - name: update /etc/firewall.conf so that it load on system startup template: src=firewall.conf.j2 dest=/etc/firewall.conf owner=root group=root mode=500 - sudo: yes + become: true diff --git a/ansible/roles/load/tasks/main.yml b/ansible/roles/load/tasks/main.yml index 65ebe484..b154e4e7 100644 --- a/ansible/roles/load/tasks/main.yml +++ b/ansible/roles/load/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: create node-hello-world dir - sudo: yes + become: true file: path=/runnable/node-hello-world/ state=directory diff --git a/ansible/roles/loggly-rotate/tasks/main.yml b/ansible/roles/loggly-rotate/tasks/main.yml index df129176..315998f4 100644 --- a/ansible/roles/loggly-rotate/tasks/main.yml +++ b/ansible/roles/loggly-rotate/tasks/main.yml @@ -39,7 +39,7 @@ - name: copy loggly config tags: loggly - sudo: yes + become: true template: src=22-loggly.conf.j2 dest=/etc/rsyslog.d/22-loggly.conf @@ -48,7 +48,7 @@ - name: create runnable bin directory tags: loggly - sudo: yes + become: true file: path=/opt/runnable/bin state=directory @@ -58,7 +58,7 @@ - name: copy rotate util script tags: loggly - sudo: yes + become: true template: src=rotate-logs.sh.j2 dest=/opt/runnable/bin/rotate-{{ name }}-logs.sh @@ -66,7 +66,7 @@ - name: copy app config tags: loggly - sudo: yes + become: true template: src=21-output-syslog.conf.j2 dest=/etc/rsyslog.d/21-rotated-{{ name }}.conf @@ -75,7 +75,7 @@ - name: copy rsyslog config tags: loggly - sudo: yes + become: true template: src=rsyslog.conf.j2 dest=/etc/rsyslog.conf @@ -84,19 +84,19 @@ - name: stop rsyslog tags: [loggly, deploy] - sudo: yes + become: true service: name=rsyslog state=stopped - name: clear rsyslog state file tags: [loggly, deploy] - sudo: yes + become: true file: path=/var/spool/rsyslog/stat-{{ name }} state=absent - name: touch the log file tags: [loggly, deploy] - sudo: yes + become: true file: path=/var/log/{{ name }}-daemon.log state=touch @@ -105,5 +105,5 @@ - name: restart rsyslog tags: [loggly, deploy] - sudo: yes + become: true service: name=rsyslog state=restarted diff --git a/ansible/roles/loggly-tls/tasks/main.yml b/ansible/roles/loggly-tls/tasks/main.yml index 6c11a5da..8f054d62 100644 --- a/ansible/roles/loggly-tls/tasks/main.yml +++ b/ansible/roles/loggly-tls/tasks/main.yml @@ -39,10 +39,10 @@ - name: stop rsyslog tags: [loggly, deploy] - sudo: yes + become: true service: name=rsyslog state=stopped - name: restart rsyslog tags: [loggly, deploy] - sudo: yes + become: true service: name=rsyslog state=restarted diff --git a/ansible/roles/neo4j/tasks/main.yml b/ansible/roles/neo4j/tasks/main.yml index 8c9f0f3f..669ac3c6 100644 --- a/ansible/roles/neo4j/tasks/main.yml +++ b/ansible/roles/neo4j/tasks/main.yml @@ -1,16 +1,16 @@ --- - name: create config directory - sudo: yes + become: true file: path=/opt/neo4j/conf state=directory - name: copy neo4j config - sudo: yes + become: true template: src=neo4j-server.properties dest=/opt/neo4j/conf/ - name: copy neo4j start.sh - sudo: yes + become: true template: src=start.sh dest=/opt/neo4j/ diff --git a/ansible/roles/nginx/tasks/main.yml b/ansible/roles/nginx/tasks/main.yml index ed342167..d315b284 100644 --- a/ansible/roles/nginx/tasks/main.yml +++ b/ansible/roles/nginx/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: install nginx - sudo: yes + become: true apt: update_cache=yes cache_valid_time=604800 @@ -8,7 +8,7 @@ state=present - name: install node dependencies (build-essential) - sudo: yes + become: true apt: update_cache=yes cache_valid_time=604800 @@ -16,25 +16,25 @@ state=present - name: get node install script - sudo: yes + become: true get_url: url=https://deb.nodesource.com/setup dest=~/node-install.sh mode=744 - name: check for node PPA - sudo: yes + become: true register: ppa_check file: path=/etc/apt/sources.list.d/nodesource.list - name: install node PPA - sudo: yes + become: true when: ppa_check.changed shell: ~/node-install.sh - name: install node - sudo: yes + become: true apt: update_cache=yes cache_valid_time=604800 @@ -42,13 +42,13 @@ state=present - name: copy node script for nginx - sudo: yes + become: true copy: src=genNginxConf.js dest=/tmp/genNginxConf.js # - name: download sitemap -# sudo: yes +# become: true # get_url: # url=http://runnable.com/sitemap.xml # dest=/tmp/sitemap.xml @@ -57,26 +57,26 @@ # force=yes - name: install packages - sudo: yes + become: true shell: npm install 101 request xml2js async chdir=/tmp - name: generate nginx config - sudo: yes + become: true shell: node /tmp/genNginxConf.js > /etc/nginx/conf.d/runnable-migration.conf chdir=/tmp - name: remove default nginx config - sudo: yes + become: true file: path=/etc/nginx/sites-enabled/default state=absent - name: test nginx config - sudo: yes + become: true shell: nginx -t - name: reload nginx - sudo: yes + become: true shell: nginx -s reload diff --git a/ansible/roles/node/tasks/main.yml b/ansible/roles/node/tasks/main.yml index 1d0f3a63..d776fa7c 100644 --- a/ansible/roles/node/tasks/main.yml +++ b/ansible/roles/node/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: install node.js - sudo: yes + become: true nodejs: version={{node_version|default('0.10.40')}} diff --git a/ansible/roles/node_service/tasks/main.yml b/ansible/roles/node_service/tasks/main.yml index 75eab28a..8b454355 100644 --- a/ansible/roles/node_service/tasks/main.yml +++ b/ansible/roles/node_service/tasks/main.yml @@ -15,7 +15,7 @@ - name: make override file tags: deploy - sudo: yes + become: true lineinfile: dest="/etc/init/{{ app_name }}.override" line="manual" @@ -23,7 +23,7 @@ - name: create new config file tags: deploy - sudo: yes + become: true template: src=upstart.conf dest=/etc/init/{{ app_name }}.conf @@ -31,7 +31,7 @@ - name: restart service {{ app_name }} tags: deploy - sudo: yes + become: true when: dock is not defined service: name={{ app_name }} diff --git a/ansible/roles/package_ntp/handlers/main.yml b/ansible/roles/package_ntp/handlers/main.yml index 45bca6cf..067ffc8d 100644 --- a/ansible/roles/package_ntp/handlers/main.yml +++ b/ansible/roles/package_ntp/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: Start and Enable ntp - sudo: yes + become: true service: name=ntp state=started diff --git a/ansible/roles/package_ntp/tasks/main.yml b/ansible/roles/package_ntp/tasks/main.yml index 41d99cc1..f9a2a526 100644 --- a/ansible/roles/package_ntp/tasks/main.yml +++ b/ansible/roles/package_ntp/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install ntp package - sudo: yes + become: true apt: name=ntp state=present @@ -9,7 +9,7 @@ cache_valid_time=604800 - name: Copy the ntp.conf template file - sudo: yes + become: true template: src=ntp.conf.j2 dest=/etc/ntp.conf diff --git a/ansible/roles/rabbitmq/tasks/main.yml b/ansible/roles/rabbitmq/tasks/main.yml index 868b4a6f..ee2473a3 100644 --- a/ansible/roles/rabbitmq/tasks/main.yml +++ b/ansible/roles/rabbitmq/tasks/main.yml @@ -1,13 +1,13 @@ --- # commands to build an image - name: create build folder - sudo: yes + become: true file: path="{{ config_path }}" state=directory - name: copy dockerfile to build folder - sudo: yes + become: true template: src="rabbitmq.config" dest="{{ config_path }}" diff --git a/ansible/roles/ssh-keys/tasks/main.yml b/ansible/roles/ssh-keys/tasks/main.yml index 58b24a61..6fd08788 100644 --- a/ansible/roles/ssh-keys/tasks/main.yml +++ b/ansible/roles/ssh-keys/tasks/main.yml @@ -2,13 +2,13 @@ - include_vars: users.yml - name: ensure runnable admin group exists - sudo: yes + become: true group: name={{ runnable_admin_group }} state=present - name: ensure 'sudoers' has runnable admin group - sudo: yes + become: true lineinfile: " dest=/etc/sudoers regexp='^%{{ runnable_admin_group }}' @@ -17,7 +17,7 @@ " - name: make users - sudo: yes + become: true with_dict: users user: name={{ item.key }} @@ -27,7 +27,7 @@ state=present - name: "set user's keys" - sudo: yes + become: true with_dict: users authorized_key: exclusive=yes @@ -35,7 +35,7 @@ key="{{ item.value.pub_key }}" - name: remove users - sudo: yes + become: true with_dict: delete user: name={{ item.key }} diff --git a/ansible/roles/vault/tasks/main.yml b/ansible/roles/vault/tasks/main.yml index 8a55540e..f229d01d 100644 --- a/ansible/roles/vault/tasks/main.yml +++ b/ansible/roles/vault/tasks/main.yml @@ -21,7 +21,7 @@ recurse=yes - name: copy vault config - sudo: yes + become: true template: src=vault.hcl dest=/opt/runnable/vault/vault.hcl diff --git a/ansible/vault-values.yml b/ansible/vault-values.yml index 605efe79..35a23f43 100644 --- a/ansible/vault-values.yml +++ b/ansible/vault-values.yml @@ -4,7 +4,7 @@ - group_vars/alpha-vault.yml tasks: - name: make sure httplib2 is installed - sudo: yes + become: true apt: package=python-httplib2 state=present - name: get seal status