setup - updated task naming scheme

superstes · Oct 27, 2021 · 0dcfc79 · 0dcfc79
1 parent 17a87e3
commit 0dcfc79
Show file tree

Hide file tree

Showing 27 changed files with 171 additions and 170 deletions.
diff --git a/setup/roles/core/handlers/main.yml b/setup/roles/core/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 
 - name: 'start_core_service'
-  systemd:
+  ansible.builtin.systemd:
     name: 'ga_core.service'
     state: started
diff --git a/setup/roles/core/tasks/main.yml b/setup/roles/core/tasks/main.yml
@@ -1,29 +1,29 @@
 ---
 
 - name: GA | Core | Installing packages
-  apt:
+  ansible.builtin.apt:
     name: "{{ ga_core_packages }}"
     state: present
 
 - name: GA | Core | Setting system timezone
-  timezone:
+  community.general.timezone:
     name: "{{ ga_timezone }}"
 
 - name: GA | Core | Adding service group
-  group:
+  ansible.builtin.group:
     name: "{{ ga_service_group }}"
     state: present
 
 - name: GA | Core | Adding service user
-  user:
+  ansible.builtin.user:
     name: "{{ ga_core_service_user }}"
     shell: '/usr/sbin/nologin'
     home: "/home/{{ ga_core_service_user }}"
     groups: "{{ ga_service_group }}"
     append: yes
 
 - name: GA | Core | Creating core directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     owner: "{{ ga_core_service_user }}"
@@ -36,30 +36,30 @@
   - "{{ ga_core_path_venv }}"
 
 - name: GA | Core | Checking if repo was already cloned
-  stat:
+  ansible.builtin.stat:
     path: "{{ setup_clone_dir }}"
   register: tmp_clone_dir
 
 - name: GA | Core | Cloning ga code
-  git:
+  ansible.builtin.git:
     repo: 'https://github.com/superstes/growautomation.git'
     dest: "{{ setup_clone_dir }}"
     depth: 1
     version: "{{ ga_version }}"
   when: not tmp_clone_dir.stat.exists
 
 - name: GA | Core | Copying core-code
-  shell: "cp -r {{ setup_clone_dir }}/code/core {{ ga_core_path }} &&
+  ansible.builtin.shell: "cp -r {{ setup_clone_dir }}/code/core {{ ga_core_path }} &&
   chown -R {{ ga_core_service_user }}:{{ ga_service_group }} {{ ga_core_path }}/core &&
   chmod 775 -R {{ ga_core_path }}/core"
 
 - name: GA | Core | Checking if random key file exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ ga_core_path }}/core/secret/random.key"
   register: random_key_file
 
 - name: GA | Core | Generating random encryption key
-  lineinfile:
+  ansible.builtin.lineinfile:
     line: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,punctuation length=50') }}"
     path: "{{ ga_core_path }}/core/secret/random.key"
     state: present
@@ -71,52 +71,52 @@
   when: not random_key_file.stat.exists
 
 - name: GA | Core | Setting privileges for encryption key
-  file:
+  ansible.builtin.file:
     path: "{{ ga_core_path }}/core/secret/random.key"
     owner: "{{ ga_core_service_user }}"
     group: "{{ ga_service_group }}"
     mode: 0440
 
 - name: GA | Core | Adding core config file
-  template:
+  ansible.builtin.template:
     src: 'templates/var/lib/ga/core/config/file/core.conf.j2'
     dest: "{{ ga_core_path }}/core/config/file/core.conf"
     mode: 0600
     owner: "{{ ga_core_service_user }}"
     group: "{{ ga_service_group }}"
 
 - name: GA | Core | Install python virtualenv
-  pip:
+  ansible.builtin.pip:
     name: 'virtualenv'
     executable: pip3
     state: present
 
 - name: GA | Core | Install python modules into venv
-  pip:
+  ansible.builtin.pip:
     name: "{{ ga_core_mods }}"
     virtualenv: "{{ ga_core_path_venv }}"
     virtualenv_python: "{{ ga_python_version }}"
     state: present
 
 - name: GA | Core | Adding core service file
-  template:
+  ansible.builtin.template:
     src: 'templates/lib/systemd/system/ga_core.service.j2'
     dest: '/lib/systemd/system/ga_core.service'
 
 - name: GA | Core | Configuring update prerequisits
-  import_tasks: update.yml
+  ansible.builtin.import_tasks: update.yml
 
 - name: GA | Core | Reloading systemd
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: yes
 
 - name: GA | Core | Enabling service
-  systemd:
+  ansible.builtin.systemd:
     name: 'ga_core.service'
     enabled: yes
   notify: 'start_core_service'
 
 - name: GA | Configure device support
-  import_role:
+  ansible.builtin.import_role:
     name: devices
   when: ga_core_device_support
diff --git a/setup/roles/core/tasks/update.yml b/setup/roles/core/tasks/update.yml
@@ -1,31 +1,31 @@
 ---
 
 - name: GA | Core | Update | Creating directory
-  file:
+  ansible.builtin.file:
     path: "{{ ga_update_path }}"
     state: directory
     owner: "{{ ga_update_service_user }}"
     group: "{{ ga_update_service_user }}"
     mode: 0755
 
 - name: GA | Core | Update | Adding update service file
-  template:
+  ansible.builtin.template:
     src: 'templates/lib/systemd/system/ga_update.service.j2'
     dest: '/lib/systemd/system/ga_update.service'
 
 - name: GA | Core | Update | Copying update-code
-  shell: "cp -r {{ setup_clone_dir }}/code/update/* {{ ga_update_path }} &&
+  ansible.builtin.shell: "cp -r {{ setup_clone_dir }}/code/update/* {{ ga_update_path }} &&
   chown -R {{ ga_update_service_user }}:{{ ga_update_service_user }} {{ ga_update_path }} &&
   chmod -R 750 {{ ga_update_path }}"
 
 - name: GA | Core | Update | Adding service user
-  user:
+  ansible.builtin.user:
     name: "{{ ga_update_service_user }}"
     shell: '/usr/sbin/nologin'
     home: "/home/{{ ga_update_service_user }}"
 
 - name: GA | Core | Update | Adding privileges
-  template:
+  ansible.builtin.template:
     src: 'templates/etc/sudoers.d/gaupdate.j2'
     dest: '/etc/sudoers.d/gaupdate'
     owner: 'root'

diff --git a/setup/roles/db/handlers/main.yml b/setup/roles/db/handlers/main.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: 'enable_mariadb'
-  systemd:
+  ansible.builtin.systemd:
     name: 'mariadb.service'
     enabled: yes
     state: started
diff --git a/setup/roles/db/tasks/main.yml b/setup/roles/db/tasks/main.yml
@@ -3,19 +3,19 @@
 # note: db-schema and initial controller configuration will be initialized by django
 
 - name: GA | DB | Install mariadb
-  apt:
+  ansible.builtin.apt:
     name: "{{ ga_db_packages }}"
     state: present
   notify: 'enable_mariadb'
 
 - name: GA | DB | Creating database
-  mysql_db:
+  community.mysql.mysql_db:
     name: "{{ ga_sql_db }}"
     state: present
     login_unix_socket: "{{ ga_sql_socket }}"
 
 - name: GA | DB | Creating users
-  mysql_user:
+  community.mysql.mysql_user:
     name: "{{ item.user }}"
     password: "{{ item.pwd }}"
     priv: "{{ ga_sql_db }}.*:ALL"
@@ -31,7 +31,7 @@
     - {user: "{{ ga_sql_user_web }}", pwd: "{{ ga_sql_pwd_web }}"}
 
 - name: GA | DB | Displaying info
-  debug:
+  ansible.builtin.debug:
     msg: "INFO: The creation of database users might fail if they already exist. In that case you can ignore this error!"
   when:
     - user_creation.failed is defined

diff --git a/setup/roles/devices/tasks/main.yml b/setup/roles/devices/tasks/main.yml
@@ -1,29 +1,29 @@
 ---
 
 - name: GA | Devices | Installing packages
-  apt:
+  ansible.builtin.apt:
     name: "{{ ga_device_packages }}"
     state: present
 
 - name: GA | Devices | Install python modules into venv
-  pip:
+  ansible.builtin.pip:
     name: "{{ ga_device_mods }}"
     virtualenv: "{{ ga_core_path_venv }}"
     virtualenv_python: "{{ ga_python_version }}"
     state: present
 
 - name: GA | Core | Copying device-code
-  shell: "cp -r {{ setup_clone_dir }}/code/device {{ ga_core_path }} &&
+  ansible.builtin.shell: "cp -r {{ setup_clone_dir }}/code/device {{ ga_core_path }} &&
   chown -R {{ ga_core_service_user }}:{{ ga_service_group }} {{ ga_core_path }}/device &&
   chmod 775 -R {{ ga_core_path }}/device"
 
 - name: GA | Devices | Adding service user to groups
-  user:
+  ansible.builtin.user:
     name: "{{ ga_core_service_user }}"
     groups: "{{ ga_device_groups }}"
     append: yes
 
 - name: GA | Devices | Configuring raspi-config
-  shell: "raspi-config {{ item }}"
+  ansible.builtin.shell: "raspi-config {{ item }}"
   with_items: "{{ ga_device_raspiconfig }}"
   ignore_errors: true
diff --git a/setup/roles/ssl_letsencrypt/tasks/cleanup.yml b/setup/roles/ssl_letsencrypt/tasks/cleanup.yml
@@ -1,13 +1,13 @@
 ---
 
 - name: GA | Cert LetsEncrypt | Cleanup | Disable temporary apache site
-  file:
+  ansible.builtin.file:
     state: absent
     dest: "/etc/apache2/sites-enabled/tmp_lets_encrypt.conf"
   register: tmp_site_config
 
 - name: GA | Cert LetsEncrypt | Cleanup | Reload apache
-  systemd:
+  ansible.builtin.systemd:
     name: 'apache2.service'
     state: reloaded
   when: tmp_site_config.changed
diff --git a/setup/roles/ssl_letsencrypt/tasks/dependencies.yml b/setup/roles/ssl_letsencrypt/tasks/dependencies.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: GA | Cert LetsEncrypt | Dependencies | Deploying temporary apache site
-  template:
+  ansible.builtin.template:
     src: 'templates/etc/apache2/sites-available/lets_encrypt.conf.j2'
     dest: "/etc/apache2/sites-available/tmp_lets_encrypt.conf"
     owner: 'root'
@@ -11,7 +11,7 @@
   register: tmp_site_config
 
 - name: GA | Cert LetsEncrypt | Dependencies | Enable apache site
-  file:
+  ansible.builtin.file:
     state: link
     src: "/etc/apache2/sites-available/tmp_lets_encrypt.conf"
     dest: "/etc/apache2/sites-enabled/tmp_lets_encrypt.conf"
@@ -20,6 +20,6 @@
     mode: 0644
 
 - name: GA | Cert LetsEncrypt | Dependencies | Reload apache
-  systemd:
+  ansible.builtin.systemd:
     name: 'apache2.service'
     state: reloaded
diff --git a/setup/roles/ssl_letsencrypt/tasks/domain.yml b/setup/roles/ssl_letsencrypt/tasks/domain.yml
@@ -1,12 +1,12 @@
 ---
 
 - name: GA | Cert LetsEncrypt | Checking if key
-  stat:
+  ansible.builtin.stat:
     path: "{{ ga_letsencrypt_live_dir }}/privkey.pem"
   register: domain_key
 
 - name: GA | Cert LetsEncrypt | Creating key/cert directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     owner: 'root'
@@ -17,11 +17,11 @@
   - '/etc/ssl/certs'
 
 - name: GA | Cert LetsEncrypt | Initializing certbot
-  include_tasks: domain_new.yml
+  ansible.builtin.include_tasks: domain_new.yml
   when: not domain_key.stat.exists
 
 - name: GA | Cert LetsEncrypt | Linking certificates
-  file:
+  ansible.builtin.file:
     state: link
     src: "{{ item.key }}"
     dest: "{{ item.value }}"

diff --git a/setup/roles/ssl_letsencrypt/tasks/domain_new.yml b/setup/roles/ssl_letsencrypt/tasks/domain_new.yml
@@ -1,25 +1,25 @@
 ---
 
 - name: GA | Cert LetsEncrypt | Creating alternative name string (1/3)
-  set_fact:
+  ansible.builtin.set_fact:
     _alias: "{{ ga_web_alias | join(' --domain ') }}"
   when: ga_web_alias | length > 0
 
 - name: GA | Cert LetsEncrypt | Creating alternative name string (2/3)
-  set_fact:
+  ansible.builtin.set_fact:
     certbot_alias: "{{ '--domain ' + _alias }}"
   when: ga_web_alias | length > 0
 
 - name: GA | Cert LetsEncrypt | Creating alternative name string (3/3)
-  set_fact:
+  ansible.builtin.set_fact:
     certbot_alias: ''
   when: ga_web_alias | length == 0
 
 - name: GA | Cert LetsEncrypt | Debug => the following command will be issued
-  debug:
+  ansible.builtin.debug:
     msg: "certbot certonly --apache -{{ certbot_verbosity }} --non-interactive --agree-tos --email {{ ga_web_ssl_letsencrypt_mail }} --cert-name {{ ga_web_key }}
              --rsa-key-size {{ letsencrypt_key_size }} --no-redirect --domain {{ ga_web_dns }} {{ certbot_alias }}"
 
 - name: GA | Cert LetsEncrypt | Certbot | Starting certbot initialization (this might take some time)
-  shell: "certbot certonly --apache -{{ certbot_verbosity }} --non-interactive --agree-tos --email {{ ga_web_ssl_letsencrypt_mail }} --cert-name {{ ga_web_key }}
-           --rsa-key-size {{ letsencrypt_key_size }} --no-redirect --domain {{ ga_web_dns }} {{ certbot_alias }}"
+  ansible.builtin.shell: "certbot certonly --apache -{{ certbot_verbosity }} --non-interactive --agree-tos --email {{ ga_web_ssl_letsencrypt_mail }} --cert-name {{ ga_web_key }}
+                          --rsa-key-size {{ letsencrypt_key_size }} --no-redirect --domain {{ ga_web_dns }} {{ certbot_alias }}"