Ansible code update: quoted variables, rewrote classic functions, che…

environments/template/tasks/common.yml

@@ -3,16 +3,22 @@
 # Note: adding notify to tasks in this file does not work, the handler will not be called
 
 - name: Disallow SSH root login
-  lineinfile: dest=/etc/ssh/sshd_config regexp="^PermitRootLogin\s" line="PermitRootLogin no"
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^PermitRootLogin\s'
+    line: "PermitRootLogin no"
   tags: skip_docker_test
   register: ssh_result
 
   # In lieu of using a handler, restart sshd when the previous task changed
 - name: restart sshd
-  service: name=sshd state=restarted
+  service:
+    name: sshd
+    state: restarted
   when: ssh_result.changed
 
-
 - name: Set MOTD
-  template: src={{ inventory_dir + '/templates/common/motd.j2' }} dest=/etc/motd
+  template:
+    src: "{{ inventory_dir + '/templates/common/motd.j2' }}"
+    dest: /etc/motd
   tags: motd

print_file_hash.yml

@@ -1,6 +1,7 @@
 ---
 
-- stat:
+- name: get filepath
+  stat:
     path: "{{ file_path }}"
     checksum_algorithm: sha256
     get_checksum: yes

push-mw-config.yml

@@ -11,7 +11,13 @@
 
   tasks:
   - name: Write middleware config and whitelist to /root/
-    template: src={{ inventory_dir }}/templates/middleware/{{ item }}.j2 dest=/opt/scripts/{{ item }} group={{ app_deploy_user }} owner={{ app_deploy_user }} mode="400" backup=yes
+    template:
+      src: "{{ inventory_dir }}/templates/middleware/{{ item }}.j2"
+      dest: "/opt/scripts/{{ item }}"
+      group: "{{ app_deploy_user }}"
+      owner: "{{ app_deploy_user }}"
+      mode: 0400
+      backup: yes
     with_items:
     - middleware-config.json
     - middleware-whitelist.json

push-mw-institution.yml

@@ -11,7 +11,11 @@
 
   tasks:
   - name: Write middleware (institution) config and whitelist to /opt/scripts/
-    template: src={{ inventory_dir }}/templates/middleware/{{ item }}.j2 dest=/opt/scripts/{{ item }} mode="400" backup=yes
+    template:
+      src: "{{ inventory_dir }}/templates/middleware/{{ item }}.j2"
+      dest: "/opt/scripts/{{ item }}"
+      mode: 0400
+      backup: yes
     with_items:
     - middleware-config.json
     - middleware-whitelist.json

push-mw-whitelist.yml

@@ -13,7 +13,11 @@
 
   tasks:
   - name: Write middleware config and whitelist to /opt/scripts/
-    template: src={{ inventory_dir }}/templates/middleware/{{ item }}.j2 dest=/opt/scripts/{{ item }} mode="400" backup=yes
+    template:
+      src: "{{ inventory_dir }}/templates/middleware/{{ item }}.j2"
+      dest: /opt/scripts/"{{ item }}"
+      mode: 0400
+      backup: yes
     with_items:
     - middleware-config.json
     - middleware-whitelist.json

roles/app/tasks/main.yml

@@ -50,10 +50,14 @@
 # Install the "REMI" repo which contain newer php packages that override the default
 # that come with the distro (CentOS7: 5.4; CentOS6: 5.3)
 - name: Install REMI repo
-  yum: name=http://rpms.famillecollet.com/enterprise/remi-release-7.rpm state=present
+  yum:
+    name: "http://rpms.famillecollet.com/enterprise/remi-release-7.rpm"
+    state: present
 
 - name: Enable REMI repo
-  copy: src=remi.repo dest=/etc/yum.repos.d/remi.repo
+  copy:
+    src: remi.repo
+    dest: /etc/yum.repos.d/remi.repo
 
 
 ## PHP 5.6 installation block
@@ -83,21 +87,30 @@
 
   # php-gd requires libgd (>2.1.1) from remi repo
   - name: Install php-gd
-    yum: name=php-gd state=present enablerepo=remi
+    yum:
+      name: php-gd
+      state: present
+      enablerepo: remi
 
   - name: Put php.ini for PHP 5.6 (/etc/php.ini)
-    template: src='php.ini.j2' dest='/etc/php.ini'
+    template:
+      src: 'php.ini.j2'
+      dest: '/etc/php.ini'
     notify:
       - restart php-fpm
 
   # Place empty www.conf to prevent this file being created on php-fpm OS-updates
   - name: Add empty www.conf in /etc/php-fpm.d/
-    copy: src='www.conf' dest='/etc/php-fpm.d/www.conf'
+    copy: 
+      src:'www.conf'
+      dest:'/etc/php-fpm.d/www.conf'
     notify:
       - restart php-fpm
 
   - name: Put /etc/php-fpm.conf
-    copy: src='php-fpm.conf' dest='/etc/php-fpm.conf'
+    copy:
+      src: 'php-fpm.conf'
+      dest: '/etc/php-fpm.conf'
     notify:
       - restart php-fpm
 
@@ -128,18 +141,24 @@
         state: present
 
     - name: Put php.ini for PHP 7.2 (/etc/opt/remi/php72/php.ini)
-      template: src='php.ini.j2' dest='/etc/opt/remi/php72/php.ini'
+      template:
+        src: 'php.ini.j2'
+        dest: '/etc/opt/remi/php72/php.ini'
       notify:
         - restart php72-php-fpm
 
     # Place empty www.conf to prevent this file being created on php-fpm OS-updates
     - name: Add empty www.conf in /etc/opt/remi/php72/php-fpm.d/www.conf
-      copy: src='www.conf' dest='/etc/opt/remi/php72/php-fpm.d/www.conf'
+      copy: 
+        src:'www.conf'
+        dest:'/etc/opt/remi/php72/php-fpm.d/www.conf'
       notify:
         - restart php72-php-fpm
 
     - name: Put /etc/opt/remi/php72/php-fpm.conf
-      copy: src='php72-php-fpm.conf' dest='/etc/opt/remi/php72/php-fpm.conf'
+      copy:
+        src: 'php72-php-fpm.conf'
+        dest: '/etc/opt/remi/php72/php-fpm.conf'
       notify:
         - restart php72-php-fpm
 
@@ -148,15 +167,19 @@
 
 # Look for sendmail smarthost
 - name: Configure sendmail with smarthost
-  template: src='sendmail.cf.j2' dest='/etc/mail/sendmail.cf'
+  template:
+    src: 'sendmail.cf.j2'
+    dest: '/etc/mail/sendmail.cf'
   when: sendmail_smarthost is defined
   register: sendmail_smarthost_result
   notify:
     - reload sendmail
 
 
 - name: Create deploy user
-  user: name={{app_deploy_user}} state=present
+  user:
+    name: "{{ app_deploy_user }}"
+    state: present
 
 - name: Add authorized_keys for deploy user
   authorized_key:
@@ -169,7 +192,9 @@
 
 # Remove default distro conf files
 - name: Remove nginx known default distro files in /etc/nginxconf.d/
-  file: path={{item}} state=absent
+  file:
+    path: "{{ item }}"
+    state: absent
   with_items:
   - /etc/nginx/conf.d/default.conf
   - /etc/nginx/conf.d/ssl.conf
@@ -178,28 +203,48 @@
   - restart nginx
 
 - name: Put nginx.conf
-  template: src='nginx.conf.j2' dest='/etc/nginx/nginx.conf'
+  template:
+    src: 'nginx.conf.j2'
+    dest: '/etc/nginx/nginx.conf'
   notify:
   - restart nginx
 
 # This task can be removed once deployed on all nodes
 - name: Remove obsolete Nginx rsyslog config
-  file: path=/etc/rsyslog.d/nginx.conf state=absent
+
+  file:
+    path: /etc/rsyslog.d/nginx.conf
+    state: absent
   notify: restart rsyslog
 
 # Set mode to a+x so components can access their subdirectories under session/
 - name: Create directory for vhosts to store PHP sessions
-  file: path=/var/lib/stepup/session/ state=directory mode="771" owner=root group=root
+  file:
+    path: /var/lib/stepup/session/
+    state: directory
+    mode: 0771
+    owner: root
+    group: root
 
 
 # Directory that contains the symlinks to active applications
 - name: Create /opt/www/
-  file: path=/opt/www/ state=directory owner=root group={{ app_deploy_user }} mode=775
+  file:
+    path: /opt/www/
+    state: directory
+    owner: root
+    group: "{{ app_deploy_user }}"
+    mode: 0775
 
 
 # Directory for configuration scripts
 - name: Create /opt/scripts/
-  file: path=/opt/scripts/ state=directory owner=root group={{ app_deploy_user }} mode=770
+  file:
+    path: /opt/scripts/
+    state: directory
+    owner: root
+    group: "{{ app_deploy_user }}"
+    mode: 0770
 
 
 # Create vhosts for stepup components
@@ -314,29 +359,41 @@
 
 
 - name: Start and enable nginx & smtp services
-  service: name={{item}} state=started enabled=true
+  service:
+    name: "{{ item }}"
+    state: started
+    enabled: true
   with_items:
   - nginx
   - sendmail
 
 
 - name: Start and enable php-fpm if needed
-  service: name={{item}} state=started enabled=true
+  service:
+    name: "{{ item }}"
+    state: started
+    enabled: true
   with_items:
     - php-fpm
   when: app_require_php56
 
 
 - name: Start and enable php7-fpm if needed
-  service: name={{item}} state=started enabled=true
+  service:
+    name: "{{ item }}"
+    state: started
+    enabled: true
   with_items:
   - php72-php-fpm
   when: app_require_php72
 
   # /var/log/stepup-authentication-*.log is written by rsyslog (common role)
   # messages are generated by gateway component
 - name: Put daily cron jobs for compressing and cleaning stepup-authentication logs
-  copy: src={{ item }} dest='/etc/cron.daily/{{ item }}' mode=700
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/cron.daily/{{ item }}"
+    mode: 0700
   when: "inventory_hostname in groups['stepup-gateway']"
   with_items:
   - compress-stepup-authnlogs.cron
@@ -347,7 +404,10 @@
   block:
 
   - name: Stop and disable php-fpm
-    service: name={{item}} state=stopped enabled=false
+    service:
+      name: "{{ item }}"
+      state: stopped
+      enabled: false
     with_items:
       - php-fpm
     ignore_errors: yes

roles/app/tasks/php56-vhost-symfony3.yml

@@ -6,10 +6,14 @@
 # The default app simply returns "No application installed for vhost {{ vhost_name }}"
 # For symfony 3 the app location is web/app.php
 - name: Create default app directory for {{ vhost_name }}
-  file: path=/opt/default/{{ vhost_name }}/web/ state=directory
+  file:
+    path: "/opt/default/{{ vhost_name }}/web/"
+    state: directory
 
 - name: Create default /opt/default/{{ vhost_name }}/web/app.php
-  template: src='httpd-index.php.j2' dest='/opt/default/{{ vhost_name }}/web/app.php'
+  template:
+    src: 'httpd-index.php.j2'
+    dest: '/opt/default/{{ vhost_name }}/web/app.php'
 
 
 # Put httpd vhost config
@@ -23,7 +27,9 @@
 
 # Put fpm config for PHP 5.6
 - name: Put php-fpm config for {{ vhost_name  }}
-  template: src='php56-fpm-pool.conf.j2' dest='/etc/php-fpm.d/{{ vhost_name }}.conf'
+  template:
+    src: 'php56-fpm-pool.conf.j2'
+    dest: '/etc/php-fpm.d/{{ vhost_name }}.conf'
   notify:
     - restart php-fpm
 
@@ -33,4 +39,4 @@
       path: "/etc/opt/remi/php72/php-fpm.d/{{ vhost_name }}.conf"
       state: absent
   notify:
-    - restart php72-php-fpm
+    - restart php72-php-fpm

roles/app/tasks/php72-vhost-symfony3.yml

@@ -8,11 +8,14 @@
 # The default app simply returns "No application installed for vhost {{ vhost_name }}"
 # For symfony 3 the app location is web/app.php
 - name: Create default app directory for {{ vhost_name }}
-  file: path=/opt/default/{{ vhost_name }}/web/ state=directory
+  file:
+    path: "/opt/default/{{ vhost_name }}/web/"
+    state: directory
 
 - name: Create default /opt/default/{{ vhost_name }}/web/app.php
-  template: src='httpd-index.php.j2' dest='/opt/default/{{ vhost_name }}/web/app.php'
-
+  template:
+    src: 'httpd-index.php.j2'
+    dest: '/opt/default/{{ vhost_name }}/web/app.php'
 
 
 # Put httpd vhost config

roles/app/tasks/php72-vhost-symfony4.yml

@@ -8,11 +8,14 @@
 # The default app simply returns "No application installed for vhost {{ vhost_name }}"
 # For Symfony 4 config the app location is public/index.php
 - name: Create default app directory for {{ vhost_name }}
-  file: path=/opt/default/{{ vhost_name }}/public/ state=directory
+  file:
+    path: "/opt/default/{{ vhost_name }}/public/"
+    state: directory
 
 - name: Create default /opt/default/{{ vhost_name }}/public/index.php
-  template: src='httpd-index.php.j2' dest='/opt/default/{{ vhost_name }}/public/index.php'
-
+  template:
+    src: 'httpd-index.php.j2'
+    dest: '/opt/default/{{ vhost_name }}/public/index.php'
 
 
 # Put httpd vhost config