Преглед на файлове

Various cleanups (line wrapping, quotting, etc.)

Emmanuel Bouthenot преди 9 години
родител
ревизия
40732f72f3
променени са 3 файла, в които са добавени 118 реда и са изтрити 54 реда
  1. 4 2
      roles/common/tasks/security.yml
  2. 18 10
      roles/hypervisor/tasks/xen.yml
  3. 96 42
      roles/webserver/tasks/nginx.yml

+ 4 - 2
roles/common/tasks/security.yml

@@ -99,7 +99,9 @@
       - Remount /proc
   when: with_hideproc and hideproc_gid != ''
 
-- name: Create Diffie-Helman parameters
-  command: openssl dhparam -2 -out /etc/ssl/private/dh{{ item }}.pem {{ item }} creates=/etc/ssl/private/dh{{ item }}.pem
+- name: 'Create Diffie-Helman parameters'
+  command: 'openssl dhparam -2 -out /etc/ssl/private/dh{{ item }}.pem {{ item }}'
+  args:
+    creates: '/etc/ssl/private/dh{{ item }}.pem'
   with_items:
     - 2048

+ 18 - 10
roles/hypervisor/tasks/xen.yml

@@ -1,19 +1,27 @@
-- name: Install Xen related packages
-  apt: pkg={{ item }} install_recommends=no state=installed update_cache=yes
+- name: 'Install Xen related packages'
+  apt:
+    pkg: '{{ item }}'
+    install_recommends: 'no'
+    state: 'installed'
+    update_cache: 'yes'
   with_items:
-    - bridge-utils
-    - xen-linux-system-amd64
-    - debootstrap
+    - 'xen-linux-system-amd64'
+    - 'bridge-utils'
+    - 'debootstrap'
   when: with_xen
 
-- name: Add GRUB options for Xen
-  lineinfile: dest=/etc/default/grub regexp="^GRUB_CMDLINE_XEN_DEFAULT=" insertafter="^GRUB_CMDLINE_LINUX=" line='GRUB_CMDLINE_XEN_DEFAULT="dom0_mem={{ xendom0_mem  }}M,max:{{ xendom0_mem }}M"'
+- name: 'Add GRUB options for Xen'
+  lineinfile:
+    dest: '/etc/default/grub'
+    regexp: '^GRUB_CMDLINE_XEN_DEFAULT='
+    insertafter: '^GRUB_CMDLINE_LINUX='
+    line: 'GRUB_CMDLINE_XEN_DEFAULT="dom0_mem={{ xendom0_mem  }}M,max:{{ xendom0_mem }}M"'
   when: with_xen
 
-- name: Set Xen hypervisor to boot first
-  command: dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen creates=/etc/grub.d/09_linux_xen
+- name: 'Set Xen hypervisor to boot first'
+  command: 'dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen creates=/etc/grub.d/09_linux_xen'
   notify:
-    - Update GRUB
+    - 'Update GRUB'
   when: with_xen
 
 - name: Configure Xend (memory)

+ 96 - 42
roles/webserver/tasks/nginx.yml

@@ -1,79 +1,133 @@
-- name: Install nginx package
-  apt: pkg=nginx state=installed update_cache=yes
+- name: 'Install nginx package'
+  apt:
+    pkg: 'nginx'
+    state: 'installed'
+    update_cache: 'yes'
   when: with_nginx
 
-- name: Install nginx default file configuration
-  template: src=nginx/default.j2 dest=/etc/default/nginx owner=root group=root mode=0644
+- name: 'Install nginx default file configuration'
+  template:
+    src: 'nginx/default.j2'
+    dest: '/etc/default/nginx'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   notify:
-    - Restart nginx
+    - 'Restart nginx'
   when: with_nginx
 
-- name: Install nginx configuration
-  template: src=nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf owner=root group=root mode=0644
+- name: 'Install nginx configuration'
+  template:
+    src: 'nginx/nginx.conf.j2'
+    dest: '/etc/nginx/nginx.conf'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   notify:
-    - Restart nginx
+    - 'Restart nginx'
   when: with_nginx
 
-- name: Install additional nginx configuration params (conf.d/)
-  template: src=nginx/conf.d/{{ item }}.conf.j2 dest=/etc/nginx/conf.d/{{ item }}.conf owner=root group=root mode=0644
+- name: 'Install additional nginx configuration params (conf.d/)'
+  template:
+    src: 'nginx/conf.d/{{ item }}.conf.j2'
+    dest: '/etc/nginx/conf.d/{{ item }}.conf'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   with_items:
-    - status
+    - 'status'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_nginx
 
-- name: Install additional nginx configuration params (vhost_*)
-  template: src=nginx/vhost_{{ item }}.j2 dest=/etc/nginx/vhost_{{ item }} owner=root group=root mode=0644
+- name: 'Install additional nginx configuration params (vhost_*)'
+  template:
+    src: 'nginx/vhost_{{ item }}.j2'
+    dest: '/etc/nginx/vhost_{{ item }}'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   with_items:
-    - all
-    - expires
-    - cache-fd
-    - protect-files
-    - security
+    - 'all'
+    - 'expires'
+    - 'cache-fd'
+    - 'protect-files'
+    - 'security'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_nginx
 
-- name: Create basic authentication file for admin (nginx)
-  template: src=nginx/auth_admin.j2 dest=/etc/nginx/auth_admin owner=root group=www-data mode=0640
+- name: 'Create basic authentication file for admin (nginx)'
+  template:
+    src: 'nginx/auth_admin.j2'
+    dest: '/etc/nginx/auth_admin'
+    owner: 'root'
+    group: 'www-data'
+    mode: '0640'
   when: with_nginx
 
-- name: Install PHPMyAdmin virtual host for nginx (sites-available)
-  template: src=nginx/pma_vhost.j2 dest=/etc/nginx/sites-available/pma owner=root group=root mode=0644
+- name: 'Install PHPMyAdmin virtual host for nginx (sites-available)'
+  template:
+    src: 'nginx/pma_vhost.j2'
+    dest: '/etc/nginx/sites-available/pma'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_phpmyadmin and with_nginx
 
-- name: Install PHPMyAdmin virtual host for nginx (sites-enabled)
-  file: src=/etc/nginx/sites-available/pma path=/etc/nginx/sites-enabled/pma state=link
+- name: 'Install PHPMyAdmin virtual host for nginx (sites-enabled)'
+  file:
+    src: '/etc/nginx/sites-available/pma'
+    path: '/etc/nginx/sites-enabled/pma'
+    state: 'link'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_phpmyadmin and with_nginx
 
-- name: Install PHPPgAdmin virtual host for nginx (sites-available)
-  template: src=nginx/pga_vhost.j2 dest=/etc/nginx/sites-available/pga owner=root group=root mode=0644
+- name: 'Install PHPPgAdmin virtual host for nginx (sites-available)'
+  template:
+    src: 'nginx/pga_vhost.j2'
+    dest: '/etc/nginx/sites-available/pga'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_phppgadmin and with_nginx
 
-- name: Install PHPPgAdmin virtual host for nginx (sites-enabled)
-  file: src=/etc/nginx/sites-available/pga path=/etc/nginx/sites-enabled/pga state=link
+- name: 'Install PHPPgAdmin virtual host for nginx (sites-enabled)'
+  file:
+    src: '/etc/nginx/sites-available/pga'
+    path: '/etc/nginx/sites-enabled/pga'
+    state: 'link'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_phppgadmin and with_nginx
 
-- name: Install PHP system checks virtual host for nginx (sites-available)
-  template: src=nginx/sys_vhost.j2 dest=/etc/nginx/sites-available/sys owner=root group=root mode=0644
+- name: 'Install PHP system checks virtual host for nginx (sites-available)'
+  template:
+    src: 'nginx/sys_vhost.j2'
+    dest: '/etc/nginx/sites-available/sys'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_php and with_nginx
 
-- name: Install PHP system checks virtual host for nginx (sites-enabled)
-  file: src=/etc/nginx/sites-available/sys path=/etc/nginx/sites-enabled/sys state=link
+- name: 'Install PHP system checks virtual host for nginx (sites-enabled)'
+  file:
+    src: '/etc/nginx/sites-available/sys'
+    path: '/etc/nginx/sites-enabled/sys'
+    state: 'link'
   notify:
-    - Reload nginx
+    - 'Reload nginx'
   when: with_php and with_nginx
 
-- name: Ensure nginx is running
-  service: name=nginx state=started
+- name: 'Ensure nginx is running'
+  service:
+    name: 'nginx'
+    state: 'started'
   when: with_nginx