ansible/roles/common/tasks/main.yml in subspace-2.0.4 vs ansible/roles/common/tasks/main.yml in subspace-2.1.0

- old
+ new

@@ -1,136 +1,250 @@ --- - name: Test connection ping: + tags: + - maintenance - name: Ensure /etc/profile.d/ exists file: path: "/etc/profile.d/" owner: root state: directory become: yes + tags: + - maintenance - name: Set terminal color vars: terminal_env_playbook: "{{terminal_env | default('not provided', true) }}" template: src: terminalcolor dest: "/etc/profile.d/termcolor.sh" mode: a+x become: true + tags: + - maintenance - name: Set MOTD template: src: motd dest: /etc/motd become: true + tags: + - maintenance - name: Set hostname command: hostname {{hostname}} become: true + tags: + - maintenance - name: Set hostname in /etc/hosts lineinfile: dest: "/etc/hosts" line: "127.0.0.1 {{hostname}}" state: present insertafter: "127.0.0.1 localhost" become: true + tags: + - maintenance - name: update /etc/hostname copy: content: "{{hostname}}" dest: /etc/hostname become: true + tags: + - maintenance - name: Set hostname for systemd hostname: name: "{{hostname}}" become: true + tags: + - maintenance - name: install aptitude apt: pkg: aptitude state: present become: true + tags: + - maintenance - name: apt-get update apt: update_cache=yes cache_valid_time=86400 become: true tags: - upgrade + - maintenance - name: /usr/lib/update-notifier/apt-check --human-readable command: /usr/lib/update-notifier/apt-check --human-readable tags: - upgrade + - maintenance register: out - name: Creates /opt/subspace file: path: /opt/subspace state: directory become: true + tags: + - maintenance + - upgrade - name: Save updates to /opt/subspace/updates.log lineinfile: path: /opt/subspace/updates.log line: "[{{ out.end }}]\n{{ out.stdout }}" insertafter: EOF create: yes become: true + tags: + - maintenance + - upgrade - name: apt-get upgrade apt: upgrade=full become: true tags: + - maintenance - upgrade - name: apt-get autoremove apt: autoremove: true become: true tags: + - maintenance - upgrade + - name: Get os_upgrades stats + shell: + cmd: | + sed -n "/$(date '+%Y-%m')/,+2p" updates.log | # Groups of lines from the current month + grep 'packages' | # Only lines matching 'packages' + grep -P -o '(^\d+)' | #Extract the numbers at the beginning of the lines + awk '{s+=$1} END {print s}' # Sum all the lines + args: + chdir: /opt/subspace + register: stats_os_upgrades + when: send_stats == true and stats_url is defined and stats_api_key is defined + tags: + - maintenance + - stats + + - name: Send os_upgrades stats to URL + uri: + url: "{{stats_url}}" + method: POST + headers: + X-API-Version: 1 + X-Client-Api-key: "{{stats_api_key}}" + body_format: json + body: + client_stat: + key: os_upgrades + value: "{{stats_os_upgrades.stdout}}" + hostname: "{{hostname}}" + when: send_stats == true and stats_url is defined and stats_api_key is defined + tags: + - maintenance + - stats + + - name: Get os_security_upgrades stats + shell: + cmd: | + sed -n "/$(date '+%Y-%m')/,+2p" updates.log | # Groups of lines from the current month + grep 'security' | # Only lines matching 'security' + grep -P -o '(^\d+)' | #Extract the numbers at the beginning of the lines + awk '{s+=$1} END {print s}' # Sum all the lines + args: + chdir: /opt/subspace + register: stats_os_security_upgrades + when: send_stats == true and stats_url is defined and stats_api_key is defined + tags: + - maintenance + - stats + + - name: Send os_security_upgrades stats to URL + uri: + url: "{{stats_url}}" + method: POST + headers: + X-API-Version: 1 + X-Client-Api-key: "{{stats_api_key}}" + body_format: json + body: + client_stat: + key: os_security_upgrades + value: "{{stats_os_security_upgrades.stdout}}" + hostname: "{{hostname}}" + when: send_stats == true and stats_url is defined and stats_api_key is defined + tags: + - maintenance + - stats + + - name: Clear updates.log + file: + path: /opt/subspace/updates.log + state: absent + when: send_stats == true and stats_url is defined and stats_api_key is defined + tags: + - maintenance + - stats + - name: set timezone to America/Chicago timezone: name: America/Chicago + tags: + - maintenance - name: Add deploy user user: name: "{{deploy_user}}" state: present generate_ssh_key: yes shell: /bin/bash become: true + tags: + - maintenance - name: Add deploy user to adm group so it can view logs in /var/log user: name: "{{deploy_user}}" append: yes groups: "adm" become: true + tags: + - maintenance - name: Add sudoers.d file so that deploy can restart services without entering password. copy: src: sudoers-service dest: /etc/sudoers.d/service become: true + tags: + - maintenance - name: Update authorized_keys for deploy user copy: src: authorized_keys dest: "/home/{{deploy_user}}/.ssh/authorized_keys" owner: "{{deploy_user}}" become: true tags: - authorized_keys + - maintenance - name: Create directory to which to deploy file: path: /u/apps/{{project_name}} owner: "{{deploy_user}}" state: directory become: true + tags: + - maintenance - import_tasks: swap.yml