Lots of updated roles

2020-05-12 17:07:38 -06:00
parent 5a9254097e
commit 6bb3e3f34f
35 changed files with 264 additions and 125 deletions
--- a/app/atlassian/confluence/tasks/mysql.yml
+++ b/app/atlassian/confluence/tasks/mysql.yml
@@ -6,7 +6,7 @@
    dest: /etc/mysql/mysql.conf.d/mysqld.cnf
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
  notify: restart mysql # Only reloads if file has changed!

 # Create the confluence MySQL database
--- a/app/atlassian/servicedesk/tasks/mysql.yml
+++ b/app/atlassian/servicedesk/tasks/mysql.yml
@@ -6,7 +6,7 @@
    dest: "/etc/mysql/percona-server.conf.d/mysqld.cnf"
    owner: root
    group: root
-    mode: 0644 #-rw-r--r--
+    mode: '0644' #-rw-r--r--
  notify: restart mysql # Only runs if file changed!

 # Create the servicedesk MySQL database
--- a/app/erpnext-12/tasks/configure-erpnext.yml
+++ b/app/erpnext-12/tasks/configure-erpnext.yml
@@ -10,14 +10,14 @@
  file:
    path: '{{ base }}'
    state: directory
-    owner: toor
-    group: toor
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    mode: '0755'

 # Run frappe bench init
 - name: Running frappe bench init
-  # NOTICE: running as toor
-  become_user: toor
+  # NOTICE: running as superuser
+  become_user: '{{ superuser }}'
  shell: bench init {{ projectname }} --frappe-branch version-12 --no-backups
  args:
    chdir: '{{ base }}'
@@ -27,8 +27,8 @@

 # Run frappe bench init with custom repo
 - name: Running frappe bench init with custom repo
-  # NOTICE: running as toor
-  become_user: toor
+  # NOTICE: running as superuser
+  become_user: '{{ superuser }}'
  shell: bench init {{ projectname }} --frappe-path {{ frappe_repo }} --frappe-branch version-12 --no-backups
  args:
    chdir: '{{ base }}'
@@ -38,7 +38,7 @@

 # Create frappe-bench supervisor configs
 - name: Creating frappe-bench supervisor config
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench setup supervisor
  args:
    chdir: '{{ path }}'
@@ -54,7 +54,7 @@

 # Get ERPNext app
 - name: Getting ERPNext app
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench get-app erpnext --branch version-12
  args:
    chdir: '{{ path }}'
@@ -64,7 +64,7 @@

 # Get ERPNext app from custom repo
 - name: Getting ERPNext app from custom repo
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench get-app erpnext {{ erpnext_repo }} --branch version-12
  args:
    chdir: '{{ path }}'
@@ -74,7 +74,7 @@

 # Settings frappe bench mariadb-host
 - name: Setting frappe bench mariadb-host
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench set-mariadb-host {{ db_host }}
  args:
    chdir: '{{ path }}'
@@ -82,7 +82,7 @@

 # Create new site using local database
 - name: Creating new frappe site using local database
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench new-site {{ site }} --admin-password {{ erpnext_admin_password }} --db-name {{ db_name }} --db-password {{ erpnext_db_password }} --mariadb-root-username root --mariadb-root-password {{ root_db_password }} --force
  args:
    chdir: '{{ path }}'
@@ -92,7 +92,7 @@

 # Create new site using remote database
 - name: Creating new frappe site using remote database
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench new-site {{ site }} --admin-password {{ erpnext_admin_password }} --db-name {{ db_name }} --db-password {{ erpnext_db_password }} --mariadb-root-username root --mariadb-root-password {{ root_db_password }} --force --no-mariadb-socket
  args:
    chdir: '{{ path }}'
@@ -102,7 +102,7 @@

 # Adding ERPNext to site
 - name: Adding ERPNext to site
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench --site {{ site }} install-app erpnext
  args:
    chdir: '{{ path }}'
@@ -111,7 +111,7 @@

 # Create frappe-bench nginx configs
 - name: Creating frappe-bench nginx config
-  become_user: toor
+  become_user: '{{ superuser }}'
  shell: bench setup nginx
  args:
    chdir: '{{ path }}'
--- a/app/erpnext-12/tasks/configure-linux.yml
+++ b/app/erpnext-12/tasks/configure-linux.yml
@@ -1,9 +1,9 @@
 ---
-# Copy ssh client config for toor user so we can git clone without confirmation
- name: Copying toor SSH client config
+# Copy ssh client config for superuser user so we can git clone without confirmation
+- name: Copying superuser SSH client config
  copy:
    src: 'ssh.config'
-    dest: '/home/toor/.ssh/config'
-    owner: toor
-    group: toor
+    dest: '/home/{{ superuser }}/.ssh/config'
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    mode: '0644'
--- a/app/erpnext-12/tasks/main.yml
+++ b/app/erpnext-12/tasks/main.yml
@@ -1,9 +1,9 @@
 ---
 # NOTICE: Commands like frappe bench and git clone need to run
-# as the toor user, not root.  The playbook that runs this role
-# should be logging in as toor, using become:yes with toors ssh key
+# as the superuser user, not root.  The playbook that runs this role
+# should be logging in as superuser, using become:yes with superusers ssh key
 # Because become:yes all command still run as root, until I use
-# become_user: toor below.
+# become_user: superuser below.

 - include_tasks: configure-linux.yml
 - include_tasks: configure-mysql.yml
--- a/app/konga-0.14.7/tasks/main.yml
+++ b/app/konga-0.14.7/tasks/main.yml
@@ -13,8 +13,8 @@
  file:
    path: /var/www
    state: directory
-    owner: toor
-    group: toor
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    mode: '0755'

 # Create /var/www/konga folder
@@ -22,14 +22,14 @@
  file:
    path: /var/www/konga
    state: directory
-    owner: toor
-    group: toor
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    mode: '0755'

 # Git clone https://github.com/pantsel/konga.git
 - name: Git clone https://github.com/pantsel/konga.git tag 0.14.7
-  # NOTICE: running as toor
-  become_user: toor
+  # NOTICE: running as superuser
+  become_user: '{{ superuser }}'
  git:
    clone: yes
    force: yes
@@ -38,13 +38,13 @@
    version: 0.14.7
    depth: 1

-# Ensure konga git contents owned by toor
- name: Ensuring konga git contents owned by toor
+# Ensure konga git contents owned by superuser
+- name: Ensuring konga git contents owned by superuser
  file:
    path: /var/www/konga
    state: directory
-    owner: toor
-    group: toor
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    recurse: yes

 # Delete package-lock.json
@@ -55,31 +55,31 @@

 # Install konga npm packages
 - name: Installing konga NPM packages
-  # NOTICE: running as toor
-  become_user: toor
+  # NOTICE: running as superuser
+  become_user: '{{ superuser }}'
  npm:
    path: /var/www/konga

 # Install konga bower dependencies
 - name: Installing konga bower dependencies
-  # NOTICE: running as toor
-  become_user: toor
+  # NOTICE: running as superuser
+  become_user: '{{ superuser }}'
  shell: npm run bower-deps
  args:
    chdir: /var/www/konga

-# Ensure konga git contents owned by toor
- name: Ensuring konga git contents owned by toor
+# Ensure konga git contents owned by superuser
+- name: Ensuring konga git contents owned by superuser
  file:
    path: /var/www/konga
    state: directory
-    owner: toor
-    group: toor
+    owner: '{{ superuser }}'
+    group: '{{ superuser }}'
    recurse: yes

 # Copy konga systemd unit file
 - name: Copying konga.service systemd unit file
-  copy:
+  template:
    src: konga.service
    dest: "/etc/systemd/system/konga.service"
    owner: root
--- a/app/konga-0.14.7/templates/konga.service
+++ b/app/konga-0.14.7/templates/konga.service
@@ -4,7 +4,7 @@ After=network.target

 [Service]
 Type=simple
-User=toor
+User={{ superuser }}
 WorkingDirectory=/var/www/konga
 ExecStart=/usr/bin/node --harmony app.js --prod
 Restart=on-failure