Update to 2022-03-07 17:00

roles/bookstack/defaults/main.yml

@@ -1,11 +1,11 @@
 ---
 
 # Version to deploy
-bookstack_version: '22.02.2'
+bookstack_version: '22.02.3'
 # URL of the arhive
 bookstack_archive_url: https://github.com/BookStackApp/BookStack/archive/v{{ bookstack_version }}.tar.gz
 # Expected sha256 of the archive
-bookstack_archive_sha256: 7b7345c342bf665a2277ebaa9deead56010660606246d7b0b2d15119dcedf05f
+bookstack_archive_sha256: 30f618e2795e3d759fb1ed87e7bb898d47ad0edd71a873797b294cc3e3f0cd79
 
 # Should ansible handle bookstack upgrades or just the inintial install
 bookstack_manage_upgrade: True

roles/bookstack/tasks/main.yml

@@ -2,23 +2,32 @@
 
 - include_tasks: user.yml
   tags: always
+
 - include_tasks: directories.yml
   tags: always
+
 - include_tasks: facts.yml
   tags: always
+
 - include_tasks: archive_pre.yml
   when: bookstack_install_mode | default('none') == 'upgrade'
   tags: always
+
 - include_tasks: install.yml
   tags: always
+
 - include_tasks: conf.yml
   tags: always
+
 - include_tasks: services.yml
   tags: always
+
 - include_tasks: write_version.yml
   tags: always
+
 - include_tasks: archive_post.yml
   when: bookstack_install_mode | default('none') == 'upgrade'
   tags: always
+
 - include_tasks: cleanup.yml
   tags: always

roles/common/tasks/guest.yml

@@ -4,13 +4,14 @@
   stat: path=/dev/virtio-ports/org.qemu.guest_agent.0
   register: qemu_ga_dev
 
-- include: guest_{{ ansible_os_family }}.yml
+- include_tasks: guest_{{ ansible_os_family }}.yml
   when:
     - qemu_ga_dev.stat.exists
     - ansible_virtualization_type == 'kvm'
+  tags: always
 
 - name: Start and enable qemu guest agent
-  service: name=qemu-guest-agent state=started enabled=yes
+  service: name=qemu-guest-agent state=started enabled=True
   when:
     - qemu_ga_dev.stat.exists
     - ansible_virtualization_type == 'kvm'

roles/common/tasks/main.yml

@@ -6,22 +6,41 @@
     - vars/{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml
     - vars/{{ ansible_distribution }}.yml
     - vars/{{ ansible_os_family }}.yml
+  tags: always
 
 - include_tasks: facts.yml
+  tags: always
+
 - include_tasks: utils.yml
+  tags: always
+
 - include_tasks: hostname.yml
+  tags: always
+
 - include_tasks: tz.yml
+  tags: always
+
 - include_tasks: tuned.yml
   when:
     - ansible_virtualization_role == 'host' or ansible_virtualization_type != 'lxc'
     - ansible_os_family == 'RedHat'
+  tags: always
+
 - include_tasks: mail.yml
+  tags: always
+
 - include_tasks: system.yml
+  tags: always
+
 - include_tasks: ansible.yml
+  tags: always
+
 - include_tasks: hardware.yml
   when: ansible_virtualization_role == 'host'
+  tags: always
+
 - include_tasks: guest.yml
-  when:
-    - ansible_virtualization_role == 'guest'
+  when: ansible_virtualization_role == 'guest'
+  tags: always
 
 ...

roles/diagrams/defaults/main.yml

@@ -1,11 +1,11 @@
 ---
 
 # Veresion of diagrams to deploy
-diagrams_version: 16.6.4
+diagrams_version: 16.6.6
 # URL of the WAR file to deploy
 diagrams_war_url: https://github.com/jgraph/drawio/releases/download/v{{ diagrams_version }}/draw.war
 # Expected sha256 of the WAR file
-diagrams_war_sha256: 7565bb4e40170923d0546c3cdc93679db5c38a6c69c9043819a197f3d56a9493
+diagrams_war_sha256: bad6e2d9b989f947e8a7c87f7ca9394a7ba1b26ee4e1c3d552e70fb3a01c2c49
 # root directory of the installation
 diagrams_root_dir: /opt/diagrams
 # Should ansible manage upgrades, or just initial install ?

roles/diagrams/tasks/archive_post.yml

@@ -9,6 +9,6 @@
     warn: False
   tags: diagrams
 
-- name: Remove the arachive directory
+- name: Remove the archive directory
   file: path={{ diagrams_root_dir }}/archives/{{ diagrams_current_version }} state=absent
   tags: diagrams

roles/diagrams/tasks/main.yml

@@ -8,27 +8,37 @@
 
 - include_tasks: directories.yml
   tags: always
+
 - include_tasks: facts.yml
   tags: always
+
 - include_tasks: archive_pre.yml
   when: diagrams_install_mode | default('none') == 'upgrade'
   tags: always
+
 - include_tasks: install.yml
   tags: always
+
 - include_tasks: conf.yml
   tags: always
+
 - include_tasks: selinux.yml
   when: ansible_selinux.status == 'enabled'
   tags: always
+
 - include_tasks: iptables.yml
   when: iptables_manage | default(True)
   tags: always
+
 - include_tasks: services.yml
   tags: always
+
 - include_tasks: write_version.yml
   tags: always
+
 - include_tasks: archive_post.yml
   when: diagrams_install_mode | default('none') == 'upgrade'
   tags: always
+
 - include_tasks: cleanup.yml
   tags: always

roles/docker/tasks/install.yml

@@ -1,4 +1,5 @@
 ---
 
-- include: install_{{ ansible_os_family }}.yml
+- include_tasks: install_{{ ansible_os_family }}.yml
+  tags: always
 

roles/dolibarr/handlers/main.yml

@@ -1,4 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-- include: ../httpd_php/handlers/main.yml
-...

roles/framadate/handlers/main.yml

@@ -1,3 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-...

roles/glpi/handlers/main.yml

@@ -1,4 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-- include: ../httpd_php/handlers/main.yml
-...

roles/grafana/handlers/main.yml

@@ -1,5 +1,4 @@
 ---
-- include: ../common/handlers/main.yml
 
 - name: restart grafana
   service: name=grafana-server state=restarted

roles/httpd_common/handlers/main.yml

@@ -1,10 +1,8 @@
 ---
 
-- include: ../common/handlers/main.yml
-
 - name: reload httpd
   service: name=httpd state=reloaded
 
 - name: restart httpd
   service: name=httpd state=restarted
-...
+

roles/httpd_front/handlers/main.yml

@@ -1,8 +1,5 @@
 ---
 
-- include: ../httpd_common/handlers/main.yml
-
 - name: restart htcacheclean
-  service: name=htcacheclean state=restarted enabled=yes
+  service: name=htcacheclean state=restarted
 
-...

roles/httpd_php/handlers/main.yml

@@ -1,7 +1,5 @@
 ---
 
-- include: ../httpd_common/handlers/main.yml
-
 # We need to stop all the pools and then start them again
 # because if we move one pool config from one version to another
 # the socket might not be removed at the correct time, depending on the

roles/httpd_php/tasks/main.yml

@@ -56,7 +56,11 @@
   tags: web
 
 - name: Create user accounts for ansible PHP FPM pools
-  user: name={{ item }} comment="PHP FPM {{ item }}" system=True shell=/sbin/nologin
+  user:
+    name: "{{ item }}"
+    comment: "PHP FPM {{ item }}"
+    system: True
+    shell: /sbin/nologin
   loop: "{{ httpd_php_ansible_pools | default([]) | selectattr('user', 'defined') | map(attribute='user') | list }}"
   tags: web
 
@@ -73,14 +77,15 @@
   tags: web
 
 - name: Start and enable SCL PHP FPM services
-  service: name=php{{ item }}-php-fpm state=started enabled=yes
+  service: name=php{{ item }}-php-fpm state=started enabled=True
   loop: "{{ httpd_php_versions }}"
   tags: web
 
 - name: Deploy httpd configuration fragments
   template: src={{ item.src }} dest={{ item.dest }}
   loop:
-    - { src: httpd_php.conf.j2, dest: /etc/httpd/ansible_conf.d/php.conf }
+    - src: httpd_php.conf.j2
+      dest: /etc/httpd/ansible_conf.d/php.conf
   notify: reload httpd
   tags: web
 

roles/jitsi/handlers/main.yml

@@ -1,7 +1,5 @@
 ---
 
-- include: ../prosody/handlers/main.yml
-
 - name: restart jitsi-videobridge
   service: name=jitsi-videobridge state=restarted
 

roles/jitsi_videobridge/tasks/directories.yml

@@ -1,3 +1,4 @@
 ---
 
-- include: ../jitsi/tasks/directories.yml
+- include_tasks: ../jitsi/tasks/directories.yml
+  tags: always

roles/jitsi_videobridge/tasks/user.yml

@@ -1,3 +1,4 @@
 ---
 
-- include: ../jitsi/tasks/user.yml
+- include_tasks: ../jitsi/tasks/user.yml
+  tags: always

roles/kanboard/handlers/main.yml

@@ -1,4 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-- include: ../httpd_php/handlers/main.yml
-...

roles/lemonldap_ng/handlers/main.yml

@@ -1,8 +1,5 @@
 ---
 
-- include: ../httpd_common/handlers/main.yml
-- include: ../nginx/handlers/main.yml
-
 - name: restart llng
   service: name={{ (llng_server == 'nginx') | ternary((llng_engine == 'uwsgi') | ternary('llng-uwsgi', 'llng-fastcgi-server'), 'httpd') }} state=restarted
 

roles/lemonldap_ng_handler/handlers/main.yml

@@ -1,3 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-...

roles/libvirt_host/handlers/main.yml

@@ -1,6 +1,3 @@
 ---
-- include: ../common/handlers/main.yml
-
 - name: restart libvirtd
-  service: name=libvirtd state=restarted enabled=yes
-...
+  service: name=libvirtd state=restarted

roles/matrix_element/handlers/main.yml

@@ -1,3 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-...

roles/matrix_synapse_admin/tasks/main.yml

@@ -1,13 +1,28 @@
 ---
 
-- include: directories.yml
-- include: facts.yml
-- include: archive_pre.yml
-  when: synadm_install_mode == 'upgrade'
-- include: install.yml
-- include: conf.yml
-- include: archive_post.yml
-  when: synadm_install_mode == 'upgrade'
-- include: write_version.yml
-- include: cleanup.yml
+- include_tasks: directories.yml
+  tags: always
+
+- include_tasks: facts.yml
+  tags: always
+
+- include_tasks: archive_pre.yml
+  when: synadm_install_mode | default('none') == 'upgrade'
+  tags: always
+
+- include_tasks: install.yml
+  tags: always
+
+- include_tasks: conf.yml
+  tags: always
+
+- include_tasks: archive_post.yml
+  when: synadm_install_mode | default('none') == 'upgrade'
+  tags: always
+
+- include_tasks: write_version.yml
+  tags: always
+
+- include_tasks: cleanup.yml
+  tags: always
 

roles/mysql_server/handlers/main.yml

@@ -1,9 +1,6 @@
 ---
-- include: ../common/handlers/main.yml
-
 - name: restart mysql
-  service: name={{ mysql_service_name }} state=restarted enabled=yes
+  service: name={{ mysql_service_name }} state=restarted
 
 - name: mysql_upgrade
   command: mysql_upgrade
-...

roles/nginx/tasks/main.yml

@@ -18,7 +18,7 @@
   tags: always
 
 - include_tasks: selinux.yml
-  when: ansible_selinux.stats == 'enabled'
+  when: ansible_selinux.status == 'enabled'
   tags: always
 
 - include_tasks: iptables.yml

roles/phpmyadmin/handlers/main.yml

@@ -1,3 +1 @@
 ---
-- include: ../httpd_common/handlers/main.yml
-- include: ../httpd_php/handlers/main.yml

roles/pve/defaults/main.yml

@@ -11,9 +11,6 @@ pve_ksm_thres_coef: 35
 pve_ksm_thres_const: 8000
 pve_ksm_npages_boost: 1200
 
-pve_ocfs2: False
-pve_ocfs2_heartbeat_thres: 8
-
 pve_online: False
 # pve_online_api_key:
 pve_wan_bridge: vmbr1

roles/pve/handlers/main.yml

@@ -1,14 +1,8 @@
 ---
 
-- include: ../common/handlers/main.yml
-
 - name: restart ksmtuned
   service: name=ksmtuned state=restarted
 
-- name: restart o2cb
-  service: name=o2cb state=restarted
-  when: pve_ocfs2 == True
-
 - name: restart pveproxy
   service: name=pveproxy state=restarted
 

roles/pve/tasks/main.yml

@@ -36,16 +36,6 @@
   when: pve_modules.changed
   tags: pve
 
-- name: Enable ocfs2 support
-  set_fact: pve_ocfs2=True
-  when: fstab | default([]) | selectattr('fstype','equalto','ocfs2') | list | length > 0
-  tags: pve
-
-- name: Install ocfs2 support
-  apt: name=ocfs2-tools state=present
-  when: pve_ocfs2 == True
-  tags: pve
-
 - name: Check proxmox cluster status
   command: pvesh get /cluster/status --output-format=json
   register: pve_cluster_status_1
@@ -70,22 +60,6 @@
   when: pve_cluster_status_1.rc != 0
   tags: pve
 
-- name: Deploy ocfs2 config
-  template: src=ocfs2.conf.j2 dest=/etc/ocfs2/cluster.conf
-  when: pve_ocfs2 == True
-  notify: restart o2cb
-  tags: pve
-
-- name: Deploy o2cb conf
-  template: src=o2cb.j2 dest=/etc/default/o2cb
-  when: pve_ocfs2 == True
-  tags: pve
-
-- name: Handle o2cb service
-  service: name=o2cb state=started enabled=True
-  when: pve_ocfs2 == True
-  tags: pve
-
 - name: Deploy the unlock_dev script
   copy: src=unlock_dev dest=/usr/local/bin/unlock_dev mode=755
   tags: pve

roles/pve/templates/o2cb.j2

@@ -1,17 +0,0 @@
-# O2CB_ENABLED: 'true' means to load the driver on boot.
-O2CB_ENABLED=true
-
-# O2CB_BOOTCLUSTER: If not empty, the name of a cluster to start.
-O2CB_BOOTCLUSTER=ocfs2
-
-# O2CB_HEARTBEAT_THRESHOLD: Iterations before a node is considered dead.
-O2CB_HEARTBEAT_THRESHOLD={{ pve_ocfs2_heartbeat_thres }}
-
-# O2CB_IDLE_TIMEOUT_MS: Time in ms before a network connection is considered dead.
-O2CB_IDLE_TIMEOUT_MS=30000
-
-# O2CB_KEEPALIVE_DELAY_MS: Max. time in ms before a keepalive packet is sent.
-O2CB_KEEPALIVE_DELAY_MS=2000
-
-# O2CB_RECONNECT_DELAY_MS: Min. time in ms between connection attempts.
-O2CB_RECONNECT_DELAY_MS=2000

roles/pve/templates/ocfs2.conf.j2

@@ -1,12 +0,0 @@
-{% for element in pve_cluster | selectattr("type","equalto","node") | sort(attribute='id')%}
-node:
-  ip_port = 7777
-  ip_address = {{ element.ip }}
-  number = {{ loop.index0 }}
-  name = {{ element.name }}
-  cluster = ocfs2
-
-{% endfor %}
-cluster:
-  node_count = {{ pve_cluster | selectattr("type","equalto","node") | list | length }}
-  name = ocfs2

roles/samba/handlers/main.yml

@@ -1,7 +1,5 @@
 ---
 
-- include: ../common/handlers/main.yml
-
 - name: reload samba
   service:
     name: "{{ (samba_role == 'dc' or samba_role == 'rodc') | ternary('samba','smb') }}"

roles/seafile/handlers/main.yml

@@ -1,7 +1,5 @@
 ---
 
-- include: ../common/handlers/main.yml
-
 - name: restart seafile
   service: name=seafile state=restarted
   when: seafile_install_mode != 'upgrade'

roles/system_proxy/handlers/main.yml

@@ -1,2 +1 @@
 ---
-- include: ../common/handlers/main.yml

roles/unmaintained/ethercalc/handlers/main.yml

@@ -1,4 +1,3 @@
 ---
-- include: ../common/handlers/main.yml
 - name: restart ethercalc
   service: name=ethercalc_{{ ethercalc_id }} state=restarted enabled=yes