feat(ansible): Migrate Ubuntu Jammy II

author Peter Mikus <pmikus@cisco.com>

Thu, 7 Jul 2022 10:31:16 +0000 (10:31 +0000)

committer Peter Mikus <peter.mikus@protonmail.ch>

Thu, 7 Jul 2022 13:11:37 +0000 (13:11 +0000)
author Peter Mikus <pmikus@cisco.com>
Thu, 7 Jul 2022 10:31:16 +0000 (10:31 +0000)
committer Peter Mikus <peter.mikus@protonmail.ch>
Thu, 7 Jul 2022 13:11:37 +0000 (13:11 +0000)
diff --git a/fdio.infra.ansible/nomad.yaml b/fdio.infra.ansible/nomad.yaml

index 5a8c4ca..8dbdac5 100644 (file)
--- a/fdio.infra.ansible/nomad.yaml
+++ b/fdio.infra.ansible/nomad.yaml
@@ -22,9 +22,9 @@
        tags: nomad
      - role: consul
        tags: consul
-    - role: prometheus_exporter
-      tags: prometheus_exporter
-    - role: jenkins_job_health_exporter
-      tags: jenkins_job_health_exporter
-    - role: cleanup
-      tags: cleanup
+#    - role: prometheus_exporter
+#      tags: prometheus_exporter
+#    - role: jenkins_job_health_exporter
+#      tags: jenkins_job_health_exporter
+#    - role: cleanup
+#      tags: cleanup
diff --git a/fdio.infra.ansible/roles/baremetal/handlers/main.yaml b/fdio.infra.ansible/roles/baremetal/handlers/main.yaml

index d8dabeb..6e8734e 100644 (file)
--- a/fdio.infra.ansible/roles/baremetal/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/baremetal/handlers/main.yaml
@@ -14,13 +14,13 @@
      - cimc-handlers
  
  - name: Reboot server
-  reboot:
+  ansible.builtin.reboot:
      reboot_timeout: 3600
    tags:
      - reboot-server
  
  - name: Wait for server to restart
-  wait_for:
+  ansible.builtin.wait_for:
      host: "{{ inventory_hostname }}"
      search_regex: OpenSSH
      port: 22
diff --git a/fdio.infra.ansible/roles/consul/defaults/main.yaml b/fdio.infra.ansible/roles/consul/defaults/main.yaml

index 13bba8b..503857d 100644 (file)
--- a/fdio.infra.ansible/roles/consul/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/consul/defaults/main.yaml
@@ -24,7 +24,7 @@ consul_architecture_map:
    32-bit: "386"
    64-bit: "amd64"
  consul_architecture: "{{ consul_architecture_map[ansible_architecture] }}"
-consul_version: "1.9.5"
+consul_version: "1.12.2"
  consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip"
  consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}"
  consul_force_update: false
diff --git a/fdio.infra.ansible/roles/consul/handlers/main.yaml b/fdio.infra.ansible/roles/consul/handlers/main.yaml

index d0e0c59..a88ae45 100644 (file)
--- a/fdio.infra.ansible/roles/consul/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/consul/handlers/main.yaml
@@ -2,14 +2,14 @@
  # file roles/consul/handlers/main.yaml
  
  - name: Restart Nomad
-  systemd:
+  ansible.builtin.systemd:
      daemon_reload: true
      enabled: true
      name: "nomad"
      state: "{{ nomad_restart_handler_state }}"
  
  - name: Restart Consul
-  systemd:
+  ansible.builtin.systemd:
      daemon_reload: true
      enabled: true
      name: "consul"
diff --git a/fdio.infra.ansible/roles/consul/meta/main.yaml b/fdio.infra.ansible/roles/consul/meta/main.yaml

index c848f67..bc6d6a1 100644 (file)
--- a/fdio.infra.ansible/roles/consul/meta/main.yaml
+++ b/fdio.infra.ansible/roles/consul/meta/main.yaml
@@ -1,11 +1,6 @@
  ---
  # file: roles/consul/meta/main.yaml
  
-# desc: Install consul from stable branch and configure service.
-# inst: Consul
-# conf: ?
-# info: 1.0 - added role
-
  dependencies: []
  galaxy_info:
    role_name: consul
@@ -18,5 +13,6 @@ galaxy_info:
      - name: Ubuntu
        versions:
          - focal
+        - jammy
    galaxy_tags:
      - consul
diff --git a/fdio.infra.ansible/roles/consul/tasks/main.yaml b/fdio.infra.ansible/roles/consul/tasks/main.yaml

index 4e22971..1d6bcc0 100644 (file)
--- a/fdio.infra.ansible/roles/consul/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/consul/tasks/main.yaml
@@ -1,14 +1,22 @@
  ---
  # file: roles/consul/tasks/main.yaml
  
-- name: Install Dependencies
+- name: Inst - Update Repositories Cache
+  apt:
+    update_cache: true
+  when:
+    - ansible_os_family == 'Debian'
+  tags:
+    - consul-inst-package
+
+- name: Inst - Dependencies
    apt:
      name: "{{ packages | flatten(levels=1) }}"
      state: "present"
      cache_valid_time: 3600
      install_recommends: false
    when:
-    - ansible_distribution|lower == 'ubuntu'
+    - ansible_os_family == 'Debian'
    tags:
      - consul-inst-dependencies
  
@@ -155,7 +163,7 @@
      name: "systemd-resolved"
      state: "{{ systemd_resolved_state }}"
    when:
-    - nomad_service_mgr == "systemd"
+    - consul_service_mgr == "systemd"
    tags:
      - consul-conf
  
@@ -170,8 +178,9 @@
      - "Restart Consul"
      - "Restart Nomad"
    when:
-    - nomad_service_mgr == "systemd"
+    - consul_service_mgr == "systemd"
    tags:
      - consul-conf
  
-- meta: flush_handlers
+- name: Meta - Flush handlers
+  meta: flush_handlers
diff --git a/fdio.infra.ansible/roles/docker/defaults/main.yaml b/fdio.infra.ansible/roles/docker/defaults/main.yaml

index a8f4e62..e493d1c 100644 (file)
--- a/fdio.infra.ansible/roles/docker/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/docker/defaults/main.yaml
@@ -10,10 +10,11 @@ docker_package_state: latest
  docker_service_state: started
  docker_service_enabled: true
  docker_restart_handler_state: restarted
+docker_service_mgr: ""
  
  # Used only for Debian/Ubuntu.
  docker_apt_release_channel: "stable"
-docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
+docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
  docker_apt_repository_state: present
  docker_apt_ignore_key_error: true
  docker_apt_gpg_key: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
@@ -25,10 +26,6 @@ docker_yum_repo_enable_edge: "0"
  docker_yum_repo_enable_test: "0"
  docker_yum_gpg_key: https://download.docker.com/linux/centos/gpg
  
-# A list of users who will be added to the docker group.
-docker_users:
-  - "{{ ansible_user }}"
-
  # Proxy settings.
  docker_daemon_environment_http:
    - "HTTP_PROXY={{ proxy_env.http_proxy }}"
diff --git a/fdio.infra.ansible/roles/docker/handlers/main.yaml b/fdio.infra.ansible/roles/docker/handlers/main.yaml

index 572b789..53eb852 100644 (file)
--- a/fdio.infra.ansible/roles/docker/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/docker/handlers/main.yaml
@@ -2,7 +2,7 @@
  # file roles/docker/handlers/main.yaml
  
  - name: Restart Docker
-  service:
+  ansible.builtin.service:
      name: "docker"
      state: "{{ docker_restart_handler_state }}"
    tags:
diff --git a/fdio.infra.ansible/roles/docker/meta/main.yaml b/fdio.infra.ansible/roles/docker/meta/main.yaml

index e191fd4..ac6c0a9 100644 (file)
--- a/fdio.infra.ansible/roles/docker/meta/main.yaml
+++ b/fdio.infra.ansible/roles/docker/meta/main.yaml
@@ -1,4 +1,19 @@
  ---
-# file: roles/docker/meta/main.yaml
+# file: meta/main.yaml
  
  dependencies: []
+
+galaxy_info:
+  role_name: docker
+  author: fd.io
+  description: Docker-CE for Linux.
+  company: none
+  license: "license (Apache)"
+  min_ansible_version: 2.9
+  platforms:
+    - name: Ubuntu
+      versions:
+        - focal
+        - jammy
+  galaxy_tags:
+    - docker
diff --git a/fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml b/fdio.infra.ansible/roles/docker/tasks/focal.yaml

similarity index 88%

rename from fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml

rename to fdio.infra.ansible/roles/docker/tasks/focal.yaml

index 236cec6..27fee62 100644 (file)
--- a/fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml
+++ b/fdio.infra.ansible/roles/docker/tasks/focal.yaml
@@ -2,7 +2,7 @@
  # file: roles/docker/tasks/ubuntu_focal.yaml
  
  - name: Inst - Dependencies
-  apt:
+  ansible.builtin.apt:
      name:
        - "apt-transport-https"
        - "ca-certificates"
@@ -15,14 +15,14 @@
      - docker-inst-dependencies
  
  - name: Conf - Add APT Key
-  apt_key:
+  ansible.builtin.apt_key:
      url: "{{ docker_apt_gpg_key }}"
      state: "{{ docker_apt_gpg_key_state }}"
    tags:
      - docker-conf-apt
  
  - name: Conf - Install APT Repository
-  apt_repository:
+  ansible.builtin.apt_repository:
      repo: "{{ docker_apt_repository }}"
      state: "{{ docker_apt_repository_state }}"
      update_cache: true
diff --git a/fdio.infra.ansible/roles/docker/tasks/ubuntu_jammy.yaml b/fdio.infra.ansible/roles/docker/tasks/jammy.yaml

similarity index 88%

rename from fdio.infra.ansible/roles/docker/tasks/ubuntu_jammy.yaml

rename to fdio.infra.ansible/roles/docker/tasks/jammy.yaml

index 51f60ee..8ec7a01 100644 (file)
--- a/fdio.infra.ansible/roles/docker/tasks/ubuntu_jammy.yaml
+++ b/fdio.infra.ansible/roles/docker/tasks/jammy.yaml
@@ -2,7 +2,7 @@
  # file: roles/docker/tasks/ubuntu_jammy.yaml
  
  - name: Inst - Dependencies
-  apt:
+  ansible.builtin.apt:
      name:
        - "apt-transport-https"
        - "ca-certificates"
@@ -15,14 +15,14 @@
      - docker-inst-dependencies
  
  - name: Conf - Add APT Key
-  apt_key:
+  ansible.builtin.apt_key:
      url: "{{ docker_apt_gpg_key }}"
      state: "{{ docker_apt_gpg_key_state }}"
    tags:
      - docker-conf-apt
  
  - name: Conf - Install APT Repository
-  apt_repository:
+  ansible.builtin.apt_repository:
      repo: "{{ docker_apt_repository }}"
      state: "{{ docker_apt_repository_state }}"
      update_cache: true
diff --git a/fdio.infra.ansible/roles/docker/tasks/main.yaml b/fdio.infra.ansible/roles/docker/tasks/main.yaml

index 27b9d25..e07b29e 100644 (file)
--- a/fdio.infra.ansible/roles/docker/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/docker/tasks/main.yaml
@@ -1,12 +1,12 @@
  ---
  # file: roles/docker/tasks/main.yaml
  
-- include_tasks: "{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml"
+- include_tasks: "{{ ansible_distribution_release }}.yaml"
    tags:
      - docker-inst-dependencies
  
  - name: Inst - Docker
-  package:
+  ansible.builtin.package:
      name:
        - "{{ docker_package }}"
        - "{{ docker_package }}-cli"
@@ -15,22 +15,27 @@
      - docker-inst-package
  
  - name: Conf - Docker Service
-  service:
+  ansible.builtin.service:
      name: docker
      state: "{{ docker_service_state }}"
      enabled: "{{ docker_service_enabled }}"
+  when:
+    - docker_service_mgr == "systemd"
    tags:
      - docker-conf-service
  
  - name: Conf - Docker Service Directory
-  file:
+  ansible.builtin.file:
      path: "/etc/systemd/system/docker.service.d"
      state: "directory"
+    mode: "0755"
+  when:
+    - docker_service_mgr == "systemd"
    tags:
      - docker-conf-service
  
  - name: Conf - Docker Daemon
-  template:
+  ansible.builtin.template:
      src: "templates/daemon.json.j2"
      dest: "/etc/docker/daemon.json"
      owner: "root"
@@ -39,12 +44,13 @@
    notify:
      - "Restart Docker"
    when: >
-    docker_daemon is defined
+    docker_daemon is defined and
+    docker_service_mgr == "systemd"
    tags:
      - docker-conf-daemon
  
  - name: Conf - Docker HTTP Proxy
-  template:
+  ansible.builtin.template:
      src: "templates/docker.service.proxy.http"
      dest: "/etc/systemd/system/docker.service.d/http-proxy.conf"
      owner: "root"
@@ -54,12 +60,13 @@
      - "Restart Docker"
    when: >
      proxy_env is defined and
-    proxy_env.http_proxy is defined
+    proxy_env.http_proxy is defined and
+    docker_service_mgr == "systemd"
    tags:
      - docker-conf-service
  
  - name: Conf - Docker HTTPS Proxy
-  template:
+  ansible.builtin.template:
      src: "templates/docker.service.proxy.https"
      dest: "/etc/systemd/system/docker.service.d/https-proxy.conf"
      owner: "root"
@@ -69,16 +76,10 @@
      - "Restart Docker"
    when: >
      proxy_env is defined and
-    proxy_env.https_proxy is defined
+    proxy_env.https_proxy is defined and
+    docker_service_mgr == "systemd"
    tags:
      - docker-conf-service
  
-- name: Conf - Users to Docker Group
-  user:
-    name: "{{ ansible_user }}"
-    groups: "docker"
-    append: true
-  tags:
-    - docker-conf-user
-
-- meta: flush_handlers
+- name: Meta - Flush handlers
+  ansible.builtin.meta: flush_handlers
diff --git a/fdio.infra.ansible/roles/nomad/defaults/main.yaml b/fdio.infra.ansible/roles/nomad/defaults/main.yaml

index f58ac09..b4741f8 100644 (file)
--- a/fdio.infra.ansible/roles/nomad/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/nomad/defaults/main.yaml
@@ -16,7 +16,7 @@ packages_by_arch:
      - []
  
  # Package
-nomad_version: "{{ lookup('env','NOMAD_VERSION') | default('1.0.4', true) }}"
+nomad_version: "{{ lookup('env','NOMAD_VERSION') | default('1.3.1', true) }}"
  nomad_architecture_map:
    amd64: "amd64"
    x86_64: "amd64"
@@ -63,7 +63,7 @@ nomad_log_level: "INFO"
  nomad_syslog_enable: true
  nomad_iface: "{{ lookup('env','NOMAD_IFACE') | default(ansible_default_ipv4.interface, true) }}"
  nomad_node_name: "{{ inventory_hostname }}"
-nomad_node_role: "{{ lookup('env','NOMAD_NODE_ROLE') | default('client', true) }}"
+nomad_node_role: "{{ lookup('env','NOMAD_NODE_ROLE') | default('server', true) }}"
  nomad_leave_on_terminate: true
  nomad_leave_on_interrupt: false
  nomad_disable_update_check: true
@@ -172,9 +172,11 @@ nomad_docker_dmsetup: true
  
  # TLS
  nomad_tls_enable: true
-nomad_ca_file: "{{ nomad_ssl_dir }}/ca.pem"
+nomad_ca_file: "{{ nomad_ssl_dir }}/nomad-ca.pem"
  nomad_cert_file: "{{ nomad_ssl_dir }}/nomad.pem"
  nomad_key_file: "{{ nomad_ssl_dir }}/nomad-key.pem"
+nomad_cli_cert_file: "{{ nomad_ssl_dir }}/nomad-cli.pem"
+nomad_cli_key_file: "{{ nomad_ssl_dir }}/nomad-cli-key.pem"
  nomad_http: false
  nomad_rpc: false
  nomad_rpc_upgrade_mode: false
diff --git a/fdio.infra.ansible/roles/nomad/handlers/main.yaml b/fdio.infra.ansible/roles/nomad/handlers/main.yaml

index 8ef4d80..6263f3d 100644 (file)
--- a/fdio.infra.ansible/roles/nomad/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/nomad/handlers/main.yaml
@@ -2,7 +2,7 @@
  # file roles/nomad/handlers/main.yaml
  
  - name: Restart Nomad
-  systemd:
+  ansible.builtin.systemd:
      daemon_reload: true
      enabled: true
      name: "nomad"
diff --git a/fdio.infra.ansible/roles/nomad/meta/main.yaml b/fdio.infra.ansible/roles/nomad/meta/main.yaml

index 4f467ce..f7b25fe 100644 (file)
--- a/fdio.infra.ansible/roles/nomad/meta/main.yaml
+++ b/fdio.infra.ansible/roles/nomad/meta/main.yaml
@@ -1,11 +1,6 @@
  ---
  # file: roles/nomad/meta/main.yaml
  
-# desc: Install nomad from repo and configure service.
-# inst: Nomad
-# conf: ?
-# info: 1.0 - added role
-
  dependencies: [docker]
  
  galaxy_info:
@@ -19,5 +14,6 @@ galaxy_info:
      - name: Ubuntu
        versions:
          - focal
+        - jammy
    galaxy_tags:
      - nomad
diff --git a/fdio.infra.ansible/roles/nomad/tasks/main.yaml b/fdio.infra.ansible/roles/nomad/tasks/main.yaml

index 8d58c8b..480c4da 100644 (file)
--- a/fdio.infra.ansible/roles/nomad/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/nomad/tasks/main.yaml
@@ -1,26 +1,34 @@
  ---
-# file: roles/nomad/tasks/main.yaml
+# file: tasks/main.yaml
  
-- name: Install Dependencies
-  apt:
+- name: Inst - Update Repositories Cache
+  ansible.builtin.apt:
+    update_cache: true
+  when:
+    - ansible_os_family == 'Debian'
+  tags:
+    - nomad-inst-package
+
+- name: Inst - Dependencies
+  ansible.builtin.apt:
      name: "{{ packages | flatten(levels=1) }}"
      state: "present"
      cache_valid_time: 3600
      install_recommends: false
    when:
-    - ansible_distribution|lower == 'ubuntu'
+    - ansible_os_family == 'Debian'
    tags:
      - nomad-inst-dependencies
  
  - name: Conf - Add Nomad Group
-  group:
+  ansible.builtin.group:
      name: "{{ nomad_group }}"
      state: "{{ nomad_user_state }}"
    tags:
      - nomad-conf-user
  
  - name: Conf - Add Nomad user
-  user:
+  ansible.builtin.user:
      name: "{{ nomad_user }}"
      group: "{{ nomad_group }}"
      state: "{{ nomad_group_state }}"
@@ -29,14 +37,14 @@
      - nomad-conf-user
  
  - name: Inst - Download Nomad
-  get_url:
+  ansible.builtin.get_url:
      url: "{{ nomad_zip_url }}"
      dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
    tags:
      - nomad-inst-package
  
  - name: Inst - Clean Nomad
-  file:
+  ansible.builtin.file:
      path: "{{ nomad_inst_dir }}/nomad"
      state: "absent"
    when:
@@ -45,7 +53,7 @@
      - nomad-inst-package
  
  - name: Inst - Unarchive Nomad
-  unarchive:
+  ansible.builtin.unarchive:
      src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
      dest: "{{ nomad_inst_dir }}/"
      remote_src: true
@@ -53,7 +61,7 @@
      - nomad-inst-package
  
  - name: Inst - Nomad
-  copy:
+  ansible.builtin.copy:
      src: "{{ nomad_inst_dir }}/nomad"
      dest: "{{ nomad_bin_dir }}"
      owner: "{{ nomad_user }}"
@@ -65,25 +73,27 @@
      - nomad-inst-package
  
  - name: Conf - Create Directories "{{ nomad_data_dir }}"
-  file:
+  ansible.builtin.file:
      dest: "{{ nomad_data_dir }}"
      state: directory
      owner: "{{ nomad_user }}"
      group: "{{ nomad_group }}"
+    mode: 0755
    tags:
      - nomad-conf
  
  - name: Conf - Create Directories "{{ nomad_ssl_dir }}"
-  file:
+  ansible.builtin.file:
      dest: "{{ nomad_ssl_dir }}"
      state: directory
      owner: "{{ nomad_user }}"
      group: "{{ nomad_group }}"
+    mode: 0755
    tags:
      - nomad-conf
  
  - name: Conf - Create Config Directory
-  file:
+  ansible.builtin.file:
      dest: "{{ nomad_config_dir }}"
      state: directory
      owner: "{{ nomad_user }}"
@@ -93,7 +103,7 @@
      - nomad-conf
  
  - name: Conf - Base Configuration
-  template:
+  ansible.builtin.template:
      src: base.hcl.j2
      dest: "{{ nomad_config_dir }}/base.hcl"
      owner: "{{ nomad_user }}"
@@ -103,7 +113,7 @@
      - nomad-conf
  
  - name: Conf - Server Configuration
-  template:
+  ansible.builtin.template:
      src: server.hcl.j2
      dest: "{{ nomad_config_dir }}/server.hcl"
      owner: "{{ nomad_user }}"
@@ -115,7 +125,7 @@
      - nomad-conf
  
  - name: Conf - Client Configuration
-  template:
+  ansible.builtin.template:
      src: client.hcl.j2
      dest: "{{ nomad_config_dir }}/client.hcl"
      owner: "{{ nomad_user }}"
@@ -127,7 +137,7 @@
      - nomad-conf
  
  - name: Conf - TLS Configuration
-  template:
+  ansible.builtin.template:
      src: tls.hcl.j2
      dest: "{{ nomad_config_dir }}/tls.hcl"
      owner: "{{ nomad_user }}"
@@ -137,7 +147,7 @@
      - nomad-conf
  
  - name: Conf - Telemetry Configuration
-  template:
+  ansible.builtin.template:
      src: telemetry.hcl.j2
      dest: "{{ nomad_config_dir }}/telemetry.hcl"
      owner: "{{ nomad_user }}"
@@ -147,7 +157,7 @@
      - nomad-conf
  
  - name: Conf - Consul Configuration
-  template:
+  ansible.builtin.template:
      src: consul.hcl.j2
      dest: "{{ nomad_config_dir }}/consul.hcl"
      owner: "{{ nomad_user }}"
@@ -157,7 +167,7 @@
      - nomad-conf
  
  - name: Conf - Copy Certificates And Keys
-  copy:
+  ansible.builtin.copy:
      content: "{{ item.src }}"
      dest: "{{ item.dest }}"
      owner: "{{ nomad_user }}"
@@ -166,12 +176,25 @@
    no_log: true
    loop: "{{ nomad_certificates | flatten(levels=1) }}"
    when:
-    - nomad_certificates
+    - nomad_certificates is defined
+  tags:
+    - nomad-conf
+
+- name: Conf - Nomad CLI Environment Variables
+  ansible.builtin.lineinfile:
+    path: "/etc/profile.d/nomad.sh"
+    line: "{{ item }}"
+    create: true
+  loop:
+    - "export NOMAD_ADDR=https://nomad.service.consul:4646"
+    - "export NOMAD_CACERT={{ nomad_ca_file }}"
+    - "export NOMAD_CLIENT_CERT={{ nomad_cli_cert_file }}"
+    - "export NOMAD_CLIENT_KEY={{ nomad_cli_key_file }}"
    tags:
      - nomad-conf
  
  - name: Conf - System.d Script
-  template:
+  ansible.builtin.template:
      src: "nomad_systemd.service.j2"
      dest: "/lib/systemd/system/nomad.service"
      owner: "root"
@@ -184,4 +207,5 @@
    tags:
      - nomad-conf
  
-- meta: flush_handlers
+- name: Meta - Flush handlers
+  ansible.builtin.meta: flush_handlers
diff --git a/fdio.infra.ansible/roles/user_add/handlers/main.yaml b/fdio.infra.ansible/roles/user_add/handlers/main.yaml

index 960f573..5f1f71a 100644 (file)
--- a/fdio.infra.ansible/roles/user_add/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/user_add/handlers/main.yaml
@@ -2,6 +2,6 @@
  # file: roles/user_add/handlers/main.yaml
  
  - name: Restart SSHd
-  service:
+  ansible.builtin.service:
      name: sshd
      state: restarted
diff --git a/fdio.infra.ansible/roles/user_add/tasks/main.yaml b/fdio.infra.ansible/roles/user_add/tasks/main.yaml

index 24be30d..329c6ab 100644 (file)
--- a/fdio.infra.ansible/roles/user_add/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
@@ -2,7 +2,7 @@
  # file: roles/user_add/tasks/main.yaml
  
  - name: Conf - Add User
-  user:
+  ansible.builtin.user:
      append: "{{ item.append | default(omit) }}"
      createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
      generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
@@ -16,7 +16,7 @@
      - user-add-conf
  
  - name: Conf - SSH keys
-  authorized_key:
+  ansible.builtin.authorized_key:
      user: "{{ item.0.username }}"
      key: "{{ item.1 }}"
    with_subelements:
@@ -27,7 +27,7 @@
      - user-add-conf
  
  - name: Conf - Disable Password Login
-  lineinfile:
+  ansible.builtin.lineinfile:
      dest: "/etc/ssh/sshd_config"
      regexp: "^PasswordAuthentication yes"
      line: "PasswordAuthentication no"
author	Peter Mikus <pmikus@cisco.com>
	Thu, 7 Jul 2022 10:31:16 +0000 (10:31 +0000)
committer	Peter Mikus <peter.mikus@protonmail.ch>
	Thu, 7 Jul 2022 13:11:37 +0000 (13:11 +0000)
fdio.infra.ansible/nomad.yaml		patch \| blob \| history
fdio.infra.ansible/roles/baremetal/handlers/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/consul/defaults/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/consul/handlers/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/consul/meta/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/consul/tasks/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/docker/defaults/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/docker/handlers/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/docker/meta/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/docker/tasks/focal.yaml	[moved from fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml with 88% similarity]	patch \| blob \| history
fdio.infra.ansible/roles/docker/tasks/jammy.yaml	[moved from fdio.infra.ansible/roles/docker/tasks/ubuntu_jammy.yaml with 88% similarity]	patch \| blob \| history
fdio.infra.ansible/roles/docker/tasks/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/nomad/defaults/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/nomad/handlers/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/nomad/meta/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/nomad/tasks/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/user_add/handlers/main.yaml		patch \| blob \| history
fdio.infra.ansible/roles/user_add/tasks/main.yaml		patch \| blob \| history