diff --git a/galaxy.yml b/galaxy.yml index c557bcd..396a15a 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -3,7 +3,7 @@ namespace: uumas name: general description: General roles -version: 0.5.12 +version: 0.5.13 readme: README.md authors: - uumas diff --git a/roles/caddy/README.md b/roles/caddy/README.md index b68a1f1..14f8f99 100644 --- a/roles/caddy/README.md +++ b/roles/caddy/README.md @@ -1 +1 @@ -Installs caddy https server +Installs caddy diff --git a/roles/caddy/meta/argument_specs.yaml b/roles/caddy/meta/argument_specs.yaml index adcf61a..cf8b601 100644 --- a/roles/caddy/meta/argument_specs.yaml +++ b/roles/caddy/meta/argument_specs.yaml @@ -1,7 +1,7 @@ --- argument_specs: main: - short_description: Installs caddy + description: Installs caddy options: caddy_admin_email: description: Email address used for ssl certs diff --git a/roles/compatcheck/README.md b/roles/compatcheck/README.md new file mode 100644 index 0000000..5db9818 --- /dev/null +++ b/roles/compatcheck/README.md @@ -0,0 +1,3 @@ +Checks that the host is runing a supported os. +Supported distros and versions are defined by the compatcheck_supported_distros variable. +This role is used by other roles to check compatibility. diff --git a/roles/example/README.md b/roles/example/README.md new file mode 100644 index 0000000..67d9467 --- /dev/null +++ b/roles/example/README.md @@ -0,0 +1,2 @@ +This role is just an example. +It pings the host, if example_ping is set to true. diff --git a/roles/locale/defaults/main.yml b/roles/locale/defaults/main.yaml similarity index 65% rename from roles/locale/defaults/main.yml rename to roles/locale/defaults/main.yaml index 0a36146..300586a 100644 --- a/roles/locale/defaults/main.yml +++ b/roles/locale/defaults/main.yaml @@ -1,4 +1,7 @@ --- +locale_package: [] +locale_gen: true +lcocale_configure: true gen_locales: - en_US.UTF-8 diff --git a/roles/locale/tasks/main.yml b/roles/locale/tasks/main.yaml similarity index 85% rename from roles/locale/tasks/main.yml rename to roles/locale/tasks/main.yaml index f09d3f4..4dce914 100644 --- a/roles/locale/tasks/main.yml +++ b/roles/locale/tasks/main.yaml @@ -1,21 +1,21 @@ --- - - name: Include variables for os family {{ ansible_os_family }} ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" - name: Install locales package ansible.builtin.package: name: "{{ locale_package }}" - when: locale_package is defined + when: locale_package | length > 0 - name: Generate locales community.general.locale_gen: name: "{{ item }}" loop: "{{ gen_locales }}" - when: locale_gen | default('true') + when: locale_gen - name: Put default locale config in place ansible.builtin.template: src: locale.j2 dest: "{{ locale_config }}" mode: '0644' + when: locale_configure diff --git a/roles/locale/vars/Archlinux.yml b/roles/locale/vars/Archlinux.yaml similarity index 97% rename from roles/locale/vars/Archlinux.yml rename to roles/locale/vars/Archlinux.yaml index 92d5ee4..1f18767 100644 --- a/roles/locale/vars/Archlinux.yml +++ b/roles/locale/vars/Archlinux.yaml @@ -1,3 +1,2 @@ --- - locale_config: /etc/locale.conf diff --git a/roles/locale/vars/Debian.yml b/roles/locale/vars/Debian.yaml similarity index 98% rename from roles/locale/vars/Debian.yml rename to roles/locale/vars/Debian.yaml index be72499..02aa050 100644 --- a/roles/locale/vars/Debian.yml +++ b/roles/locale/vars/Debian.yaml @@ -1,4 +1,3 @@ --- - locale_package: locales locale_config: /etc/default/locale diff --git a/roles/locale/vars/RedHat.yml b/roles/locale/vars/RedHat.yaml similarity index 98% rename from roles/locale/vars/RedHat.yml rename to roles/locale/vars/RedHat.yaml index dc71b31..ac32a3f 100644 --- a/roles/locale/vars/RedHat.yml +++ b/roles/locale/vars/RedHat.yaml @@ -1,4 +1,3 @@ --- - locale_config: /etc/locale.conf locale_gen: false diff --git a/roles/prometheus_node_exporter/handlers/main.yml b/roles/prometheus_node_exporter/handlers/main.yaml similarity index 99% rename from roles/prometheus_node_exporter/handlers/main.yml rename to roles/prometheus_node_exporter/handlers/main.yaml index 77c9fee..ccc718f 100644 --- a/roles/prometheus_node_exporter/handlers/main.yml +++ b/roles/prometheus_node_exporter/handlers/main.yaml @@ -1,5 +1,4 @@ --- - - name: Restart prometheus-node-exporter ansible.builtin.systemd: name: prometheus-node-exporter diff --git a/roles/prometheus_node_exporter/meta/argument_specs.yml b/roles/prometheus_node_exporter/meta/argument_specs.yaml similarity index 66% rename from roles/prometheus_node_exporter/meta/argument_specs.yml rename to roles/prometheus_node_exporter/meta/argument_specs.yaml index 923449c..d1f2bd2 100644 --- a/roles/prometheus_node_exporter/meta/argument_specs.yml +++ b/roles/prometheus_node_exporter/meta/argument_specs.yaml @@ -1,8 +1,7 @@ --- - argument_specs: main: - short_description: Prometheus node exporter + description: Installs and configures prometheus node exporter to listen on local ipv4 address options: local_network: description: The local ipv4 network block, listen address is taken from this block diff --git a/roles/prometheus_node_exporter/tasks/main.yml b/roles/prometheus_node_exporter/tasks/main.yaml similarity index 99% rename from roles/prometheus_node_exporter/tasks/main.yml rename to roles/prometheus_node_exporter/tasks/main.yaml index bd9f183..1433b1f 100644 --- a/roles/prometheus_node_exporter/tasks/main.yml +++ b/roles/prometheus_node_exporter/tasks/main.yaml @@ -1,5 +1,4 @@ --- - - name: Install prometheus node exporter ansible.builtin.apt: name: prometheus-node-exporter diff --git a/roles/raw_python/README.md b/roles/raw_python/README.md new file mode 100644 index 0000000..6056ec7 --- /dev/null +++ b/roles/raw_python/README.md @@ -0,0 +1 @@ +Installs python using only the raw module diff --git a/roles/raw_python/meta/argument_specs.yaml b/roles/raw_python/meta/argument_specs.yaml new file mode 100644 index 0000000..87422e3 --- /dev/null +++ b/roles/raw_python/meta/argument_specs.yaml @@ -0,0 +1,5 @@ +--- +argument_specs: + main: + description: Installs python using only the raw module + options: {} diff --git a/roles/raw_python/tasks/main.yaml b/roles/raw_python/tasks/main.yaml new file mode 100644 index 0000000..e911f98 --- /dev/null +++ b/roles/raw_python/tasks/main.yaml @@ -0,0 +1,31 @@ +--- +- name: Check ansible dependencies + ansible.builtin.raw: which python3 + register: _python_test + failed_when: false + changed_when: false + +- name: Install ansible dependencies + when: _python_test.rc != 0 + block: + - name: Get os release information + ansible.builtin.raw: cat /etc/os-release + changed_when: false + register: _os_release + + - name: Parse os release content + ansible.builtin.set_fact: + _os_release_id: >- + {{ (_os_release.stdout_lines + | select('search', '^ID='))[0] + | regex_replace('^ID=', '') }} + _os_release_variant_id: >- + {{ (_os_release.stdout_lines + | select('search', '^VARIANT_ID='))[0] + | default('none') + | regex_replace('^VARIANT_ID=', '') }} + + - name: Install ansible dependencies (Fedora CoreOS) + ansible.builtin.raw: rpm-ostree install -y -A python3 python3-libselinux + changed_when: true + when: _os_release_id == 'fedora' and _os_release_variant_id == 'coreos' diff --git a/roles/vhost/README.md b/roles/vhost/README.md new file mode 100644 index 0000000..c8550fd --- /dev/null +++ b/roles/vhost/README.md @@ -0,0 +1,3 @@ +Sets up a vhost on a web server. +Supports reverse proxies, redirects and simple resonses. +Currently only supports caddy. diff --git a/roles/vhost/defaults/main.yaml b/roles/vhost/defaults/main.yaml index 14b0ea7..a014583 100644 --- a/roles/vhost/defaults/main.yaml +++ b/roles/vhost/defaults/main.yaml @@ -19,5 +19,6 @@ vhost_proxy_delete_headers: [] vhost_redirect_type: temporary vhost_redirect_preserve_path: false +vhost_redirect_preserve_query: "{{ vhost_redirect_preserve_path }}" vhost_respond_content_type: plain diff --git a/roles/vhost/meta/argument_specs.yaml b/roles/vhost/meta/argument_specs.yaml index f492f06..c0713ab 100644 --- a/roles/vhost/meta/argument_specs.yaml +++ b/roles/vhost/meta/argument_specs.yaml @@ -20,16 +20,18 @@ argument_specs: - present - absent vhost_type: + description: Required if vhost_state is present type: str - required: "{{ vhost_state == 'present' }}" + required: false choices: - reverse_proxy - redirect - respond - absent vhost_domains: + description: Required if vhost_state is present type: list - required: "{{ vhost_state == 'present' }}" + required: false elements: str vhost_web_server: description: Defines which server software to use for vhost. This role does nothing if set to none. @@ -94,13 +96,13 @@ argument_specs: - Port where to proxy requests to. - Only applicable if vhost_type is reverse_proxy and vhost_proxy_target_netproto is tcp. type: int - required: "{{ vhost_state == 'present' and vhost_type == 'reverse_proxy' and vhost_proxy_target_netproto == 'tcp' }}" + required: false vhost_proxy_target_socket: description: - Unix socket path to proxy requests to. - Only applicable if vhost_type is reverse_proxy and vhost_proxy_target_netproto is unix. type: str - required: "{{ vhost_state == 'present' and vhost_type == 'reverse_proxy' and vhost_proxy_target_netproto == 'unix' }}" + required: false vhost_proxy_delete_headers: description: List of headers to delete from proxied requests type: list @@ -111,13 +113,18 @@ argument_specs: vhost_redirect_target: description: "Only applicable if vhost_type is redirect. Example: https://www.domain.tld/location" type: str - required: "{{ vhost_state == 'present' and vhost_type == 'redirect' }}" + required: false vhost_redirect_preserve_path: description: Whether to keep the original request path type: bool required: false default: false - redirect type: + vhost_redirect_preserve_query: + description: Whether to keep the original request query string + type: bool + required: false + default: "{{ vhost_redirect_preserve_path }}" + redirect_type: description: Only applicable if vhost_type is redirect type: str required: false @@ -129,7 +136,7 @@ argument_specs: vhost_respond_content: description: Content to respond with. Json content can be set as yaml as long as vhost_respond_content_type is set to json type: str - required: "{{ vhost_state == 'present' and vhost_type == 'respond' }}" + required: false vhost_respond_content_type: description: Type of the respond content type: str @@ -234,6 +241,11 @@ argument_specs: type: bool required: false default: "{{ vhost_redirect_preserve_path }}" + redirect_preserve_query: + description: Whether to keep the original request query string + type: bool + required: false + default: "{{ vhost_redirect_preserve_query }}" redirect_type: description: Only applicable if vhost_type is redirect type: str diff --git a/roles/vhost/tasks/caddy.yaml b/roles/vhost/tasks/caddy.yaml index 01ce24c..45d269b 100644 --- a/roles/vhost/tasks/caddy.yaml +++ b/roles/vhost/tasks/caddy.yaml @@ -4,6 +4,7 @@ ansible.builtin.blockinfile: path: /etc/caddy/Caddyfile marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}" + # yamllint disable rule:line-length block: | {{ vhost_domains | join(' ') }} { {% for location in vhost_locations_all %} @@ -41,7 +42,7 @@ request_header -{{ header }} {% endfor %} {% elif location.type == 'redirect' %} - redir {{ location.redirect_target }}{{ '{uri}' if location.redirect_preserve_path }} {{ location.redirect_type }} + redir * {{ location.redirect_target }}{{ '{path}' if location.redirect_preserve_path }}{{ '?{query}' if location.redirect_preserve_query }} {{ location.redirect_type }} {% elif location.type == 'respond' %} {% if location.respond_content_type == 'json' %} respond `{{ location.respond_content | to_json }}` @@ -52,6 +53,7 @@ } {% endfor %} } + # yamllint enable rule:line-length validate: 'caddy validate --config %s --adapter caddyfile' backup: true state: "{{ vhost_state }}" diff --git a/roles/vhost/tasks/main.yaml b/roles/vhost/tasks/main.yaml index fe4c3ad..d9b9262 100644 --- a/roles/vhost/tasks/main.yaml +++ b/roles/vhost/tasks/main.yaml @@ -41,6 +41,7 @@ 'redirect_target': item.redirect_target | default(vhost_redirect_target if vhost_type == 'redirect' else ''), 'redirect_preserve_path': item.redirect_preserve_path | default(vhost_redirect_preserve_path), + 'redirect_preserve_query': item.redirect_preserve_query | default(vhost_redirect_preserve_query), 'redirect_type': item.redirect_type | default(vhost_redirect_type), 'respond_content': item.respond_content | default(vhost_respond_content if vhost_type == 'respond' else ''),