Migrate 'with_X' to 'loop'

701c1d01 · Robin Candau · Robin Candau · a5f41049 · 701c1d01 · 701c1d01
Commit 701c1d01 authored 2 months ago by Robin Candau Committed by Robin Candau 2 months ago
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -43,7 +43,7 @@

 - name: Create synapse home
  file: path={{ item }} state=directory owner=synapse group=synapse mode=0700
-  with_items:
+  loop:
    - /var/lib/synapse
    - /var/lib/synapse/media_store
    - /var/lib/synapse/draupnir-data
@@ -56,7 +56,7 @@
  become: true
  become_user: synapse
  become_method: ansible.builtin.sudo
-  with_items:
+  loop:
    - /var/lib/synapse/venv
    - /var/lib/synapse/venv-pantalaimon

@@ -71,7 +71,7 @@
  become: true
  become_user: synapse
  become_method: ansible.builtin.sudo
-  with_items:
+  loop:
    - /var/lib/synapse/venv
    - /var/lib/synapse/venv-pantalaimon

@@ -245,7 +245,7 @@

 - name: Create synapse config dir
  file: path={{ item }} state=directory owner=root group=synapse mode=0750
-  with_items:
+  loop:
    - /etc/synapse

 - name: Install homeserver config
@@ -255,7 +255,7 @@

 - name: Install static config
  copy: src={{ item }} dest=/etc/synapse/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - log_config.yaml
    - oembed-providers.json
    - worker-appservice.yaml
@@ -329,7 +329,7 @@

 - name: Install synapse units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - synapse.service
    - synapse-worker@.service
  notify:
@@ -337,21 +337,21 @@

 - name: Install pantalaimon units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - pantalaimon.service
  notify:
    - Restart pantalaimon

 - name: Install draupnir units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - draupnir.service
  notify:
    - Restart draupnir

 - name: Install matrix-appservice-irc units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - matrix-appservice-irc.service
  notify:
    - Restart matrix-appservice-irc
@@ -363,7 +363,7 @@

 - name: Enable units
  service: name={{ item }} enabled=yes
-  with_items:
+  loop:
    - synapse.service
    - synapse-worker@appservice.service
    - synapse-worker@federation_reader.service
@@ -376,7 +376,7 @@

 - name: Open firewall holes
  ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
-  with_items:
+  loop:
    # synapse's identd
    - 113/tcp
    # turnserver

--- a/roles/mumble_server/tasks/main.yml
+++ b/roles/mumble_server/tasks/main.yml
@@ -4,7 +4,7 @@
 - name: Open firewall holes
  ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
  when: configure_firewall
-  with_items:
+  loop:
    - "64738/tcp"
    - "64738/udp"
  tags:

--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -14,13 +14,13 @@

 - name: Snippets directories
  file: state=directory path=/etc/nginx/{{ item }} owner=root group=root mode=0755
-  with_items:
+  loop:
    - toplevel-snippets
    - snippets

 - name: Copy snippets
  template: src={{ item }} dest=/etc/nginx/snippets/{{ item | regex_replace('\\.j2$', '') }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - letsencrypt.conf
    - sslsettings.conf
    - headers.conf
@@ -64,7 +64,7 @@

 - name: Open firewall holes
  ansible.posix.firewalld: service={{ item }} zone={{ nginx_firewall_zone }} permanent=true state=enabled immediate=yes
-  with_items:
+  loop:
    - http
    - https
    - "{{ 'http3' if nginx_enable_http3 else omit }}"

--- a/roles/php_fpm/tasks/main.yaml
+++ b/roles/php_fpm/tasks/main.yaml
@@ -5,7 +5,7 @@
  copy: >
    src={{ item }} dest=/etc/systemd/system/{{ item }}
    owner=root group=root mode=0644
-  with_items:
+  loop:
    - php-fpm@.socket
    - php-fpm@.service
  notify: Daemon reload

--- a/roles/phrik/tasks/main.yml
+++ b/roles/phrik/tasks/main.yml
@@ -9,13 +9,13 @@

 - name: Adding users to phrik group
  user: groups=phrik name="{{ item }}" append=yes
-  with_items:
+  loop:
    - demize
  tags: ['archusers']

 - name: Adding users to systemd-journal group for monitoring
  user: groups=systemd-journal name="{{ item }}" append=yes
-  with_items:
+  loop:
    - demize
  tags: ['archusers']

@@ -34,6 +34,6 @@
    enabled: true
    state: started
    daemon_reload: true
-  with_items:
+  loop:
    - pkgfile-update.timer
    - phrik.service
--- a/roles/postfix/handlers/main.yml
+++ b/roles/postfix/handlers/main.yml
@@ -8,7 +8,7 @@

 - name: Postmap additional files  # noqa no-changed-when
  command: postmap /etc/postfix/{{ item }}
-  with_items:
+  loop:
    - access_client
    - access_sender
    - access_sender-post-filter

--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@@ -3,7 +3,7 @@

 - name: Install template configs
  template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - main.cf
    - master.cf
    - transport
@@ -17,7 +17,7 @@

 - name: Install additional files
  copy: src={{ item }} dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - access_client
    - access_sender
    - access_sender-post-filter
@@ -62,13 +62,13 @@

 - name: Remove old files
  file: path={{ item }} state=absent
-  with_items:
+  loop:
    - compat_maps
    - compat_maps.db

 - name: Open firewall holes
  ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
-  with_items:
+  loop:
    - smtp
    - smtps
  when: configure_firewall

--- a/roles/postfix_null/tasks/main.yml
+++ b/roles/postfix_null/tasks/main.yml
@@ -3,7 +3,7 @@

 - name: Install template configs
  template: src={{ item.file }}.j2 dest=/etc/postfix/{{ item.file }} owner=root group={{ item.group }} mode={{ item.mode }}
-  with_items:
+  loop:
    - {file: main.cf, group: root, mode: 644}
    - {file: relay_passwords, group: postfix, mode: 640}
  notify:

--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -30,7 +30,7 @@

 - name: Configure postgres
  template: src={{ item }}.j2 dest=/var/lib/postgres/data/{{ item }} owner=postgres group=postgres mode=0600
-  with_items:
+  loop:
    - postgresql.conf
    - pg_hba.conf
  notify:
@@ -67,7 +67,7 @@
 - name: Open firewall holes to known postgresql ipv4 clients
  ansible.posix.firewalld: zone={{ postgres_firewalld_zone }} permanent=true state=enabled immediate=yes
    rich_rule="rule family=ipv4 source address={{ item }} port protocol=tcp port=5432 accept"
-  with_items: "{{ postgres_hosts4 + postgres_ssl_hosts4 }}"
+  loop: "{{ postgres_hosts4 + postgres_ssl_hosts4 }}"
  when: configure_firewall
  tags:
    - firewall
@@ -75,7 +75,7 @@
 - name: Open firewall holes to known postgresql ipv6 clients
  ansible.posix.firewalld: zone={{ postgres_firewalld_zone }} permanent=true state=enabled immediate=yes
    rich_rule="rule family=ipv6 source address={{ item }} port protocol=tcp port=5432 accept"
-  with_items: "{{ postgres_hosts6 + postgres_ssl_hosts6 }}"
+  loop: "{{ postgres_hosts6 + postgres_ssl_hosts6 }}"
  when: configure_firewall
  tags:
    - firewall

--- a/roles/prometheus_exporters/tasks/main.yml
+++ b/roles/prometheus_exporters/tasks/main.yml
@@ -51,7 +51,7 @@

 - name: Install node exporter textcollector scripts
  copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755
-  with_items:
+  loop:
    - arch-textcollector.sh
    - borg-textcollector.sh
    - borg-offsite-textcollector.sh
@@ -117,7 +117,7 @@

 - name: Install gitlab-exporter service and configuration
  template: src="{{ item.src }}" dest="{{ item.dest }}" owner=root group=root mode="{{ item.mode }}"
-  with_items:
+  loop:
    - { src: 'gitlab-exporter.conf.j2', dest: '/etc/conf.d/gitlab-exporter', mode: '0600' }
    - { src: 'gitlab-exporter.service.j2', dest: '/etc/systemd/system/gitlab-exporter.service', mode: '0644' }
  when: "inventory_hostname == 'gitlab.archlinux.org'"

--- a/roles/public_html/tasks/main.yml
+++ b/roles/public_html/tasks/main.yml
@@ -12,13 +12,13 @@

 - name: Install public_html units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - generate-public_html.timer
    - generate-public_html.service

 - name: Start and enable public_html units
  service: name={{ item }} enabled=yes state=started
-  with_items:
+  loop:
    - generate-public_html.timer
    - generate-public_html.service


--- a/roles/quassel/tasks/main.yml
+++ b/roles/quassel/tasks/main.yml
@@ -42,7 +42,7 @@

 - name: Install quassel units
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - clean-quassel.timer
    - clean-quassel.service
  notify:
@@ -56,13 +56,13 @@

 - name: Start and enable quassel
  service: name={{ item }} enabled=yes state=started
-  with_items:
+  loop:
    - quassel.service
    - clean-quassel.timer

 - name: Open firewall holes
  ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
-  with_items:
+  loop:
    - quassel
    - ident
  when: configure_firewall

--- a/roles/rebuilderd/tasks/main.yml
+++ b/roles/rebuilderd/tasks/main.yml
@@ -27,4 +27,4 @@

 - name: Start and enable rebuilderd-sync timer for {{ item }}
  systemd_service: name=rebuilderd-sync@archlinux-{{ item }}.timer enabled=yes state=started
-  with_items: "{{ suites }}"
+  loop: "{{ suites }}"
--- a/roles/rebuilderd_worker/tasks/main.yml
+++ b/roles/rebuilderd_worker/tasks/main.yml
@@ -12,7 +12,7 @@

 - name: Start and enable rebuilderd-worker@{{ item }}
  systemd_service: name=rebuilderd-worker@{{ item }} enabled=yes state=started
-  with_items: '{{ rebuilderd_workers }}'
+  loop: '{{ rebuilderd_workers }}'

 - name: Install cleanup script
  copy: src=clean-repro dest=/usr/local/bin/clean-repro owner=root group=root mode=0755

--- a/roles/repo_archive_split_temp/tasks/main.yml
+++ b/roles/repo_archive_split_temp/tasks/main.yml
@@ -45,11 +45,11 @@

 - name: Install systemd timers
  copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-  with_items:
+  loop:
    - gen_rsyncd.timer
    - gen_rsyncd.service

 - name: Activate systemd timers
  service: name={{ item }} enabled=yes state=started
-  with_items:
+  loop:
    - gen_rsyncd.timer
--- a/roles/rsync_net/tasks/main.yml
+++ b/roles/rsync_net/tasks/main.yml
@@ -10,7 +10,7 @@
  command: cat /root/.ssh/id_rsa.pub
  register: client_ssh_keys
  delegate_to: "{{ item }}"
-  with_items: "{{ backup_clients }}"
+  loop: "{{ backup_clients }}"
  changed_when: client_ssh_keys.changed

 - name: Create tempfile

--- a/roles/security_tracker/tasks/main.yml
+++ b/roles/security_tracker/tasks/main.yml
@@ -42,7 +42,7 @@

 - name: Copy security-tracker units
  copy: src="{{ item }}" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
-  with_items:
+  loop:
    - security-tracker-update.timer
    - security-tracker-update.service
  notify:
@@ -56,7 +56,7 @@
  become: true
  become_user: security
  command: /usr/bin/gpg --keyserver keys.openpgp.org --auto-key-locate wkd,keyserver --locate-keys {{ item }}
-  with_items:
+  loop:
    - anthraxx@archlinux.org
    - jelle@archlinux.org
    - foutrelis@archlinux.org

--- a/roles/sudo/tasks/main.yml
+++ b/roles/sudo/tasks/main.yml
@@ -9,7 +9,7 @@

 - name: Add sudo users to wheel
  user: name="{{ item }}" append=yes groups=wheel
-  with_items: "{{ sudo_users }}"
+  loop: "{{ sudo_users }}"
  tags: ['archusers']

 - name: Allow wheel group to use sudo