diff --git a/roles/alertmanager/tasks/main.yml b/roles/alertmanager/tasks/main.yml
index 3337c171947c646a13bdbb0b3c639ae74bfbc3b0..2f5e87967f5af7cb2bf6620f9c1899f2116801c2 100644
--- a/roles/alertmanager/tasks/main.yml
+++ b/roles/alertmanager/tasks/main.yml
@@ -5,5 +5,5 @@
template: src=alertmanager.yml.j2 dest=/etc/alertmanager/alertmanager.yml owner=root group=alertmanager mode=640
notify: Reload alertmanager
-- name: Enable alertmanager server service
- systemd: name=alertmanager enabled=yes daemon_reload=yes state=started
+- name: Start and enable alertmanager server service
+ systemd_service: name=alertmanager enabled=yes daemon_reload=yes state=started
diff --git a/roles/arch_boxes_sync/tasks/main.yml b/roles/arch_boxes_sync/tasks/main.yml
index 4d6491387ecd1cb311582d6e455fdfee11e86576..d5656c25c938132c5623e81b41ab08ee6a7506c6 100644
--- a/roles/arch_boxes_sync/tasks/main.yml
+++ b/roles/arch_boxes_sync/tasks/main.yml
@@ -13,4 +13,4 @@
- Daemon reload
- name: Start and enable arch-boxes-sync.timer
- systemd: name=arch-boxes-sync.timer enabled=yes daemon_reload=yes state=started
+ systemd_service: name=arch-boxes-sync.timer enabled=yes daemon_reload=yes state=started
diff --git a/roles/archbuild/handlers/main.yml b/roles/archbuild/handlers/main.yml
index 53c25acb653061ac6585331c532338b68ce70faa..71c5a8270d8399cd2d01a9fa009728993b7b91dd 100644
--- a/roles/archbuild/handlers/main.yml
+++ b/roles/archbuild/handlers/main.yml
@@ -1,3 +1,3 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/archbuild/tasks/main.yml b/roles/archbuild/tasks/main.yml
index 75a94bfe52e3b39feb2f04c4a5a20b667cd9b9b5..fd0cccdb3e7a8385874867a08b8faeb7717a96fd 100644
--- a/roles/archbuild/tasks/main.yml
+++ b/roles/archbuild/tasks/main.yml
@@ -18,7 +18,7 @@
- name: Install archbuild scripts
copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755
- with_items:
+ loop:
- mkpkg
- pkgdiffrepo
- clean-chroots
@@ -28,12 +28,12 @@
- name: Install archbuild config files
copy: src={{ item }} dest=/usr/local/share/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- elinks-pkgdiffrepo.conf
- name: Install archbuild units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- clean-chroots.timer
- clean-chroots.service
- clean-dests.timer
@@ -47,27 +47,27 @@
- name: Install archbuild unit
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- var-lib-archbuild.mount
notify:
- Daemon reload
- name: Install archbuild user units
copy: src={{ item }} dest=/etc/systemd/user/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- mkpkg@.timer
- mkpkg@.service
- name: Create drop-in directories for devtools
file: path=/etc/systemd/system/{{ item }}.d state=directory owner=root group=root mode=0755
- with_items:
+ loop:
- arch-nspawn-.scope
- devtools.slice
- user-.slice
- name: Install drop-in snippets for devtools
copy: src=devtools-override_{{ item }}.conf dest=/etc/systemd/system/{{ item }}.d/override.conf owner=root group=root mode=0644
- with_items:
+ loop:
- arch-nspawn-.scope
- devtools.slice
- user-.slice
@@ -76,12 +76,12 @@
- name: Start and enable archbuild mounts
service: name={{ item }} enabled={{ "yes" if archbuild_fs == 'tmpfs' else "no" }} state={{ "started" if archbuild_fs == 'tmpfs' else "stopped" }}
- with_items:
+ loop:
- var-lib-archbuild.mount
- name: Start and enable archbuilddest mount
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- var-lib-archbuilddest.mount
- name: Create archbuilddest
@@ -91,33 +91,30 @@
owner: root
group: root
mode: '0777'
- with_nested:
- - [archbuilddest]
- - [srcdest]
+ loop: "{{ ['archbuilddest'] | product(['srcdest']) | list }}"
- name: Set acl on archbuilddest
acl:
name: '/var/lib/archbuilddest/{{ item[0] }}'
state: present
entry: '{{ item[1] }}'
- with_nested:
- - [srcdest]
- - ['user::rwx',
- 'group::rwx',
- 'group:junior-dev:rwx',
- 'group:junior-packager:rwx',
- 'other::rwx',
- 'mask::rwx',
- 'default:user::rwx',
- 'default:group::r-x',
- 'default:group:junior-dev:rwx',
- 'default:group:junior-packager:rwx',
- 'default:other::r-x',
- 'default:mask::rwx']
+ loop: "{{ ['srcdest'] |
+ product(['user::rwx',
+ 'group::rwx',
+ 'group:junior-dev:rwx',
+ 'group:junior-packager:rwx',
+ 'other::rwx',
+ 'mask::rwx',
+ 'default:user::rwx',
+ 'default:group::r-x',
+ 'default:group:junior-dev:rwx',
+ 'default:group:junior-packager:rwx',
+ 'default:other::r-x',
+ 'default:mask::rwx']) | list }}"
- name: Start and enable archbuild units
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- clean-chroots.timer
- clean-dests.timer
- clean-offload-build.timer
diff --git a/roles/archive/tasks/main.yml b/roles/archive/tasks/main.yml
index ff4823150a7698736f98c736cf72459b0d6a1d5d..1e5dc4b52864c28660ba8b4b28f27d05fb3f7b78 100644
--- a/roles/archive/tasks/main.yml
+++ b/roles/archive/tasks/main.yml
@@ -18,10 +18,10 @@
mode: '0644'
- name: Setup archive timer
- systemd: name=archive.timer enabled=yes state=started
+ systemd_service: name=archive.timer enabled=yes state=started
- name: Setup archive-hardlink timer
- systemd: name=archive-hardlink.timer enabled=yes state=started
+ systemd_service: name=archive-hardlink.timer enabled=yes state=started
- name: Install internet archive packages
pacman: name=python-internetarchive,python-libarchive-c state=present
@@ -45,7 +45,7 @@
- archive-uploader.timer
- name: Start uploader timer
- systemd:
+ systemd_service:
name: archive-uploader.timer
enabled: true
state: started
diff --git a/roles/archmanweb/tasks/main.yml b/roles/archmanweb/tasks/main.yml
index 603cc3ad5de7d7068e540859ec269d9cf50273c1..f51fa2f792882502c8cb1e9b937c0d36f83a1548 100644
--- a/roles/archmanweb/tasks/main.yml
+++ b/roles/archmanweb/tasks/main.yml
@@ -81,7 +81,7 @@
- name: Run Django management tasks
django_manage: app_path="{{ archmanweb_dir }}/repo" command="{{ item }}"
- with_items:
+ loop:
- migrate
- collectstatic
- man_drop_cache
@@ -98,9 +98,9 @@
- name: Install systemd units
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archmanweb_update.service
- archmanweb_update.timer
- name: Start and enable archmanweb update timer
- systemd: name="archmanweb_update.timer" enabled=yes state=started daemon_reload=yes
+ systemd_service: name="archmanweb_update.timer" enabled=yes state=started daemon_reload=yes
diff --git a/roles/archusers/tasks/main.yml b/roles/archusers/tasks/main.yml
index 2fc648b2886bce76ea05e39965723b731d26417e..cf9fabcf4874ed733149cc36794527fad7ee3ead 100644
--- a/roles/archusers/tasks/main.yml
+++ b/roles/archusers/tasks/main.yml
@@ -1,11 +1,11 @@
- name: Create Arch Linux-specific groups
group: name="{{ item }}" state=present system=no
- with_items: "{{ arch_groups }}"
+ loop: "{{ arch_groups }}"
- name: Filter arch_users for users with non-matching hosts
set_fact: arch_users_filtered="{{ (arch_users_filtered | default([])) + [item] }}"
when: item.value.hosts is not defined or inventory_hostname in item.value.hosts
- with_dict: "{{ arch_users }}"
+ loop: "{{ arch_users | dict2items }}"
- name: Create Arch Linux-specific users
ansible.builtin.user:
@@ -42,4 +42,4 @@
when:
- item not in (arch_users_filtered | map(attribute='key'))
- item not in (utility_users[inventory_hostname] | default([]))
- with_items: "{{ all_users.files | map(attribute='path') | map('basename') | list }}"
+ loop: "{{ all_users.files | map(attribute='path') | map('basename') | list }}"
diff --git a/roles/archweb/handlers/main.yml b/roles/archweb/handlers/main.yml
index 481889db08ff215815b64c0436907688d6bb9073..be925b61614bccfc369f37ae4bdcc7898d86dc26 100644
--- a/roles/archweb/handlers/main.yml
+++ b/roles/archweb/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
- name: Restart archweb memcached
diff --git a/roles/archweb/tasks/main.yml b/roles/archweb/tasks/main.yml
index a8c22d24c74c9c13ce78067de6503371c862e505..9e45e79262681edcdc398dcfba2565a610ca2787 100644
--- a/roles/archweb/tasks/main.yml
+++ b/roles/archweb/tasks/main.yml
@@ -97,7 +97,7 @@
postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ archweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
no_log: true
when: archweb_site or archweb_services
- with_items:
+ loop:
- { user: "{{ archweb_db_site_user }}", password: "{{ vault_archweb_db_site_password }}" }
- { user: "{{ archweb_db_services_user }}", password: "{{ vault_archweb_db_services_password }}" }
- { user: "{{ archweb_db_dbscripts_user }}", password: "{{ vault_archweb_db_dbscripts_password }}" }
@@ -118,7 +118,7 @@
postgresql_privs: database="{{ archweb_db }}" host="{{ archweb_db_host }}" login="{{ archweb_db_site_user }}" login_password="{{ vault_archweb_db_site_password }}"
privs=CONNECT roles="{{ item }}" type=database
when: archweb_site or archweb_services
- with_items:
+ loop:
- "{{ archweb_db_services_user }}"
- "{{ archweb_db_dbscripts_user }}"
- "{{ archweb_db_backup_user }}"
@@ -127,7 +127,7 @@
postgresql_privs: database="{{ archweb_db }}" host="{{ archweb_db_host }}" login="{{ archweb_db_site_user }}" login_password="{{ vault_archweb_db_site_password }}"
privs=SELECT roles="{{ item.user }}" type=table objs="{{ item.objs }}"
when: archweb_site or archweb_services
- with_items:
+ loop:
- { user: "{{ archweb_db_services_user }}", objs: "{{ archweb_db_services_table_objs }}" }
- { user: "{{ archweb_db_dbscripts_user }}", objs: "{{ archweb_db_dbscripts_table_objs }}" }
- { user: "{{ archweb_db_backup_user }}", objs: "{{ archweb_db_backup_table_objs }}" }
@@ -136,7 +136,7 @@
postgresql_privs: database="{{ archweb_db }}" host="{{ archweb_db_host }}" login="{{ archweb_db_site_user }}" login_password="{{ vault_archweb_db_site_password }}"
privs=SELECT roles="{{ item.user }}" type=sequence objs="{{ item.objs }}"
when: archweb_site or archweb_services
- with_items:
+ loop:
- { user: "{{ archweb_db_services_user }}", objs: "{{ archweb_db_services_sequence_objs }}" }
- { user: "{{ archweb_db_backup_user }}", objs: "{{ archweb_db_backup_sequence_objs }}" }
@@ -160,7 +160,7 @@
- name: Install mirrorcheck service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-mirrorcheck.service
- archweb-mirrorcheck.timer
notify:
@@ -169,7 +169,7 @@
- name: Install mirrorresolv service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-mirrorresolv.service
- archweb-mirrorresolv.timer
notify:
@@ -178,7 +178,7 @@
- name: Install populate_signoffs service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-populate_signoffs.service
- archweb-populate_signoffs.timer
notify:
@@ -187,7 +187,7 @@
- name: Install planet service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-planet.service
- archweb-planet.timer
notify:
@@ -196,7 +196,7 @@
- name: Install rebuilderd status service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-rebuilderd.service
- archweb-rebuilderd.timer
notify:
@@ -225,7 +225,7 @@
- name: Install archweb rsync iso service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- archweb-rsync_iso.service
- archweb-rsync_iso.timer
notify:
@@ -242,12 +242,12 @@
notify: Restart archweb memcached
- name: Start and enable archweb memcached service and archweb-rsync_iso timer
- systemd:
+ systemd_service:
name: "{{ item }}"
enabled: true
state: started
daemon_reload: true
- with_items:
+ loop:
- archweb-memcached.service
- archweb-rsync_iso.timer
when: archweb_site | bool
diff --git a/roles/archwiki/tasks/main.yml b/roles/archwiki/tasks/main.yml
index 160c8235187a73990bb93c98e33549814333e2eb..c8c59f25c7bf2b71be41d746a0bf8ed007a5a3ac 100644
--- a/roles/archwiki/tasks/main.yml
+++ b/roles/archwiki/tasks/main.yml
@@ -95,7 +95,7 @@
template: src="memcached.service.d-archwiki.conf.j2" dest="/etc/systemd/system/memcached@archwiki.service.d/archwiki.conf" owner=root group=root mode=0644
- name: Start and enable memcached service
- systemd: name=memcached@archwiki.service state=started enabled=true daemon_reload=true
+ systemd_service: name=memcached@archwiki.service state=started enabled=true daemon_reload=true
- name: Install nginx-cache-purge script
copy: src=nginx-cache-purge dest=/usr/local/bin/nginx-cache-purge owner=root group=root mode=0755
@@ -111,19 +111,19 @@
- nginx-cache-purge.service
- name: Start and enable archwiki timers and services
- systemd:
+ systemd_service:
name: "{{ item }}"
enabled: true
state: started
daemon_reload: true
- with_items:
+ loop:
- archwiki-runjobs.timer
- archwiki-runjobs-wait.service
- archwiki-question-updater.timer
- nginx-cache-purge.service
- name: Create question answer file
- systemd:
+ systemd_service:
name: archwiki-question-updater.service
state: started
daemon_reload: true
diff --git a/roles/aurweb/handlers/main.yml b/roles/aurweb/handlers/main.yml
index 59206cdecf28c53399ed0e606f2312eda1d998da..e640ca2e16ed9d11515fbd8e35e3d70b9fa07499 100644
--- a/roles/aurweb/handlers/main.yml
+++ b/roles/aurweb/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
- name: Restart sshd
diff --git a/roles/aurweb/tasks/main.yml b/roles/aurweb/tasks/main.yml
index 0b57fab62b8086aa55c89e9aaa5e35737264c6a9..e9aa9dcb081b6de26311ac5fd42eb26c1f2676f7 100644
--- a/roles/aurweb/tasks/main.yml
+++ b/roles/aurweb/tasks/main.yml
@@ -72,14 +72,14 @@
- name: Install AUR systemd service and timers
template: src={{ item.name }}.j2 dest=/etc/systemd/system/{{ item.name }} owner=root group=root mode=0644
- with_items:
+ loop:
- "{{ aurweb_services }}"
- "{{ aurweb_timers }}"
when: release.changed and (item.install is not defined or item.install)
- name: Stop AUR systemd services and timers
service: name={{ item.name }} enabled=yes state=stopped
- with_items:
+ loop:
- "{{ aurweb_services }}"
- "{{ aurweb_timers }}"
when: release.changed and (item.restart is not defined or item.restart)
@@ -97,7 +97,7 @@
- name: Create necessary directories
file: path={{ aurweb_dir }}/{{ item }} state=directory owner={{ aurweb_user }} group={{ aurweb_user }} mode=0755
- with_items:
+ loop:
- 'aurblup'
- 'sessions'
- 'uploads'
@@ -289,8 +289,8 @@
- Restart sshd
- name: Start and enable AUR systemd services and timers
- systemd: name={{ item.name }} enabled=yes state=started daemon_reload=yes
- with_items:
+ systemd_service: name={{ item.name }} enabled=yes state=started daemon_reload=yes
+ loop:
- "{{ aurweb_services }}"
- "{{ aurweb_timers }}"
when: release.changed and (item.restart is not defined or item.restart)
diff --git a/roles/borg_client/tasks/main.yml b/roles/borg_client/tasks/main.yml
index d0848d5a47e80082597626390475ce194e33dd1e..dbdd624f1a42a77894ad613ad275772a063f47ac 100644
--- a/roles/borg_client/tasks/main.yml
+++ b/roles/borg_client/tasks/main.yml
@@ -50,10 +50,10 @@
- name: Install systemd timer and services for backup
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- borg-backup.timer
- borg-backup.service
- borg-backup-offsite.service
- name: Activate systemd timer for backup
- systemd: name=borg-backup.timer enabled=yes state=started daemon-reload=yes
+ systemd_service: name=borg-backup.timer enabled=yes state=started daemon-reload=yes
diff --git a/roles/borg_server/tasks/main.yml b/roles/borg_server/tasks/main.yml
index 7c9264a588a64d247bb79dba3ab352ddcc924e53..1b466b593ce95e0ae2599c0ecfff793258ddbc0f 100644
--- a/roles/borg_server/tasks/main.yml
+++ b/roles/borg_server/tasks/main.yml
@@ -21,13 +21,13 @@
owner: borg
group: borg
mode: '0700'
- with_items: "{{ backup_clients }}"
+ loop: "{{ backup_clients }}"
- name: Fetch ssh keys from each borg client machine
command: cat /root/.ssh/id_rsa.pub
register: ssh_keys
delegate_to: "{{ item }}"
- with_items: "{{ backup_clients }}"
+ loop: "{{ backup_clients }}"
changed_when: ssh_keys.stdout | length > 0
- name: Allow certain clients to connect
@@ -36,4 +36,4 @@
key: "{{ item.stdout }}"
manage_dir: true
key_options: "command=\"borg serve --restrict-to-path {{ backup_dir }}/{{ item['item'] }}\",restrict"
- with_items: "{{ ssh_keys.results }}"
+ loop: "{{ ssh_keys.results }}"
diff --git a/roles/bugbot/tasks/main.yml b/roles/bugbot/tasks/main.yml
index b58782da8ef06eeae213d3282ddccb3a976ae1db..3f9511dedc1743c32d7190f6098431dd4b28b939 100644
--- a/roles/bugbot/tasks/main.yml
+++ b/roles/bugbot/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Receive valid signing keys
command: /usr/bin/gpg --keyserver keys.openpgp.org --auto-key-locate wkd,keyserver --locate-keys {{ item }}
- with_items: '{{ bugbot_pgp_emails }}'
+ loop: '{{ bugbot_pgp_emails }}'
register: gpg
changed_when: "gpg.rc == 0"
@@ -23,4 +23,4 @@
copy: src=bugbot.service dest=/etc/systemd/system/bugbot.service owner=root group=root mode=0644
- name: Start and enable bugbot service
- systemd: name=bugbot.service enabled=yes state=started daemon_reload=yes
+ systemd_service: name=bugbot.service enabled=yes state=started daemon_reload=yes
diff --git a/roles/bugbuddy/handlers/main.yml b/roles/bugbuddy/handlers/main.yml
index 53c25acb653061ac6585331c532338b68ce70faa..71c5a8270d8399cd2d01a9fa009728993b7b91dd 100644
--- a/roles/bugbuddy/handlers/main.yml
+++ b/roles/bugbuddy/handlers/main.yml
@@ -1,3 +1,3 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/bugbuddy/tasks/main.yml b/roles/bugbuddy/tasks/main.yml
index 3dbd5a83393f1bea4f2477fabaa0685fd772e5ba..9bbd082f73ea0decc108601f1375b2d8e8f33698 100644
--- a/roles/bugbuddy/tasks/main.yml
+++ b/roles/bugbuddy/tasks/main.yml
@@ -16,7 +16,7 @@
command: /usr/local/bin/bugbuddy-download --restart
- name: Start and enable daemon service
- systemd: name=bugbuddy.service enabled=yes state=started
+ systemd_service: name=bugbuddy.service enabled=yes state=started
- name: Open bugbuddy ipv4 port for gitlab.archlinux.org
ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
index 2edbcd52bbf90239e887e5f24a7f0d2f8eda2122..8a77966cfe2ba4406b8929538b7994245931f48b 100644
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -13,12 +13,12 @@
- name: Install letsencrypt renewal service
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- certbot-renewal.service
- certbot-renewal.timer
- name: Activate letsencrypt renewal service
- systemd:
+ systemd_service:
name: certbot-renewal.timer
enabled: true
state: started
@@ -26,7 +26,7 @@
- name: Open firewall holes for certbot standalone authenticator
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
- http
when: configure_firewall
tags:
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index de2412cc7f18d7e87a16e833ab1e1af110e49631..17a0161d31e9e0691835e75919d25c77f78b22fe 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -1,12 +1,12 @@
- name: Restart journald
- systemd:
+ systemd_service:
name: systemd-journald
state: restarted
daemon_reload: true
- name: Systemd daemon-reload
- systemd:
+ systemd_service:
daemon_reload: true
- name: Restart systemd-zram-setup@zram0
- systemd: name=systemd-zram-setup@zram0 state=restarted daemon_reload=yes
+ systemd_service: name=systemd-zram-setup@zram0 state=restarted daemon_reload=yes
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index b6676bbb82ba6abce3e18501fbef3361c3064274..32df41f43891774bb014c0f97ea8d1910638af15 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -120,13 +120,13 @@
- name: Create drop-in directories for oomd
file: path=/etc/systemd/system/{{ item }}.d state=directory owner=root group=root mode=0755
- with_items:
+ loop:
- "-.slice"
- user@.service
- name: Install drop-in snippets for oomd
copy: src=oomd-override_{{ item }}.conf dest=/etc/systemd/system/{{ item }}.d/override.conf owner=root group=root mode=0644
- with_items:
+ loop:
- "-.slice"
- user@.service
notify:
@@ -141,7 +141,7 @@
- name: Configure logrotate
template: src=logrotate.conf.j2 dest=/etc/logrotate.conf owner=root group=root mode=0644
-- name: Enable logrotate timer
+- name: Start and enable logrotate timer
service: name=logrotate.timer state=started enabled=yes
- name: Create zsh directory
@@ -149,7 +149,7 @@
- name: Install root shell config
copy: src={{ item }} dest=/root/.{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- zshrc
- dircolors
@@ -159,5 +159,5 @@
- name: Install custom paccache.service
copy: src=paccache.service dest=/etc/systemd/system/paccache.service owner=root group=root mode=0644
-- name: Enable paccache timer
- systemd: name=paccache.timer enabled=yes state=started daemon_reload=yes
+- name: Start and enable paccache timer
+ systemd_service: name=paccache.timer enabled=yes state=started daemon_reload=yes
diff --git a/roles/dbscripts/tasks/main.yml b/roles/dbscripts/tasks/main.yml
index 1837d5a8343832e1800d0b641cf3dadc9b04db28..b82689b51c98f3d1753caa7491559a4b7c65af6e 100644
--- a/roles/dbscripts/tasks/main.yml
+++ b/roles/dbscripts/tasks/main.yml
@@ -11,14 +11,14 @@
pacman: name=fcgiwrap state=present
- name: Install fcgiwrap for the Git repo
- systemd: name=fcgiwrap.socket enabled=yes state=started
+ systemd_service: name=fcgiwrap.socket enabled=yes state=started
- name: Allow state repo to be exported
file: path="/srv/repos/state/.git/git-daemon-export-ok" state=touch owner=git-packages group=junior-packager mode=0644
- name: Create dbscripts users
user: name="{{ item }}" shell=/bin/bash
- with_items:
+ loop:
- git-packages
- name: Add cleanup user
@@ -53,7 +53,7 @@
groups: "{{ item.value.groups | join(',') }}"
comment: "{{ item.value.name }}"
state: present
- with_dict: "{{ arch_users }}"
+ loop: "{{ arch_users | dict2items }}"
- name: Create /etc/dbscripts directory
file: path=/etc/dbscripts state=directory owner=root group=root mode=0755
@@ -75,7 +75,7 @@
- name: Create dbscripts paths
file: path="{{ item }}" state=directory owner=root group=root mode=0755
- with_items:
+ loop:
- /srv/repos/git-packages
- name: Create git-packages/package-cleanup directory
@@ -142,7 +142,7 @@
- name: Fetch dbscripts PGP key
command: /usr/bin/gpg --keyserver keys.openpgp.org --auto-key-locate wkd,keyserver --locate-keys {{ item }}
- with_items: '{{ dbscripts_pgp_emails }}'
+ loop: '{{ dbscripts_pgp_emails }}'
register: gpg
changed_when: "gpg.rc == 0"
@@ -161,7 +161,7 @@
- name: Symlink dbscript binaries to /usr/local/bin
file: path=/usr/local/bin/{{ item }} src=/packages/{{ item }} state=link owner=root group=root mode=0755
- with_items:
+ loop:
- db-move
- db-update
- db-remove
@@ -177,35 +177,35 @@
- name: Make junior developer root repos
file: path=/srv/ftp/{{ item }}/os state=directory owner=root group=root mode=0755
- with_items: '{{ junior_developer_repos }}'
+ loop: '{{ junior_developer_repos }}'
- name: Make junior developer repos
file: path=/srv/ftp/{{ item }}/os/x86_64 state=directory owner=root group=junior-dev mode=0775
- with_items: '{{ junior_developer_repos }}'
+ loop: '{{ junior_developer_repos }}'
- name: Make developer root repos
file: path=/srv/ftp/{{ item }}/os state=directory owner=root group=root mode=0755
- with_items: '{{ developer_repos }}'
+ loop: '{{ developer_repos }}'
- name: Make developer repos
file: path=/srv/ftp/{{ item }}/os/x86_64 state=directory owner=root group=dev mode=0775
- with_items: '{{ developer_repos }}'
+ loop: '{{ developer_repos }}'
- name: Make junior packager root repos
file: path=/srv/ftp/{{ item }}/os state=directory owner=root group=root mode=0755
- with_items: '{{ junior_packager_repos }}'
+ loop: '{{ junior_packager_repos }}'
- name: Make junior packager repos
file: path=/srv/ftp/{{ item }}/os/x86_64 state=directory owner=root group=junior-packager mode=0775
- with_items: '{{ junior_packager_repos }}'
+ loop: '{{ junior_packager_repos }}'
- name: Make packager root repos
file: path=/srv/ftp/{{ item }}/os state=directory owner=root group=root mode=0755
- with_items: '{{ packager_repos }}'
+ loop: '{{ packager_repos }}'
- name: Make packager repos
file: path=/srv/ftp/{{ item }}/os/x86_64 state=directory owner=root group=packager mode=0775
- with_items: '{{ packager_repos }}'
+ loop: '{{ packager_repos }}'
- name: Make /srv/ftp/other/packages available
file: path=/srv/ftp/other/packages state=directory owner=root group=junior-packager mode=0775
@@ -239,7 +239,7 @@
- name: Install systemd timers
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- cleanup.timer
- cleanup.service
- sourceballs.timer
@@ -253,7 +253,7 @@
- name: Activate systemd timers
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- cleanup.timer
- sourceballs.timer
- lastsync.timer
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 6c27a9073e60470aad1c17da1d44128eafb16b5d..ca76e6c9451f6bed97c5ace004cdd60e4828378c 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -58,7 +58,7 @@
- name: Open firewall holes
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
- imaps
- managesieve
when: configure_firewall
@@ -67,15 +67,15 @@
- name: Install systemd timers
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- dovecot-cleanup.timer
- dovecot-cleanup.service
- name: Activate systemd timers
- systemd:
+ systemd_service:
name: "{{ item }}"
state: started
enabled: true
daemon_reload: true
- with_items:
+ loop:
- dovecot-cleanup.timer
diff --git a/roles/dyn_dns/tasks/main.yml b/roles/dyn_dns/tasks/main.yml
index f2d24c3b113d40cc8743b361532ed60c55cd579e..a6aa734c95d495ccca9fe8964be392a5a99515c5 100644
--- a/roles/dyn_dns/tasks/main.yml
+++ b/roles/dyn_dns/tasks/main.yml
@@ -44,4 +44,4 @@
ansible.posix.firewalld: service=dns permanent=true state=enabled immediate=yes
- name: Start and enable powerdns
- systemd: name=pdns.service enabled=yes daemon_reload=yes state=started
+ systemd_service: name=pdns.service enabled=yes daemon_reload=yes state=started
diff --git a/roles/fail2ban/handlers/main.yml b/roles/fail2ban/handlers/main.yml
index a83c6320ae11eaadc61ca0f0ff3fa77472e5a05d..23a94fdb474cdd48a7df1e74ae715bac31ffa7ee 100644
--- a/roles/fail2ban/handlers/main.yml
+++ b/roles/fail2ban/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Restart fail2ban
- systemd:
+ systemd_service:
name: fail2ban
state: restarted
diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml
index 92559dc23670e5333ace19b16b95a5f2ffb4a71f..7717777739fb9c0982b5275d782807ee0ce065e3 100644
--- a/roles/fail2ban/tasks/main.yml
+++ b/roles/fail2ban/tasks/main.yml
@@ -28,7 +28,7 @@
owner: "root"
group: "root"
mode: '0644'
- with_items:
+ loop:
- "fail2ban.local"
- "jail.local"
notify:
@@ -93,14 +93,14 @@
register: result
- name: Restart firewalld
- systemd: name=firewalld state=restarted
+ systemd_service: name=firewalld state=restarted
when: result.changed
- name: Add fail2ban ipset to the firewalld drop zone
ansible.posix.firewalld: source=ipset:fail2ban zone=drop permanent=true immediate=true state=enabled
- name: Start and enable service
- systemd:
+ systemd_service:
name: "fail2ban.service"
enabled: true
state: started
diff --git a/roles/fluxbb/handlers/main.yml b/roles/fluxbb/handlers/main.yml
index f26cb90057db58d6d06c93dd705d02f488f9b9fc..238bc809dbaa50495930457c21b1a667031d9dba 100644
--- a/roles/fluxbb/handlers/main.yml
+++ b/roles/fluxbb/handlers/main.yml
@@ -1,2 +1,2 @@
- name: Restart php-fpm@fluxbb
- systemd: name=php-fpm@fluxbb.service state=restarted
+ systemd_service: name=php-fpm@fluxbb.service state=restarted
diff --git a/roles/geo_dns/tasks/main.yml b/roles/geo_dns/tasks/main.yml
index 5c3bcc39c23aa2cda369bcc096b8530dff43eecb..c284379a1ea8158c8d3f85b2d1c844209b328af4 100644
--- a/roles/geo_dns/tasks/main.yml
+++ b/roles/geo_dns/tasks/main.yml
@@ -24,4 +24,4 @@
ansible.posix.firewalld: service=dns permanent=true state=enabled immediate=yes
- name: Start and enable powerdns
- systemd: name=pdns.service enabled=yes daemon_reload=yes state=started
+ systemd_service: name=pdns.service enabled=yes daemon_reload=yes state=started
diff --git a/roles/geoipupdate/tasks/main.yml b/roles/geoipupdate/tasks/main.yml
index 597d1f78175e43496ae713728d9d0e3f64fe2ec3..7e21091e269bfc7dbca0115b6733557286b1bbfe 100644
--- a/roles/geoipupdate/tasks/main.yml
+++ b/roles/geoipupdate/tasks/main.yml
@@ -7,8 +7,8 @@
register: configuration
- name: Run geoipupdate after installation or configuration change
- systemd: name=geoipupdate state=restarted
+ systemd_service: name=geoipupdate state=restarted
when: installation is changed or configuration is changed
- name: Start and enable geoipupdate.timer
- systemd: name=geoipupdate.timer enabled=yes state=started
+ systemd_service: name=geoipupdate.timer enabled=yes state=started
diff --git a/roles/gitlab/tasks/main.yml b/roles/gitlab/tasks/main.yml
index 935ea31c8ca407ab6ca522ed0d6463f8e5a32b43..e88692415d7e4dc761679866fbeae9067b108e28 100644
--- a/roles/gitlab/tasks/main.yml
+++ b/roles/gitlab/tasks/main.yml
@@ -120,7 +120,7 @@
- name: Open firewall holes
ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
when: configure_firewall
- with_items:
+ loop:
- "80/tcp"
- "443/tcp"
- "22/tcp"
@@ -133,14 +133,14 @@
- name: Copy {gitlab-cleanup,gitlab-bot-token-extender} timer and service
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- gitlab-cleanup.timer
- gitlab-cleanup.service
- gitlab-bot-token-extender.timer
- gitlab-bot-token-extender.service
- name: Activate systemd timers for gitlab-cleanup
- systemd: name={{ item }} enabled=yes state=started daemon-reload=yes
+ systemd_service: name={{ item }} enabled=yes state=started daemon-reload=yes
loop:
- gitlab-cleanup.timer
- gitlab-bot-token-extender.timer
diff --git a/roles/gitlab_runner/handlers/main.yml b/roles/gitlab_runner/handlers/main.yml
index 833593337d9f596bf9d9a97f660ea0ed9c862a5b..d9b812c4d76a04aa0bc59f7a6b0a7836768756bc 100644
--- a/roles/gitlab_runner/handlers/main.yml
+++ b/roles/gitlab_runner/handlers/main.yml
@@ -1,11 +1,11 @@
- name: Systemd daemon-reload
- systemd: daemon_reload=yes
+ systemd_service: daemon_reload=yes
- name: Restart gitlab-runner
service: name=gitlab-runner state=restarted
- name: Restart gitlab-runner-docker-cleanup.timer
- systemd: name=gitlab-runner-docker-cleanup.timer state=restarted daemon_reload=yes
+ systemd_service: name=gitlab-runner-docker-cleanup.timer state=restarted daemon_reload=yes
- name: Restart docker
service: name=docker state=restarted
diff --git a/roles/gitlab_runner/tasks/main.yml b/roles/gitlab_runner/tasks/main.yml
index 60e468c84fa90fbeea032ba6acbd97bbd1fe2540..fb301417ebecf3d7b6c065d7674039ff5776e81c 100644
--- a/roles/gitlab_runner/tasks/main.yml
+++ b/roles/gitlab_runner/tasks/main.yml
@@ -7,7 +7,7 @@
notify: Systemd daemon-reload
- name: Start docker
- systemd: name=docker enabled=yes state=started daemon_reload=yes
+ systemd_service: name=docker enabled=yes state=started daemon_reload=yes
- name: Create /etc/docker directory
file: state=directory owner=root group=root mode=0755 path=/etc/docker
@@ -57,11 +57,11 @@
notify:
- Restart gitlab-runner-docker-cleanup.timer
-- name: Enable and start gitlab-runner-docker-cleanup.timer
- systemd: name=gitlab-runner-docker-cleanup.timer state=started enabled=yes daemon_reload=yes
+- name: Start and enable gitlab-runner-docker-cleanup.timer
+ systemd_service: name=gitlab-runner-docker-cleanup.timer state=started enabled=yes daemon_reload=yes
-- name: Enable and start gitlab runner service
- systemd: name=gitlab-runner state=started enabled=yes daemon_reload=yes
+- name: Start and enable gitlab runner service
+ systemd_service: name=gitlab-runner state=started enabled=yes daemon_reload=yes
- name: Setup libvirt-executor
when: "'gitlab_vm_runners' in group_names"
@@ -88,5 +88,5 @@
- libvirt-executor-fetch-image.service
- libvirt-executor-fetch-image.timer
- - name: Enable and start libvirt-executor-fetch-image.timer
- systemd: name=libvirt-executor-fetch-image.timer state=started enabled=yes daemon_reload=yes
+ - name: Start and enable libvirt-executor-fetch-image.timer
+ systemd_service: name=libvirt-executor-fetch-image.timer state=started enabled=yes daemon_reload=yes
diff --git a/roles/gluebuddy/handlers/main.yml b/roles/gluebuddy/handlers/main.yml
index 53c25acb653061ac6585331c532338b68ce70faa..71c5a8270d8399cd2d01a9fa009728993b7b91dd 100644
--- a/roles/gluebuddy/handlers/main.yml
+++ b/roles/gluebuddy/handlers/main.yml
@@ -1,3 +1,3 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/gluebuddy/tasks/main.yml b/roles/gluebuddy/tasks/main.yml
index 4197f77f9f5f7cd1c342ca14c902f1f974ed80cf..7722f0aea5b9a2a9e4304c6edcb351a6641605e8 100644
--- a/roles/gluebuddy/tasks/main.yml
+++ b/roles/gluebuddy/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install systemd service/timer
copy: src={{ item }} dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- gluebuddy.service
- gluebuddy.timer
notify:
@@ -18,5 +18,5 @@
- name: Download latest gluebuddy # noqa no-changed-when
command: /usr/local/bin/gluebuddy_download.sh
-- name: Enable timer
- systemd: name=gluebuddy.timer enabled=yes state=started
+- name: Start and enable timer
+ systemd_service: name=gluebuddy.timer enabled=yes state=started
diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml
index 665516701e07307aa7e71b87f841adce712bf928..d9c078e352837a7761bb7aa564743533da139aab 100644
--- a/roles/grafana/tasks/main.yml
+++ b/roles/grafana/tasks/main.yml
@@ -21,7 +21,7 @@
- name: Create grafana provisioning directory
file: path={{ item }} mode=0700 owner=grafana group=grafana state=directory
- with_items:
+ loop:
- /etc/grafana/provisioning
- /etc/grafana/provisioning/datasources
- /etc/grafana/provisioning/dashboards
diff --git a/roles/hetzner_storagebox/tasks/main.yml b/roles/hetzner_storagebox/tasks/main.yml
index 1c1eb507bd0c8c00aceaaf5841d2664a9556f292..613f2a4a37a101463453f4ee4d50ea9a67866ba1 100644
--- a/roles/hetzner_storagebox/tasks/main.yml
+++ b/roles/hetzner_storagebox/tasks/main.yml
@@ -22,7 +22,7 @@
check_mode: false
register: client_ssh_keys
delegate_to: "{{ item }}"
- with_items: "{{ backup_clients }}"
+ loop: "{{ backup_clients }}"
changed_when: client_ssh_keys.changed
- name: Create tempfile
diff --git a/roles/install_arch/tasks/main.yml b/roles/install_arch/tasks/main.yml
index 1fbc0fc30380b30b6be1f70be84a72dc21bec1e0..31029da5107d0bf261f196b23d9bac673f8e80dd 100644
--- a/roles/install_arch/tasks/main.yml
+++ b/roles/install_arch/tasks/main.yml
@@ -40,7 +40,7 @@
{% endif %}
--new=0:0:0 --change-name=0:root --typecode=0:8304
{{ item }}
- with_items:
+ loop:
- "{{ system_disks }}"
register: sgdisk
changed_when: "sgdisk.rc == 0"
@@ -181,14 +181,14 @@
- name: Install grub (legacy mode)
command: chroot /mnt grub-install --target=i386-pc --recheck {{ item }}
- with_items:
+ loop:
- "{{ system_disks }}"
register: chroot_grub_install_legacy
changed_when: "chroot_grub_install_legacy.rc == 0"
- name: Install grub (uefi mode)
command: chroot /mnt grub-install --target=x86_64-efi --efi-directory=/efi --removable --recheck {{ item }}
- with_items:
+ loop:
- "{{ system_disks }}"
register: chroot_grub_install_uefi
changed_when: "chroot_grub_install_uefi.rc == 0"
diff --git a/roles/keycloak/handlers/main.yml b/roles/keycloak/handlers/main.yml
index b3e6fcce7eb4fd17cbd586f172566b6e27a7168e..4716737caaa3227edcff5c1465887b20e4a55e9b 100644
--- a/roles/keycloak/handlers/main.yml
+++ b/roles/keycloak/handlers/main.yml
@@ -2,5 +2,5 @@
service: name=keycloak state=restarted
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index 9e5251f05d7f98adfd7896646189e11934dddce7..b84ed371da94ca0e259529ad63ef4bbd7a33df1c 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -37,7 +37,7 @@
no_log: true
- name: Start and enable keycloak
- systemd: name=keycloak enabled=yes daemon_reload=yes state=started
+ systemd_service: name=keycloak enabled=yes daemon_reload=yes state=started
- name: Wait for keycloak to initialize
wait_for: port={{ keycloak_port }}
diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml
index 9307576fbedb1e454a7f65a363c54eddfa4c0737..88bd055ce93bb12cf0f9aa8cbe8bcddac9a3842e 100644
--- a/roles/libvirt/tasks/main.yml
+++ b/roles/libvirt/tasks/main.yml
@@ -24,7 +24,7 @@
file: src=/etc/libvirt/qemu/networks/default.xml dest=/etc/libvirt/qemu/networks/autostart/default.xml state=link owner=root group=root
- name: Start and enable libvirtd
- systemd: name=libvirtd enabled=yes state=started daemon_reload=yes
+ systemd_service: name=libvirtd enabled=yes state=started daemon_reload=yes
- name: Define the images storage pool
community.libvirt.virt_pool:
diff --git a/roles/loki/tasks/main.yml b/roles/loki/tasks/main.yml
index 7bbbfca934dffe5446ffd527c117d2517f9e99f6..0b0d60a011208f2af8ab0e51e4a057555cd1c63e 100644
--- a/roles/loki/tasks/main.yml
+++ b/roles/loki/tasks/main.yml
@@ -33,4 +33,4 @@
copy: src=loki-override.conf dest=/etc/systemd/system/loki.service.d/override.conf owner=root group=root mode=0644
- name: Start and enable loki
- systemd: name=loki.service enabled=yes daemon_reload=yes state=started
+ systemd_service: name=loki.service enabled=yes daemon_reload=yes state=started
diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
index 9119c94db16305d26ddda37275aeb1b801e5edda..7e5b45498026c4c2e422e50d677b4e4005ae92fe 100644
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@@ -81,10 +81,10 @@
when: false
- name: Start and enable postfix
- systemd: name=postfix.service enabled=yes daemon_reload=yes state=started
+ systemd_service: name=postfix.service enabled=yes daemon_reload=yes state=started
- name: Start and enable mailman{.service,-*.timer}
- systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
+ systemd_service: name={{ item }} enabled=yes daemon_reload=yes state=started
loop:
- mailman3.service
- mailman3-digests.timer
diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml
index b3ad19e8c49612b48dfc1d562b7af5f0db4b30b8..569e5ace8472a7c4373b900d0e18660f94ecc2c6 100644
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -19,7 +19,7 @@
- name: Disallow remote root login
command: 'mysql -NBe "{{ item }}"'
- with_items:
+ loop:
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: false
@@ -28,7 +28,7 @@
- name: Set root password
mysql_user: user=root host={{ item }} password={{ vault_mariadb_users.root }}
- with_items:
+ loop:
- '127.0.0.1'
- '::1'
- 'localhost'
diff --git a/roles/matrix/handlers/main.yml b/roles/matrix/handlers/main.yml
index 5e9cf6b047806e0fe0b1ccd736a3743820331644..8b3e5e475af91b4cb57bab238565b8eff57a32fd 100644
--- a/roles/matrix/handlers/main.yml
+++ b/roles/matrix/handlers/main.yml
@@ -1,33 +1,33 @@
- name: Restart synapse
- systemd:
+ systemd_service:
name: synapse
state: restarted
enabled: true
daemon_reload: true
- name: Restart pantalaimon
- systemd:
+ systemd_service:
name: pantalaimon
state: restarted
enabled: true
daemon_reload: true
- name: Restart draupnir
- systemd:
+ systemd_service:
name: draupnir
state: restarted
enabled: true
daemon_reload: true
- name: Restart matrix-appservice-irc
- systemd:
+ systemd_service:
name: matrix-appservice-irc
state: restarted
enabled: true
daemon_reload: true
- name: Restart turnserver
- systemd:
+ systemd_service:
name: turnserver
state: restarted
enabled: true
diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml
index 3d9b9e7c5900e7496dc072b56148f01eaf2d8284..a1b166e5bf69617789d708ae0778382631c826d0 100644
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -43,7 +43,7 @@
- name: Create synapse home
file: path={{ item }} state=directory owner=synapse group=synapse mode=0700
- with_items:
+ loop:
- /var/lib/synapse
- /var/lib/synapse/media_store
- /var/lib/synapse/draupnir-data
@@ -56,7 +56,7 @@
become: true
become_user: synapse
become_method: ansible.builtin.sudo
- with_items:
+ loop:
- /var/lib/synapse/venv
- /var/lib/synapse/venv-pantalaimon
@@ -71,7 +71,7 @@
become: true
become_user: synapse
become_method: ansible.builtin.sudo
- with_items:
+ loop:
- /var/lib/synapse/venv
- /var/lib/synapse/venv-pantalaimon
@@ -245,7 +245,7 @@
- name: Create synapse config dir
file: path={{ item }} state=directory owner=root group=synapse mode=0750
- with_items:
+ loop:
- /etc/synapse
- name: Install homeserver config
@@ -255,7 +255,7 @@
- name: Install static config
copy: src={{ item }} dest=/etc/synapse/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- log_config.yaml
- oembed-providers.json
- worker-appservice.yaml
@@ -329,7 +329,7 @@
- name: Install synapse units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- synapse.service
- synapse-worker@.service
notify:
@@ -337,21 +337,21 @@
- name: Install pantalaimon units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- pantalaimon.service
notify:
- Restart pantalaimon
- name: Install draupnir units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- draupnir.service
notify:
- Restart draupnir
- name: Install matrix-appservice-irc units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- matrix-appservice-irc.service
notify:
- Restart matrix-appservice-irc
@@ -363,7 +363,7 @@
- name: Enable units
service: name={{ item }} enabled=yes
- with_items:
+ loop:
- synapse.service
- synapse-worker@appservice.service
- synapse-worker@federation_reader.service
@@ -376,7 +376,7 @@
- name: Open firewall holes
ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
# synapse's identd
- 113/tcp
# turnserver
diff --git a/roles/mirrorsync/tasks/sync.yml b/roles/mirrorsync/tasks/sync.yml
index 93de917326f4a670c754ecef8a09ec998ebdd7fb..3d5838355ac35ee68e60b866da49f823a5414973 100644
--- a/roles/mirrorsync/tasks/sync.yml
+++ b/roles/mirrorsync/tasks/sync.yml
@@ -8,4 +8,4 @@
template: src=mirrorsync.timer.j2 dest=/etc/systemd/system/sync{{ item.key }}.timer owner=root group=root mode=0644
- name: Start and enable timer for {{ item.key }}
- systemd: name=sync{{ item.key }}.timer enabled=yes state=started daemon_reload=yes
+ systemd_service: name=sync{{ item.key }}.timer enabled=yes state=started daemon_reload=yes
diff --git a/roles/mumble_server/tasks/main.yml b/roles/mumble_server/tasks/main.yml
index 86e8974f40fb48483cc1c0b07405365030fe202b..89a7f0799ca649aa7ba8072c704f70f485ed0109 100644
--- a/roles/mumble_server/tasks/main.yml
+++ b/roles/mumble_server/tasks/main.yml
@@ -4,7 +4,7 @@
- name: Open firewall holes
ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
when: configure_firewall
- with_items:
+ loop:
- "64738/tcp"
- "64738/udp"
tags:
@@ -31,5 +31,5 @@
args:
creates: /var/lib/mumble-server/fullchain.pem
-- name: Enable and start mumble-server.service
+- name: Start and enable mumble-server.service
service: name=mumble-server enabled=yes state=started
diff --git a/roles/networking/handlers/main.yml b/roles/networking/handlers/main.yml
index c622aec0dba429daf95cb46e24b7958da0a98e28..147e784c3f376476148a4aba90e2c7a6510da88b 100644
--- a/roles/networking/handlers/main.yml
+++ b/roles/networking/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Restart networkd
- systemd:
+ systemd_service:
name: systemd-networkd
state: restarted
daemon_reload: true
diff --git a/roles/networking/tasks/main.yml b/roles/networking/tasks/main.yml
index 07d133a85b1f89b870dd6a0275b6ecd94cb9cb8a..35633eab4714cb45647e62a9be3b159029918248 100644
--- a/roles/networking/tasks/main.yml
+++ b/roles/networking/tasks/main.yml
@@ -58,7 +58,7 @@
- "'hcloud' in group_names or inventory_hostname == 'packer-base-image'"
- name: Start and enable hcloud-init
- systemd: name=hcloud-init daemon_reload=yes state=started enabled=yes
+ systemd_service: name=hcloud-init daemon_reload=yes state=started enabled=yes
when:
- chroot_path | length == 0
- "'hcloud' in group_names or inventory_hostname == 'packer-base-image'"
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 5c0420f86e4cc17a2e55843907641d2902c7b21c..6f3138a1d717f73936f7cea70c3e6135b580a45c 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -14,13 +14,13 @@
- name: Snippets directories
file: state=directory path=/etc/nginx/{{ item }} owner=root group=root mode=0755
- with_items:
+ loop:
- toplevel-snippets
- snippets
- name: Copy snippets
template: src={{ item }} dest=/etc/nginx/snippets/{{ item | regex_replace('\\.j2$', '') }} owner=root group=root mode=0644
- with_items:
+ loop:
- letsencrypt.conf
- sslsettings.conf
- headers.conf
@@ -64,7 +64,7 @@
- name: Open firewall holes
ansible.posix.firewalld: service={{ item }} zone={{ nginx_firewall_zone }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
- http
- https
- "{{ 'http3' if nginx_enable_http3 else omit }}"
diff --git a/roles/opensearch/handlers/main.yml b/roles/opensearch/handlers/main.yml
index 2a0f9c48a86f3b27cbd726cc157a1421757f5ff0..fbdae2947450097b7b72868c982945eecef74777 100644
--- a/roles/opensearch/handlers/main.yml
+++ b/roles/opensearch/handlers/main.yml
@@ -1,2 +1,2 @@
- name: Restart opensearch
- systemd: name=opensearch state=restarted
+ systemd_service: name=opensearch state=restarted
diff --git a/roles/opensearch/tasks/main.yml b/roles/opensearch/tasks/main.yml
index 97fda5bec2fc0f983a1621109426fe6968e53ddc..2142798ab1f45081ce86da7ea0912dd9b5d2b4e8 100644
--- a/roles/opensearch/tasks/main.yml
+++ b/roles/opensearch/tasks/main.yml
@@ -26,4 +26,4 @@
- firewall
- name: Start and enable opensearch
- systemd: name=opensearch.service enabled=yes state=started
+ systemd_service: name=opensearch.service enabled=yes state=started
diff --git a/roles/php_fpm/handlers/main.yaml b/roles/php_fpm/handlers/main.yaml
index 53c25acb653061ac6585331c532338b68ce70faa..71c5a8270d8399cd2d01a9fa009728993b7b91dd 100644
--- a/roles/php_fpm/handlers/main.yaml
+++ b/roles/php_fpm/handlers/main.yaml
@@ -1,3 +1,3 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/php_fpm/tasks/main.yaml b/roles/php_fpm/tasks/main.yaml
index 5f6bd608d62c042e8d38323afcbb40bf3b7fda3e..7e927d17c1a27c85e92f79c94e05e9b0b35f5f3c 100644
--- a/roles/php_fpm/tasks/main.yaml
+++ b/roles/php_fpm/tasks/main.yaml
@@ -5,7 +5,7 @@
copy: >
src={{ item }} dest=/etc/systemd/system/{{ item }}
owner=root group=root mode=0644
- with_items:
+ loop:
- php-fpm@.socket
- php-fpm@.service
notify: Daemon reload
diff --git a/roles/phrik/tasks/main.yml b/roles/phrik/tasks/main.yml
index c3aad23db3873dfa449bc21575df1a7ade90dcbd..20f95391b716907727bbdbbb892aba613f618778 100644
--- a/roles/phrik/tasks/main.yml
+++ b/roles/phrik/tasks/main.yml
@@ -9,13 +9,13 @@
- name: Adding users to phrik group
user: groups=phrik name="{{ item }}" append=yes
- with_items:
+ loop:
- demize
tags: ['archusers']
- name: Adding users to systemd-journal group for monitoring
user: groups=systemd-journal name="{{ item }}" append=yes
- with_items:
+ loop:
- demize
tags: ['archusers']
@@ -29,11 +29,11 @@
copy: src=phrik.service dest=/etc/systemd/system/phrik.service owner=root group=root mode=0644
- name: Start and enable pkgfile and phrikservice
- systemd:
+ systemd_service:
name: "{{ item }}"
enabled: true
state: started
daemon_reload: true
- with_items:
+ loop:
- pkgfile-update.timer
- phrik.service
diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml
index 2267dce371e1c15fffa247b6b4a2a54b0432534c..d0e8056d930f2177efc36be4f082ed407d11bc65 100644
--- a/roles/postfix/handlers/main.yml
+++ b/roles/postfix/handlers/main.yml
@@ -8,7 +8,7 @@
- name: Postmap additional files # noqa no-changed-when
command: postmap /etc/postfix/{{ item }}
- with_items:
+ loop:
- access_client
- access_sender
- access_sender-post-filter
diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml
index 2b898e9a2c81f20c9f898ea8becd632c78f543ea..eb1e2227a9260bbd3dccfe39a1da554117e50d32 100644
--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install template configs
template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- main.cf
- master.cf
- transport
@@ -17,7 +17,7 @@
- name: Install additional files
copy: src={{ item }} dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- access_client
- access_sender
- access_sender-post-filter
@@ -62,13 +62,13 @@
- name: Remove old files
file: path={{ item }} state=absent
- with_items:
+ loop:
- compat_maps
- compat_maps.db
- name: Open firewall holes
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
- smtp
- smtps
when: configure_firewall
diff --git a/roles/postfix_null/tasks/main.yml b/roles/postfix_null/tasks/main.yml
index 15f3f5eaac9669e07cf37b445bb4c43a1f3c00f9..ab5f476ab0656f5067ca483ba04d2fc847daed9c 100644
--- a/roles/postfix_null/tasks/main.yml
+++ b/roles/postfix_null/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install template configs
template: src={{ item.file }}.j2 dest=/etc/postfix/{{ item.file }} owner=root group={{ item.group }} mode={{ item.mode }}
- with_items:
+ loop:
- {file: main.cf, group: root, mode: 644}
- {file: relay_passwords, group: postfix, mode: 640}
notify:
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
index 6a4d3487fccf597e13ada5d9a8d00f150b4f866b..e5d39458156f674dfd13662d7311f62e28b80ea0 100644
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -30,7 +30,7 @@
- name: Configure postgres
template: src={{ item }}.j2 dest=/var/lib/postgres/data/{{ item }} owner=postgres group=postgres mode=0600
- with_items:
+ loop:
- postgresql.conf
- pg_hba.conf
notify:
@@ -67,7 +67,7 @@
- name: Open firewall holes to known postgresql ipv4 clients
ansible.posix.firewalld: zone={{ postgres_firewalld_zone }} permanent=true state=enabled immediate=yes
rich_rule="rule family=ipv4 source address={{ item }} port protocol=tcp port=5432 accept"
- with_items: "{{ postgres_hosts4 + postgres_ssl_hosts4 }}"
+ loop: "{{ postgres_hosts4 + postgres_ssl_hosts4 }}"
when: configure_firewall
tags:
- firewall
@@ -75,7 +75,7 @@
- name: Open firewall holes to known postgresql ipv6 clients
ansible.posix.firewalld: zone={{ postgres_firewalld_zone }} permanent=true state=enabled immediate=yes
rich_rule="rule family=ipv6 source address={{ item }} port protocol=tcp port=5432 accept"
- with_items: "{{ postgres_hosts6 + postgres_ssl_hosts6 }}"
+ loop: "{{ postgres_hosts6 + postgres_ssl_hosts6 }}"
when: configure_firewall
tags:
- firewall
diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml
index 42cd4e04686aa41b180bee515f50538ffba74551..eaf9e8a26b36925e04d698e65e47c4392a889e8e 100644
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@@ -19,8 +19,8 @@
notify: Reload prometheus
when: not prometheus_receive_only
-- name: Enable prometheus server service
- systemd: name=prometheus enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus server service
+ systemd_service: name=prometheus enabled=yes daemon_reload=yes state=started
- name: Open prometheus port for monitoring.archlinux.org
ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
diff --git a/roles/prometheus_exporters/tasks/main.yml b/roles/prometheus_exporters/tasks/main.yml
index ba077e0e71434610e8d9f4b7edba31c738d80c5f..5e1214fd0171a963c4024bcdf563bed4c1061317 100644
--- a/roles/prometheus_exporters/tasks/main.yml
+++ b/roles/prometheus_exporters/tasks/main.yml
@@ -35,8 +35,8 @@
template: src=prometheus-mysqld-exporter.j2 dest=/etc/conf.d/prometheus-mysqld-exporter owner=root group=root mode=600
when: "'mysql_servers' in group_names"
-- name: Enable prometheus-mysqld-exporter service
- systemd: name=prometheus-mysqld-exporter enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus-mysqld-exporter service
+ systemd_service: name=prometheus-mysqld-exporter enabled=yes daemon_reload=yes state=started
when: "'mysql_servers' in group_names"
- name: Copy prometheus memcached exporter configuration
@@ -51,7 +51,7 @@
- name: Install node exporter textcollector scripts
copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755
- with_items:
+ loop:
- arch-textcollector.sh
- borg-textcollector.sh
- borg-offsite-textcollector.sh
@@ -70,8 +70,8 @@
- name: Install arch textcollector timer
template: src=prometheus-arch-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-arch-textcollector.timer owner=root group=root mode=644
-- name: Enable and start prometheus arch textcollector timer
- systemd: name=prometheus-arch-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus arch textcollector timer
+ systemd_service: name=prometheus-arch-textcollector.timer enabled=yes daemon_reload=yes state=started
- name: Install borg textcollector services
template: src=prometheus-borg-textcollector.service.j2 dest=/etc/systemd/system/prometheus-{{ item.name }}-textcollector.service owner=root group=root mode=644
@@ -81,7 +81,7 @@
when: "'borg_clients' in group_names"
- name: Enable borg textcollector services
- systemd: name=prometheus-{{ item.name }}-textcollector.service enabled=yes daemon_reload=yes
+ systemd_service: name=prometheus-{{ item.name }}-textcollector.service enabled=yes daemon_reload=yes
loop:
- { name: borg, service: borg-backup }
- { name: borg-offsite, service: borg-backup-offsite }
@@ -95,8 +95,8 @@
template: src=prometheus-smart-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-smart-textcollector.timer owner=root group=root mode=644
when: ansible_virtualization_role == "host"
-- name: Enable and start prometheus smart textcollector timer
- systemd: name=prometheus-smart-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus smart textcollector timer
+ systemd_service: name=prometheus-smart-textcollector.timer enabled=yes daemon_reload=yes state=started
when: ansible_virtualization_role == "host"
- name: Install hetzner textcollector service
@@ -107,8 +107,8 @@
template: src=prometheus-hetzner-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-hetzner-textcollector.timer owner=root group=root mode=644
when: "inventory_hostname == 'monitoring.archlinux.org'"
-- name: Enable and start prometheus hetzner textcollector timer
- systemd: name=prometheus-hetzner-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus hetzner textcollector timer
+ systemd_service: name=prometheus-hetzner-textcollector.timer enabled=yes daemon_reload=yes state=started
when: "inventory_hostname == 'monitoring.archlinux.org'"
- name: Install gitlab-exporter
@@ -117,7 +117,7 @@
- name: Install gitlab-exporter service and configuration
template: src="{{ item.src }}" dest="{{ item.dest }}" owner=root group=root mode="{{ item.mode }}"
- with_items:
+ loop:
- { src: 'gitlab-exporter.conf.j2', dest: '/etc/conf.d/gitlab-exporter', mode: '0600' }
- { src: 'gitlab-exporter.service.j2', dest: '/etc/systemd/system/gitlab-exporter.service', mode: '0644' }
when: "inventory_hostname == 'gitlab.archlinux.org'"
@@ -126,8 +126,8 @@
copy: src=gitlab-exporter.timer dest="/etc/systemd/system/gitlab-exporter.timer" owner=root group=root mode=0644
when: "inventory_hostname == 'gitlab.archlinux.org'"
-- name: Enable and start gitlab-exporter timer
- systemd: name=gitlab-exporter.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable gitlab-exporter timer
+ systemd_service: name=gitlab-exporter.timer enabled=yes daemon_reload=yes state=started
when: "inventory_hostname == 'gitlab.archlinux.org'"
- name: Install fail2ban textcollector service
@@ -136,8 +136,8 @@
- name: Install fail2ban textcollector timer
template: src=prometheus-fail2ban-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-fail2ban-textcollector.timer owner=root group=root mode=644
-- name: Enable and start prometheus fail2ban textcollector timer
- systemd: name=prometheus-fail2ban-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus fail2ban textcollector timer
+ systemd_service: name=prometheus-fail2ban-textcollector.timer enabled=yes daemon_reload=yes state=started
- name: Install blackbox exporter configuration
template: src=blackbox.yml.j2 dest=/etc/prometheus/blackbox.yml owner=root group=root mode=0644
@@ -152,8 +152,8 @@
template: src=prometheus-rebuilderd-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-rebuilderd-textcollector.timer owner=root group=root mode=644
when: "'rebuilderd' in group_names"
-- name: Enable and start prometheus rebuilderd textcollector timer
- systemd: name=prometheus-rebuilderd-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus rebuilderd textcollector timer
+ systemd_service: name=prometheus-rebuilderd-textcollector.timer enabled=yes daemon_reload=yes state=started
when: "'rebuilderd' in group_names"
- name: Install rebuilderd textcollector service
@@ -168,16 +168,16 @@
template: src=prometheus-archive-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-archive-textcollector.timer owner=root group=root mode=644
when: "'archive_mirrors' in group_names or inventory_hostname == 'gemini.archlinux.org'"
-- name: Enable and start prometheus archive textcollector timer
- systemd: name=prometheus-archive-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus archive textcollector timer
+ systemd_service: name=prometheus-archive-textcollector.timer enabled=yes daemon_reload=yes state=started
when: "'archive_mirrors' in group_names or inventory_hostname == 'gemini.archlinux.org'"
- name: Install rebuilderd textcollector timer
template: src=prometheus-repository-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-repository-textcollector.timer owner=root group=root mode=644
when: "inventory_hostname == 'gemini.archlinux.org'"
-- name: Enable and start prometheus repository textcollector timer
- systemd: name=prometheus-repository-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus repository textcollector timer
+ systemd_service: name=prometheus-repository-textcollector.timer enabled=yes daemon_reload=yes state=started
when: "inventory_hostname == 'gemini.archlinux.org'"
- name: Install fastly textcollector script
@@ -191,8 +191,8 @@
- prometheus-fastly-textcollector.timer.j2
when: "inventory_hostname == 'monitoring.archlinux.org'"
-- name: Enable and start prometheus fastly textcollector timer
- systemd: name=prometheus-fastly-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus fastly textcollector timer
+ systemd_service: name=prometheus-fastly-textcollector.timer enabled=yes daemon_reload=yes state=started
when: "inventory_hostname == 'monitoring.archlinux.org'"
- name: Install sudoers for btrfs
@@ -207,19 +207,19 @@
template: src=prometheus-btrfs-textcollector.timer.j2 dest=/etc/systemd/system/prometheus-btrfs-textcollector.timer owner=root group=root mode=644
when: filesystem == "btrfs"
-- name: Enable and start prometheus btrfs textcollector timer
- systemd: name=prometheus-btrfs-textcollector.timer enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus btrfs textcollector timer
+ systemd_service: name=prometheus-btrfs-textcollector.timer enabled=yes daemon_reload=yes state=started
when: filesystem == "btrfs"
-- name: Enable prometheus-node-exporter service
- systemd: name=prometheus-node-exporter enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus-node-exporter service
+ systemd_service: name=prometheus-node-exporter enabled=yes daemon_reload=yes state=started
-- name: Enable prometheus-blackbox-exporter service
- systemd: name=prometheus-blackbox-exporter enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus-blackbox-exporter service
+ systemd_service: name=prometheus-blackbox-exporter enabled=yes daemon_reload=yes state=started
when: "'prometheus' in group_names"
-- name: Enable prometheus-memcached-exporter service
- systemd: name=prometheus-memcached-exporter enabled=yes daemon_reload=yes state=started
+- name: Start and enable prometheus-memcached-exporter service
+ systemd_service: name=prometheus-memcached-exporter enabled=yes daemon_reload=yes state=started
when: "'memcached' in group_names"
- name: Open prometheus-node-exporter ipv4 port for monitoring.archlinux.org
diff --git a/roles/promtail/handlers/main.yml b/roles/promtail/handlers/main.yml
index 7049090a4e4915e74d7b9ed429940896d2d92362..b22bf38d89d52cab25234c72caaaa7f61cdd2faa 100644
--- a/roles/promtail/handlers/main.yml
+++ b/roles/promtail/handlers/main.yml
@@ -1,2 +1,2 @@
- name: Restart promtail
- systemd: name=promtail daemon_reload=yes state=restarted
+ systemd_service: name=promtail daemon_reload=yes state=restarted
diff --git a/roles/promtail/tasks/main.yml b/roles/promtail/tasks/main.yml
index 2756da993284a81c8dc1adc3ee35c66a9149ffaf..2c34f9ca298c70da0a7bb52ba31a600f08babfb1 100644
--- a/roles/promtail/tasks/main.yml
+++ b/roles/promtail/tasks/main.yml
@@ -19,4 +19,4 @@
notify: Restart promtail
- name: Start and enable promtail
- systemd: name=promtail.service enabled=yes daemon_reload=yes state=started
+ systemd_service: name=promtail.service enabled=yes daemon_reload=yes state=started
diff --git a/roles/public_html/tasks/main.yml b/roles/public_html/tasks/main.yml
index 061b653d3961b1888426399f60780047765c6e7a..5118a552c8576bddaeb79a83e18cce6975bbd96a 100644
--- a/roles/public_html/tasks/main.yml
+++ b/roles/public_html/tasks/main.yml
@@ -12,13 +12,13 @@
- name: Install public_html units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- generate-public_html.timer
- generate-public_html.service
- name: Start and enable public_html units
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- generate-public_html.timer
- generate-public_html.service
diff --git a/roles/quassel/handlers/main.yml b/roles/quassel/handlers/main.yml
index 6c908e34bc23740bef804236f1c11b4f5c8257e1..5ac07cc1de6353c3e5ad2f0c3217de155fffce1c 100644
--- a/roles/quassel/handlers/main.yml
+++ b/roles/quassel/handlers/main.yml
@@ -1,2 +1,2 @@
- name: Daemon reload
- systemd: daemon_reload=yes
+ systemd_service: daemon_reload=yes
diff --git a/roles/quassel/tasks/main.yml b/roles/quassel/tasks/main.yml
index 12c80a2201757aab0d1d062c04c0ea827d0f6b4c..5d12fcb8661086670640b028ace8d43cbff5d24f 100644
--- a/roles/quassel/tasks/main.yml
+++ b/roles/quassel/tasks/main.yml
@@ -42,7 +42,7 @@
- name: Install quassel units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- clean-quassel.timer
- clean-quassel.service
notify:
@@ -56,13 +56,13 @@
- name: Start and enable quassel
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- quassel.service
- clean-quassel.timer
- name: Open firewall holes
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
- with_items:
+ loop:
- quassel
- ident
when: configure_firewall
diff --git a/roles/rebuilderd/tasks/main.yml b/roles/rebuilderd/tasks/main.yml
index 9e7de405880240cd5a95a97ee14fdc80f4c29f63..202ff8a100d5b88607fe235ae69f82fb171a8cef 100644
--- a/roles/rebuilderd/tasks/main.yml
+++ b/roles/rebuilderd/tasks/main.yml
@@ -22,9 +22,9 @@
- Reload nginx
tags: ['nginx']
-- name: Enable and start rebuilderd
- systemd: name=rebuilderd enabled=yes state=started
+- name: Start and enable rebuilderd
+ systemd_service: name=rebuilderd enabled=yes state=started
-- name: Enable and start rebuilderd-sync timer for {{ item }}
- systemd: name=rebuilderd-sync@archlinux-{{ item }}.timer enabled=yes state=started
- with_items: "{{ suites }}"
+- name: Start and enable rebuilderd-sync timer for {{ item }}
+ systemd_service: name=rebuilderd-sync@archlinux-{{ item }}.timer enabled=yes state=started
+ loop: "{{ suites }}"
diff --git a/roles/rebuilderd_worker/handlers/main.yml b/roles/rebuilderd_worker/handlers/main.yml
index 53c25acb653061ac6585331c532338b68ce70faa..71c5a8270d8399cd2d01a9fa009728993b7b91dd 100644
--- a/roles/rebuilderd_worker/handlers/main.yml
+++ b/roles/rebuilderd_worker/handlers/main.yml
@@ -1,3 +1,3 @@
- name: Daemon reload
- systemd:
+ systemd_service:
daemon-reload: true
diff --git a/roles/rebuilderd_worker/tasks/main.yml b/roles/rebuilderd_worker/tasks/main.yml
index c145cb41d4b37cb188320d6070210401062cd93a..4bfc605fbe70e029a0c0ed560a6e4313e5bb6ddc 100644
--- a/roles/rebuilderd_worker/tasks/main.yml
+++ b/roles/rebuilderd_worker/tasks/main.yml
@@ -10,9 +10,9 @@
- name: Install archlinux-repro configuration
copy: src=repro.conf dest=/etc/archlinux-repro/repro.conf owner=root group=root mode=0660
-- name: Enable and start rebuilderd-worker@{{ item }}
- systemd: name=rebuilderd-worker@{{ item }} enabled=yes state=started
- with_items: '{{ rebuilderd_workers }}'
+- name: Start and enable rebuilderd-worker@{{ item }}
+ systemd_service: name=rebuilderd-worker@{{ item }} enabled=yes state=started
+ loop: '{{ rebuilderd_workers }}'
- name: Install cleanup script
copy: src=clean-repro dest=/usr/local/bin/clean-repro owner=root group=root mode=0755
diff --git a/roles/repo_archive_split_temp/tasks/main.yml b/roles/repo_archive_split_temp/tasks/main.yml
index 001ee86d618d72c429095f641780a6798f010741..d78436e3f301a84ae74d53a1b92d07fd2d22c6c9 100644
--- a/roles/repo_archive_split_temp/tasks/main.yml
+++ b/roles/repo_archive_split_temp/tasks/main.yml
@@ -45,11 +45,11 @@
- name: Install systemd timers
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
- with_items:
+ loop:
- gen_rsyncd.timer
- gen_rsyncd.service
- name: Activate systemd timers
service: name={{ item }} enabled=yes state=started
- with_items:
+ loop:
- gen_rsyncd.timer
diff --git a/roles/rsync_net/tasks/main.yml b/roles/rsync_net/tasks/main.yml
index b27daf0204081c10dedeaf5bc50b261ef90e8955..9233c449689a8eb647ad7a14ea3d463d5ed15768 100644
--- a/roles/rsync_net/tasks/main.yml
+++ b/roles/rsync_net/tasks/main.yml
@@ -10,7 +10,7 @@
command: cat /root/.ssh/id_rsa.pub
register: client_ssh_keys
delegate_to: "{{ item }}"
- with_items: "{{ backup_clients }}"
+ loop: "{{ backup_clients }}"
changed_when: client_ssh_keys.changed
- name: Create tempfile
diff --git a/roles/security_tracker/tasks/main.yml b/roles/security_tracker/tasks/main.yml
index f689f48d07227cbf8292bfcc3ff3ea0928d54e63..79714d326954b27a0619b5fb15512460721e1157 100644
--- a/roles/security_tracker/tasks/main.yml
+++ b/roles/security_tracker/tasks/main.yml
@@ -42,7 +42,7 @@
- name: Copy security-tracker units
copy: src="{{ item }}" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
- with_items:
+ loop:
- security-tracker-update.timer
- security-tracker-update.service
notify:
@@ -56,7 +56,7 @@
become: true
become_user: security
command: /usr/bin/gpg --keyserver keys.openpgp.org --auto-key-locate wkd,keyserver --locate-keys {{ item }}
- with_items:
+ loop:
- anthraxx@archlinux.org
- jelle@archlinux.org
- foutrelis@archlinux.org
@@ -108,7 +108,7 @@
when: release.changed
- name: Start and enable security-tracker timer
- systemd:
+ systemd_service:
name: security-tracker-update.timer
enabled: true
state: started
diff --git a/roles/sudo/tasks/main.yml b/roles/sudo/tasks/main.yml
index f2c7b3a3076f2e2c84413e0d62ff09b76fe0e6ae..f1ef976ef94d1928cfae88f6da28624ecff5a9a4 100644
--- a/roles/sudo/tasks/main.yml
+++ b/roles/sudo/tasks/main.yml
@@ -9,7 +9,7 @@
- name: Add sudo users to wheel
user: name="{{ item }}" append=yes groups=wheel
- with_items: "{{ sudo_users }}"
+ loop: "{{ sudo_users }}"
tags: ['archusers']
- name: Allow wheel group to use sudo
diff --git a/roles/tempo/tasks/main.yml b/roles/tempo/tasks/main.yml
index a7ed27a47c0a98dd66c54ee02e0d1edbc781d318..e5e6c41f3915e3c89ea4d6d15c0499a6c912a2d1 100644
--- a/roles/tempo/tasks/main.yml
+++ b/roles/tempo/tasks/main.yml
@@ -12,5 +12,5 @@
notify:
- Restart tempo
-- name: Enable tempo server service
- systemd: name=tempo enabled=yes daemon_reload=yes state=started
+- name: Start and enable tempo server service
+ systemd_service: name=tempo enabled=yes daemon_reload=yes state=started
diff --git a/roles/uwsgi/tasks/main.yml b/roles/uwsgi/tasks/main.yml
index aded5415c795f09f13cfd39da21f2c3ef1f739ff..5dca0fae27e22057aa73a1d687e6e15b305fdd5c 100644
--- a/roles/uwsgi/tasks/main.yml
+++ b/roles/uwsgi/tasks/main.yml
@@ -15,5 +15,5 @@
- name: Create default uwsgi log directory
file: state=directory path=/var/log/uwsgi owner=uwsgi group=http mode=0770
-- name: Enable and start emperor.uwsgi.service
+- name: Start and enable and start emperor.uwsgi.service
service: name=emperor.uwsgi enabled=yes state=started