aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
-rw-r--r--roles/apt/tasks/main.yml8
-rw-r--r--roles/common/handlers/main.yml4
-rw-r--r--roles/common/tasks/main.yml5
-rw-r--r--roles/common/tasks/tool.yml4
-rw-r--r--roles/docker/tasks/main.yml11
-rw-r--r--roles/dotfiles/tasks/main.yml8
-rw-r--r--roles/etckeeper/tasks/main.yml3
-rw-r--r--roles/flatpak/tasks/main.yml2
-rw-r--r--roles/my_server/tasks/main.yml8
-rw-r--r--roles/pacman/tasks/main.yml28
-rw-r--r--roles/rate_mirrors/tasks/main.yml22
-rw-r--r--roles/snap/tasks/main.yml10
-rw-r--r--roles/vagrant/tasks/main.yml6
-rw-r--r--roles/yay/tasks/main.yml5
14 files changed, 65 insertions, 59 deletions
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
index d658651..297307b 100644
--- a/roles/apt/tasks/main.yml
+++ b/roles/apt/tasks/main.yml
@@ -1,19 +1,19 @@
- name: Upgrade packages
become: true
- apt:
+ ansible.builtin.apt:
update_cache: true
upgrade: full
notify: reboot
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
- name: Clean up dependencies
become: true
- apt:
+ ansible.builtin.apt:
autoremove: true
purge: true
notify: reboot
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index f569bd6..4942957 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Reboot
- reboot:
+ ansible.builtin.reboot:
args:
# On my trusty old Raspberry Pi 1 Model B+, /proc/sys/kernel/random/boot_id
# can sometimes stay the same between reboots. Apparently, not enough
@@ -17,7 +17,7 @@
- name: Wait for connectivity
# One of the nodes is the VPN server connecting all the other nodes, wait
# until all of them are back up:
- wait_for_connection:
+ ansible.builtin.wait_for_connection:
args:
# 5 minutes is plenty.
timeout: 300
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 558f268..fb0eaed 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,4 +1,5 @@
-- include_tasks: tool.yml
+- name: Check available tools
+ ansible.builtin.include_tasks: tool.yml
loop:
- apt
- docker
@@ -11,6 +12,6 @@
- name: Check if /etc is versioned
become: true
- stat:
+ ansible.builtin.stat:
path: /etc/.git/config
register: etc_versioned
diff --git a/roles/common/tasks/tool.yml b/roles/common/tasks/tool.yml
index f8fda64..48d0acc 100644
--- a/roles/common/tasks/tool.yml
+++ b/roles/common/tasks/tool.yml
@@ -1,8 +1,8 @@
- name: "Check for {{ item }}"
- command: "{{ item }} --version"
+ ansible.builtin.command: "{{ item }} --version"
register: cmd_result
changed_when: false
failed_when: false
- name: "Set fact about {{ item }}"
- set_fact: "has_{{ item | replace('-', '_') }}={{ cmd_result.rc == 0 }}"
+ ansible.builtin.set_fact: "has_{{ item | replace('-', '_') }}={{ cmd_result.rc == 0 }}"
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index e39d66f..601dca2 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,12 +1,3 @@
- name: Clean up Docker data
become: true
- command: docker system prune -a -f --volumes
- # Broken after a Docker upgrade:
- #community.docker.docker_prune:
- # containers: true
- # images: true
- # images_filters:
- # dangling: false
- # networks: true
- # volumes: true
- # builder_cache: true
+ ansible.builtin.command: docker system prune -a -f --volumes
diff --git a/roles/dotfiles/tasks/main.yml b/roles/dotfiles/tasks/main.yml
index 3f4d885..6aebcc3 100644
--- a/roles/dotfiles/tasks/main.yml
+++ b/roles/dotfiles/tasks/main.yml
@@ -1,5 +1,5 @@
- name: ssh-agent hack
- acl:
+ ansible.posix.acl:
name: "{{ item }}"
etype: user
entity: "{{ dotfiles_user }}"
@@ -14,7 +14,7 @@
become_user: "{{ dotfiles_user }}"
block:
- name: Pull repositories
- git:
+ ansible.builtin.git:
accept_hostkey: true
dest: "~/workspace/personal/{{ item }}"
repo: "git@github.com:egor-tensin/{{ item }}.git"
@@ -23,11 +23,11 @@
- config-links
- name: Run update.sh
- command: ./update.sh
+ ansible.builtin.command: ./update.sh
args:
chdir: ~/workspace/personal/linux-home
- name: Update Vim plugins
- command: ./vim_plugins.sh
+ ansible.builtin.command: ./vim_plugins.sh
args:
chdir: ~/workspace/personal/linux-home
diff --git a/roles/etckeeper/tasks/main.yml b/roles/etckeeper/tasks/main.yml
index 0339c61..19f9b86 100644
--- a/roles/etckeeper/tasks/main.yml
+++ b/roles/etckeeper/tasks/main.yml
@@ -1,4 +1,5 @@
-- become: true
+- name: Make sure git is configured
+ become: true
block:
- name: Set user.name
community.general.git_config:
diff --git a/roles/flatpak/tasks/main.yml b/roles/flatpak/tasks/main.yml
index fc3f7ba..4aa39a2 100644
--- a/roles/flatpak/tasks/main.yml
+++ b/roles/flatpak/tasks/main.yml
@@ -1,3 +1,3 @@
- name: Upgrade packages
- command: flatpak update --noninteractive
+ ansible.builtin.command: flatpak update --noninteractive
become: true
diff --git a/roles/my_server/tasks/main.yml b/roles/my_server/tasks/main.yml
index 36cb4cc..eaf6aa5 100644
--- a/roles/my_server/tasks/main.yml
+++ b/roles/my_server/tasks/main.yml
@@ -1,14 +1,14 @@
- name: 'Check if {{ server_dir }}/docker-compose.yml exists'
become: true
- stat:
+ ansible.builtin.stat:
path: '{{ server_dir }}/docker-compose.yml'
register: server_exists
-- when: server_exists.stat.exists
- name: Update containers
+- name: Update containers
+ when: server_exists.stat.exists
become: true
# community.docker.docker_compose is too confusing for me to use, sorry.
- shell: |
+ ansible.builtin.shell: |
docker-compose pull -q && \
docker-compose build --force-rm --pull -q && \
docker-compose up --remove-orphans -d
diff --git a/roles/pacman/tasks/main.yml b/roles/pacman/tasks/main.yml
index e628873..ed9250d 100644
--- a/roles/pacman/tasks/main.yml
+++ b/roles/pacman/tasks/main.yml
@@ -1,4 +1,5 @@
-- become: true
+- name: Upgrade packages or fail gracefully
+ become: true
block:
- name: Upgrade packages
community.general.pacman:
@@ -7,31 +8,35 @@
register: pacman_result
notify: reboot
- - debug:
+ - name: Show upgraded packages
+ ansible.builtin.debug:
var: pacman_result.packages
when: pacman_result.changed
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
rescue:
- - fail:
+ - name: Fail if /etc is not versioned
+ ansible.builtin.fail:
msg: Upgrading packages failed for an unknown reason!
when: not etc_versioned
- name: Check for changes in /etc
- command: git status --porcelain=v1
+ ansible.builtin.command: git status --porcelain=v1
args:
chdir: /etc
register: git_status
changed_when: false
failed_when: false
- - fail:
+ - name: Fail if there're no unstaged changes in /etc
+ ansible.builtin.fail:
msg: Upgrading packages failed for an unknown reason!
when: not git_status.stdout
- name: All changes in /etc are in pacman.d/gnupg?
- shell: |
+ ansible.builtin.shell: |
+ set -o pipefail && \
git status --porcelain=v1 \
| cut -c 4- \
| grep -G -v '^pacman.d/gnupg/'
@@ -42,20 +47,21 @@
failed_when: false
- name: Commit changes in /etc
- command: |
+ ansible.builtin.command: |
etckeeper commit 'pacman: GPG keys'
when: git_status.stdout and only_gnupg.rc != 0
- - name: Upgrade packages after GPG keys
+ - name: Retry upgrading packages
community.general.pacman:
update_cache: true
upgrade: true
register: pacman_result
notify: reboot
- - debug:
+ - name: Show upgraded packages
+ ansible.builtin.debug:
var: pacman_result.packages
when: pacman_result.changed
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
diff --git a/roles/rate_mirrors/tasks/main.yml b/roles/rate_mirrors/tasks/main.yml
index 8777fbd..4d76ff3 100644
--- a/roles/rate_mirrors/tasks/main.yml
+++ b/roles/rate_mirrors/tasks/main.yml
@@ -1,41 +1,45 @@
-- become: true
+- name: As root user
+ become: true
block:
- - when: etc_versioned
+ - name: Fail if there're uncommitted changes in /etc
+ when: etc_versioned
block:
- name: Check for changes in /etc
- command: git status --porcelain=v1
+ ansible.builtin.command: git status --porcelain=v1
args:
chdir: /etc
register: git_status
changed_when: false
failed_when: false
- - fail:
+ - ansible.builtin.fail:
msg: There are uncommitted changes in /etc
when: git_status.stdout
- name: Rate pacman mirrors
- shell: |
+ ansible.builtin.shell: |
. /etc/os-release && rate-mirrors \
--allow-root \
--disable-comments \
--save=/etc/pacman.d/mirrorlist \
"$ID"
- - when: etc_versioned
+ - name: Commit pacman.d/mirrorlist
+ when: etc_versioned
block:
- name: Check for changes in /etc
- command: git status --porcelain=v1
+ ansible.builtin.command: git status --porcelain=v1
args:
chdir: /etc
register: git_status
changed_when: false
failed_when: false
- - fail:
+ - name: Fail if there're other uncommitted changes
+ ansible.builtin.fail:
msg: How did this happen?
when: git_status.stdout != ' M pacman.d/mirrorlist'
- name: Commit changes in /etc/pacman.d/mirrorlist
- command: |
+ ansible.builtin.command: |
etckeeper commit 'rate-mirrors'
diff --git a/roles/snap/tasks/main.yml b/roles/snap/tasks/main.yml
index f3be9ba..cce49b0 100644
--- a/roles/snap/tasks/main.yml
+++ b/roles/snap/tasks/main.yml
@@ -1,7 +1,8 @@
-- become: true
+- name: As root user
+ become: true
block:
- name: Check for changes in /etc
- command: git status --porcelain=v1
+ ansible.builtin.command: git status --porcelain=v1
args:
chdir: /etc
register: git_status
@@ -9,7 +10,8 @@
failed_when: false
- name: All changes in /etc are snap changes?
- shell: |
+ ansible.builtin.shell: |
+ set -o pipefail && \
git status --porcelain=v1 \
| cut -c 4- \
| grep -G -v '^systemd/system/' \
@@ -21,5 +23,5 @@
failed_when: false
- name: Commit changes in /etc
- command: etckeeper commit 'after snap run'
+ ansible.builtin.command: etckeeper commit 'after snap run'
when: git_status.stdout and only_snap.rc != 0
diff --git a/roles/vagrant/tasks/main.yml b/roles/vagrant/tasks/main.yml
index 53a64c2..32e9722 100644
--- a/roles/vagrant/tasks/main.yml
+++ b/roles/vagrant/tasks/main.yml
@@ -1,9 +1,9 @@
- name: Update plugins
- command: vagrant plugin update
+ ansible.builtin.command: vagrant plugin update
- name: Prune invalid entries
- command: vagrant global-status --prune
+ ansible.builtin.command: vagrant global-status --prune
become: true
- name: Clean up boxes
- command: vagrant box prune --force --keep-active-boxes
+ ansible.builtin.command: vagrant box prune --force --keep-active-boxes
diff --git a/roles/yay/tasks/main.yml b/roles/yay/tasks/main.yml
index bd8effb..42150bf 100644
--- a/roles/yay/tasks/main.yml
+++ b/roles/yay/tasks/main.yml
@@ -7,9 +7,10 @@
register: yay_result
notify: reboot
-- debug:
+- name: Show yay result
+ ansible.builtin.debug:
var: yay_result
when: yay_result
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers