Verified Commit 59f65876 authored by Maciej Delmanowski's avatar Maciej Delmanowski

Merge branch 'drybjed-various-improvements'

parents 4dc361af 38a6f092
Pipeline #62483628 passed with stages
in 195 minutes and 35 seconds
......@@ -293,6 +293,12 @@ Changed
This removes the unnecessary split between user account definitions and
definitions of their files/directories.
- Bash scripts and ``shell``/``command`` Ansible modules now use relative
:command:`bash` interpreter instead of an absolute :file:`/bin/bash`. This
should help make the DebOps roles more portable, and prepare the project for
the merged :file:`/bin` and :file:`/usr/bin` directories in a future Debian
release.
Removed
~~~~~~~
......
......@@ -85,7 +85,7 @@
fi
done
args:
executable: '/bin/bash'
executable: 'bash'
register: apparmor__register_enforce_all_profiles
changed_when: (apparmor__register_enforce_all_profiles.stdout|d())
when: (apparmor__enforce_all_profiles|d() | bool)
......
#!/bin/bash
#!/usr/bin/env bash
## Upgrade inventory variables for migration from systemli.rootcrypto to debops-contrib.dropbear_initramfs.
## The script is idempotent.
......
......@@ -96,7 +96,7 @@
shell: set -o nounset -o pipefail -o errexit &&
cat {{ (volkszaehler__git_dest + "/misc/sql/demo.sql")|quote }} | mysql {{ volkszaehler__database_name }}
args:
executable: '/bin/bash'
executable: 'bash'
become: True
become_user: '{{ volkszaehler__user }}'
when: (not (ansible_local.volkszaehler[volkszaehler__database + "_demo_insert"]|bool
......
#!/bin/bash
#!/usr/bin/env bash
# bootstrap-ansible: download and build Ansible on a Debian/Ubuntu host
......
......@@ -54,7 +54,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/apt/*.dpkg-divert' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: apt__register_diversions
when: apt__enabled|bool
check_mode: False
......
......@@ -15,7 +15,7 @@
dumpe2fs -h $(df {{ boxbackup_storage }} | tail -n 1 \
| awk '{ print $1 }') | grep 'Block size' | awk '{ print $3 }'"
args:
executable: '/bin/bash'
executable: 'bash'
register: boxbackup_storage_blocksize
changed_when: False
......
......@@ -252,7 +252,7 @@ core__unsafe_writes: False
# .. envvar:: core__base_packages [[[
#
# List of packages required by Ansible local fact scripts.
core__base_packages: [ 'libcap2-bin', 'lsb-release', 'dbus' ]
core__base_packages: [ 'bash', 'libcap2-bin', 'lsb-release', 'dbus' ]
# ]]]
# .. envvar:: core__packages [[[
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed remotely, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed remotely, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed remotely, all changes will be lost
......
......@@ -44,7 +44,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dmidecode --string system-uuid | tail -n 1 || true
args:
executable: '/bin/bash'
executable: 'bash'
register: core__register_uuid
changed_when: False
......@@ -52,8 +52,6 @@
template:
src: 'etc/ansible/facts.d/{{ item }}.fact.j2'
dest: '/etc/ansible/facts.d/{{ item }}.fact'
owner: 'root'
group: 'root'
mode: '0755'
with_items: [ 'core', 'resolver', 'root', 'tags', 'uuid' ]
register: core__register_core_fact
......@@ -62,8 +60,6 @@
copy:
src: 'etc/ansible/facts.d/'
dest: '/etc/ansible/facts.d/'
owner: 'root'
group: 'root'
mode: '0755'
register: core__register_fact_scripts
......
......@@ -53,7 +53,7 @@
{{ item.keyfile_gen_command|d(cryptsetup__keyfile_gen_command) }} \
| tr -d "\n" > {{ (item.keyfile | d(cryptsetup__secret_path + "/" + item.name + "/keyfile.raw")) | quote }}'
args:
executable: '/bin/bash'
executable: 'bash'
creates: '{{ item.keyfile | d(cryptsetup__secret_path + "/" + item.name + "/keyfile.raw") }}'
become: False
delegate_to: 'localhost'
......@@ -118,7 +118,7 @@
# fi
# args:
# creates: '{{ item.ciphertext_block_device }}{{ item.label_of_first_partition|d("1") }}'
# executable: '/bin/bash'
# executable: 'bash'
# when: (item.state|d(cryptsetup__state) in
# [ 'mounted', 'ansible_controller_mounted', 'present' ] and
# item.create_partition_on_block_device|d(False))
......@@ -193,7 +193,7 @@
+ "/" + item.0.name + "_keyfile.raw") }}'
'{{ item.0.ciphertext_block_device }}'
args:
executable: '/bin/bash'
executable: 'bash'
register: cryptsetup__register_cmd
changed_when: ("Command successful." == cryptsetup__register_cmd.stdout)
when: (item.0.state|d(cryptsetup__state) in
......
......@@ -6,7 +6,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list | grep -E '^local diversion' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: debops_legacy__register_diversions
check_mode: False
changed_when: False
......@@ -22,7 +22,7 @@
- name: Remove legacy diversions
shell: rm -f {{ item.name }} ; dpkg-divert --quiet --local --rename --remove {{ item.name }}
args:
executable: '/bin/sh'
executable: 'sh'
removes: '{{ item.diversion | d(item.name + ".dpkg-divert") }}'
warn: False
with_items: '{{ debops_legacy__remove_combined_diversions | parse_kv_items }}'
......
......@@ -7,7 +7,7 @@
shell: set -o nounset -o pipefail -o errexit &&
grep -E '^nameserver\s' /etc/resolv.conf | awk '{print $2}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: dhcpd_register_nameservers
changed_when: False
when: dhcpd_mode == 'server'
......
......@@ -9,7 +9,7 @@
openssl version | awk '{print $2}'
{% endif %}
args:
executable: '/bin/bash'
executable: 'bash'
changed_when: False
register: dhparam__register_version
delegate_to: 'localhost'
......
......@@ -14,7 +14,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/docker/registry/*.dpkg-divert' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: docker_registry__register_diversions
check_mode: False
changed_when: False
......
......@@ -126,7 +126,7 @@
shell: set -o nounset -o pipefail -o errexit &&
etckeeper vcs ls-files -i --exclude-standard -z | xargs -0 --no-run-if-empty etckeeper vcs rm --cached --
args:
executable: '/bin/bash'
executable: 'bash'
register: etckeeper__register_git_rm_cached_ignored_files
when:
- etckeeper__enabled|bool
......
......@@ -49,7 +49,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/freeradius/*.dpkg-divert' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: freeradius__register_diversions
check_mode: False
changed_when: False
......
......@@ -189,7 +189,7 @@
shell: set -o nounset -o pipefail -o errexit &&
ssh-keygen -f {{ gitlab_runner__home }}/.ssh/known_hosts -F {{ item }} | grep -q '^# Host {{ item }} found'
args:
executable: '/bin/bash'
executable: 'bash'
with_items: '{{ gitlab_runner__ssh_known_hosts }}'
when: gitlab_runner__ssh_known_hosts|d()
register: gitlab_runner__register_known_hosts
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# This file is managed by Ansible, all changes will be lost
......
#!/bin/bash
#!/usr/bin/env bash
# Check out git branch to work directory
......
......@@ -55,7 +55,7 @@
{{ "" if grub__hash_length|d() == "default" else ("--buflen=" + grub__hash_length) }}
| perl -ne 's/^(:?Your PBKDF2|PBKDF2 hash of your password) is //ms && print'
args:
executable: '/bin/bash'
executable: 'bash'
register: grub__register_pw_hashes
with_together:
- '{{ grub__combined_users }}'
......
#!/bin/bash
#!/usr/bin/env bash
# Start all enabled and inactive Green Unicorn systemd instances
# This script is executed by the role handler at the end of the playbook run
......
......@@ -164,7 +164,7 @@
| sha256sum --check --status
args:
chdir: '{{ hashicorp__src + "/" + item + "/" + hashicorp__combined_version_map[item] }}'
executable: '/bin/bash'
executable: 'bash'
with_items: '{{ (hashicorp__applications + hashicorp__dependent_applications) | unique }}'
register: hashicorp__register_hash
changed_when: False
......
......@@ -28,7 +28,7 @@
- name: Get list of active kernel modules
shell: set -o nounset -o pipefail -o errexit && lsmod | awk '{print $1}'
args:
executable: '/bin/bash'
executable: 'bash'
register: hwraid_register_modules
changed_when: False
......
......@@ -70,7 +70,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/icinga2/*.dpkg-divert' | grep -E '^local diversion' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: icinga__register_diversions
check_mode: False
changed_when: False
......
#!/bin/bash
#!/usr/bin/env bash
# Reconfigure changed network interfaces
# Part of the debops.ifupdown Ansible role
......
......@@ -3,7 +3,7 @@
- name: Check systemd version
shell: set -o nounset -o pipefail -o errexit && systemd --version | head -n 1 | awk '{print $2}'
args:
executable: '/bin/bash'
executable: 'bash'
register: ifupdown__register_systemd_version
check_mode: False
changed_when: False
......
......@@ -66,7 +66,7 @@
-w {{ ipxe_debian_pxeboot_workdir }}/firmware |
gzip -c > {{ ipxe_debian_pxeboot_workdir }}/firmware.cpio.gz
args:
executable: '/bin/bash'
executable: 'bash'
when: ipxe_register_firmware|d() and ipxe_register_firmware is changed
- name: Create Debian netboot initrd with firmware
......
......@@ -45,7 +45,7 @@
shell: set -o nounset -o pipefail -o errexit &&
bin/kibana-plugin list | cut -d@ -f1
args:
executable: '/bin/bash'
executable: 'bash'
chdir: '/usr/share/kibana'
register: kibana__register_plugins
become: True
......
......@@ -170,7 +170,7 @@
shell: 'set -o nounset -o pipefail -o errexit &&
getent passwd | cut -d: -f1'
args:
executable: '/bin/bash'
executable: 'bash'
register: librenms__register_passwd
changed_when: False
check_mode: False
......
......@@ -7,7 +7,7 @@
shell: set -o nounset -o pipefail -o errexit &&
egrep 'vmx|svm|0xc0f' /proc/cpuinfo || true
args:
executable: '/bin/bash'
executable: 'bash'
register: libvirtd__register_hw_virt
check_mode: False
changed_when: False
......@@ -109,7 +109,7 @@
shell: set -o nounset -o pipefail -o errexit &&
findmnt -n -o FS-OPTIONS --target /sys | tr ',' '\n'
args:
executable: '/bin/bash'
executable: 'bash'
register: libvirtd__register_sysfs
changed_when: False
check_mode: False
......@@ -7,7 +7,7 @@
shell: set -o nounset -o pipefail -o errexit &&
egrep --color=auto 'vmx|svm|0xc0f' /proc/cpuinfo || true
args:
executable: '/bin/bash'
executable: 'bash'
register: libvirtd_qemu__register_hw_virt
check_mode: False
changed_when: False
......
......@@ -22,7 +22,7 @@
dpkg-divert --quiet --local --rename --remove /etc/cron.daily/logrotate
{% endif %}
args:
executable: '/bin/bash'
executable: 'bash'
creates: '{{ "/etc/cron." + logrotate__cron_period + "/logrotate"
if (logrotate__cron_period in [ "hourly", "weekly", "monthly" ])
else "/etc/cron.daily/logrotate" }}'
......@@ -56,7 +56,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/logrotate.d/*.dpkg-divert' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: logrotate__register_diversions
check_mode: False
changed_when: False
......
......@@ -20,7 +20,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-query -W -f='${Version}\n' 'lvm2' | grep -v '^$' | cut -d- -f1
args:
executable: '/bin/bash'
executable: 'bash'
register: lvm__register_version
changed_when: False
check_mode: False
......
#!/bin/bash
#!/usr/bin/env bash
# Usage: lxc-hwaddr-static <container_name>
......
#!/bin/bash
#!/usr/bin/env bash
# A simple script to create na uprivileged LXC container based on current LXC
# host distribution, release and architecture. The script uses the
......
#!/bin/bash
#!/usr/bin/env bash
# Prepare a LXC container for remote management by adding authorized SSH keys
# to its 'root' account. The script will ensure that OpenSSH is installed in
......
#!/bin/bash
#!/usr/bin/env bash
# Script installed by the 'debops.lxc' Ansible role
......
#!/bin/bash
#!/usr/bin/env bash
# Script installed by the 'debops.lxc' Ansible role
......
......@@ -38,7 +38,7 @@
rm -f /etc/issue ; dpkg-divert --quiet --local --rename --remove /etc/issue
args:
warn: False
executable: '/bin/bash'
executable: 'bash'
removes: '/etc/issue.dpkg-divert'
when: machine__enabled|bool and machine__etc_issue_state|d('present') == 'absent'
......@@ -97,7 +97,7 @@
shell: set -o nounset -o pipefail -o errexit &&
dpkg-divert --list '/etc/update-motd.d/*.disabled' | awk '{print $NF}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: machine__register_motd_diversions
check_mode: False
changed_when: False
......
#!/bin/bash
#!/usr/bin/env bash
# convert-mailman-to-utf8: convert mailman language packs to UTF-8 charset and
# apply some patches
......
......@@ -96,7 +96,7 @@
+ '/admin/password chars=ascii,numbers,digits,hexdigits length=' + mailman__site_password_length) }}
args:
creates: '/var/lib/mailman/lists/{{ mailman__site_list }}/config.pck'
executable: '/bin/bash'
executable: 'bash'
become: True
become_user: 'list'
register: mailman__register_site_list
......@@ -121,7 +121,7 @@
{{ item.name }}
args:
removes: '/var/lib/mailman/lists/{{ item.name }}/config.pck'
executable: '/bin/sh'
executable: 'sh'
with_items: '{{ mailman__lists }}'
become: True
become_user: 'list'
......@@ -152,7 +152,7 @@
{% endif %}
args:
creates: '/var/lib/mailman/lists/{{ item.name }}/config.pck'
executable: '/bin/bash'
executable: 'bash'
with_items: '{{ mailman__lists }}'
become: True
become_user: 'list'
......
......@@ -11,7 +11,7 @@
'percona-server-server*'
| grep -v '^$'
args:
executable: '/bin/bash'
executable: 'bash'
register: mariadb__register_version
changed_when: False
failed_when: False
......
......@@ -12,7 +12,7 @@
'percona-server-server' 'mysql-wsrep-server-5.6'
| grep -v '^$'
args:
executable: '/bin/bash'
executable: 'bash'
register: mariadb_server__register_version
check_mode: False
changed_when: False
......
......@@ -49,7 +49,7 @@
shell: set -o nounset -o pipefail -o errexit &&
mosquitto -h | head -n 1 | awk '{print $3}' || true
args:
executable: '/bin/bash'
executable: 'bash'
register: mosquitto__register_version
changed_when: False
check_mode: False
......
......@@ -196,7 +196,7 @@
| ./manage.py shell
args:
chdir: '{{ netbox__git_checkout + "/netbox" }}'
executable: '/bin/bash'
executable: 'bash'
become: True
become_user: '{{ netbox__user }}'