diff --git a/handlers/main.yml b/handlers/main.yml index 22ebb37d..4473cd0d 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -100,7 +100,6 @@ nc_command: debian: nc -q 1 $(awk '/^\-l/ {print $2}' "/etc/memcached.conf" | awk -F, '{print $1}') $(awk '/^\-p/ {print $2}' "/etc/memcached.conf") redhat: nc $(awk -F '-l' '/^OPTIONS/ {print $2}' "/etc/sysconfig/memcached" | awk -F ',' '{gsub(/"/, "", $1); print $1}' | awk -F '-' '{print $1}') 11211 - suse: nc -w 1 $(awk -F '-l' '/^MEMCACHED_PARAMS/ {print $2}' "/etc/sysconfig/memcached" | awk -F ',' '{gsub(/"/, "", $1); print $1}' | awk -F '-' '{print $1}') 11211 shell: "echo 'flush_all' | {{ nc_command.get(ansible_facts['os_family'] | lower) }}" delegate_to: "{{ item }}" with_items: "{{ groups.memcached_all }}" diff --git a/meta/main.yml b/meta/main.yml index e21550b7..213588d5 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -22,17 +22,14 @@ galaxy_info: platforms: - name: Debian versions: - - stretch + - buster - name: Ubuntu versions: - - xenial - bionic + - focal - name: EL versions: - - 7 - - name: opensuse - versions: - - 15 + - 8 categories: - cloud - python diff --git a/tasks/keystone_apache.yml b/tasks/keystone_apache.yml index 6f45e0a7..f89c3b40 100644 --- a/tasks/keystone_apache.yml +++ b/tasks/keystone_apache.yml @@ -44,14 +44,14 @@ - Restart web server ## NOTE(cloudnull): -## Module enable/disable process is only functional on Debian and SUSE based systems. +## Module enable/disable process is only functional on Debian - name: Enable/disable apache2 modules apache2_module: name: "{{ item.name }}" state: "{{ item.state }}" with_items: "{{ keystone_apache_modules }}" when: - - ansible_facts['pkg_mgr'] in ['apt', 'zypper'] + - ansible_facts['pkg_mgr'] == 'apt' notify: - Manage LB - Restart web server @@ -64,7 +64,7 @@ line: 'LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so' state: "present" when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' notify: - Manage LB - Restart web server diff --git a/tasks/keystone_install.yml b/tasks/keystone_install.yml index c884350c..fb3aea4f 100644 --- a/tasks/keystone_install.yml +++ b/tasks/keystone_install.yml @@ -24,7 +24,7 @@ - { path: "/var/lock/keystone", mode: "2755" } - { path: "/var/log/httpd", mode: "2755" } when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' - name: Create system links file: @@ -34,7 +34,7 @@ with_items: - { src: "/var/log/httpd", dest: "/var/log/apache2" } when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' - name: Add shibboleth repo yum_repository: @@ -44,7 +44,7 @@ gpgkey: "{{ keystone_centos_shibboleth_key }}" gpgcheck: yes when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' - keystone_sp != {} - name: Add NGINX repository keys @@ -52,7 +52,7 @@ key: "{{ keystone_centos_nginx_key }}" state: present when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' - keystone_web_server == 'nginx' register: add_nginx_key until: add_nginx_key is success @@ -65,7 +65,7 @@ description: 'nginx repo' baseurl: "{{ keystone_centos_nginx_mirror }}" when: - - ansible_facts['pkg_mgr'] in ['yum', 'dnf'] + - ansible_facts['pkg_mgr'] == 'dnf' - keystone_web_server == 'nginx' register: add_nginx_repo until: add_nginx_repo is success @@ -87,9 +87,6 @@ name: "{{ (keystone_web_server == 'nginx') | ternary(keystone_apache_distro_packages, keystone_nginx_distro_packages) }}" state: absent autoremove: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}" - newuse: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" - changed_use: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" - noreplace: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" when: "(is_metal is undefined) or not (is_metal | bool)" @@ -97,11 +94,8 @@ package: name: "{{ keystone_package_list }}" state: "{{ keystone_package_state }}" - update_cache: "{{ (ansible_facts['pkg_mgr'] in ['apt', 'zypper']) | ternary('yes', omit) }}" + update_cache: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}" cache_valid_time: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary(cache_timeout, omit) }}" - newuse: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" - changed_use: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" - noreplace: "{{ (ansible_facts['pkg_mgr'] == 'portage') | ternary('yes', omit) }}" register: install_packages until: install_packages is success retries: 5 diff --git a/tasks/keystone_nginx.yml b/tasks/keystone_nginx.yml index c76b2c7f..5d00877f 100644 --- a/tasks/keystone_nginx.yml +++ b/tasks/keystone_nginx.yml @@ -58,20 +58,6 @@ - Manage LB - Restart web server -# NOTE(prometheanfire): Nginx needs to be told to load configs from keystone_nginx_conf_path -- name: Configure nginx.conf - copy: - src: nginx.conf - dest: /etc/nginx/nginx.conf - mode: "0644" - group: root - owner: root - when: - - ansible_facts['pkg_mgr'] == 'portage' - notify: - - Manage LB - - Restart web server - # Configure app - name: Configure virtual hosts template: diff --git a/templates/keystone-uwsgi.ini.j2 b/templates/keystone-uwsgi.ini.j2 index c4831e88..a1b352fc 100644 --- a/templates/keystone-uwsgi.ini.j2 +++ b/templates/keystone-uwsgi.ini.j2 @@ -6,7 +6,7 @@ gid = {{ keystone_system_group_name }} {% if keystone_install_method == 'source' %} virtualenv = /openstack/venvs/keystone-{{ keystone_venv_tag }} {% endif %} -{% if keystone_install_method == 'distro' and (ansible_os_family | lower) in ['debian', 'suse' ] %} +{% if keystone_install_method == 'distro' and (ansible_os_family | lower) == 'debian' %} plugin = python3 {% endif %} wsgi-file = {{ keystone_bin }}/{{ item }} diff --git a/vars/gentoo.yml b/vars/gentoo.yml deleted file mode 100644 index 0c491c76..00000000 --- a/vars/gentoo.yml +++ /dev/null @@ -1,85 +0,0 @@ ---- -# Copyright 2019, Matthew Thode -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cache_timeout: 600 - -keystone_distro_packages: - - dev-vcs/git - - net-misc/openssh - - net-misc/rsync - - sys-process/cronie - -keystone_devel_distro_packages: - - dev-python/docutils - - net-nds/openldap - - dev-libs/cyrus-sasl - - dev-libs/libxslt - - dev-libs/libxml2 - -keystone_service_distro_packages: - - sys-auth/keystone - - dev-python/python-systemd - - www-servers/uwsgi - -keystone_apache_distro_packages: - - www-servers/apache - - app-admin/apache-tools - -keystone_nginx_distro_packages: - - www-servers/nginx - -keystone_idp_distro_packages: - - dev-libs/xmlsec - -keystone_sp_distro_packages: [] # nope - -keystone_developer_mode_distro_packages: [] - -keystone_oslomsg_amqp1_distro_packages: - - dev-libs/cyrus-sasl - -keystone_apache_default_sites: - - "/etc/apache2/sites-enabled/000-default.conf" - -keystone_apache_site_available: "/etc/apache2/sites-available/keystone-httpd.conf" -keystone_apache_site_enabled: "/etc/apache2/sites-enabled/keystone-httpd.conf" -keystone_apache_conf: "/etc/apache2/apache2.conf" -keystone_apache_default_log_folder: "/var/log/apache2" -keystone_apache_default_log_owner: "root" -keystone_apache_default_log_grp: "adm" -keystone_apache_security_conf: "/etc/apache2/conf-available/security.conf" - -keystone_apache_configs: - - { src: "keystone-ports.conf.j2", dest: "/etc/apache2/ports.conf" } - - { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/sites-available/keystone-httpd.conf" } - - { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mods-available/mpm_{{ keystone_httpd_mpm_backend }}.conf" } - -keystone_apache_modules: - - name: "ssl" - state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" - - name: "shib2" - state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}" - - name: "proxy_http" - state: "present" - - name: "headers" - state: "present" -# This can be enabled when Apache2.5+ is available -# - name: "mod_journald" -# state: "present - -keystone_nginx_conf_path: "sites-available" -keystone_system_service_name: apache2 -keystone_uwsgi_bin: '/usr/bin' -keystone_sshd: sshd diff --git a/vars/suse.yml b/vars/suse.yml deleted file mode 100644 index 80295266..00000000 --- a/vars/suse.yml +++ /dev/null @@ -1,115 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# Copyright 2017, SUSE LINUX GmbH. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -keystone_distro_packages: - - ca-certificates - - cron - - git-core - - openssh - - rsync - -keystone_devel_distro_packages: - - cyrus-sasl-devel - - libffi-devel - - libopenssl-devel - - libxml2-devel - - libxslt-devel - - openldap2-devel - - systemd-devel - - pkg-config - - python3-devel - -keystone_service_distro_packages: - - openstack-keystone - - uwsgi - - uwsgi-python3 - -keystone_apache_distro_packages: - - apache2 - - apache2-utils - - apache2-mod_proxy_uwsgi - -keystone_mod_proxy_uwsgi_distro_packages: - - apache2-mod_uwsgi - -keystone_nginx_distro_packages: - - nginx - -keystone_idp_distro_packages: - - xmlsec1 - -keystone_sp_distro_packages: - - "{{ keystone_sp_apache_mod_auth_openidc | ternary('apache2-mod_auth_openidc', - 'shibboleth-sp') }}" - -keystone_developer_mode_distro_packages: - - "{{ (ansible_facts['distribution_version'] is version ('42', '>=')) | ternary('patterns-openSUSE-devel_basis', 'patterns-devel-base-devel_basis') }}" - -keystone_oslomsg_amqp1_distro_packages: - - cyrus-sasl - - cyrus-sasl-plain - - cyrus-sasl-digestmd5 - -keystone_apache_default_sites: - - "/etc/apache2/conf.d/gitweb.conf" - -keystone_apache_conf: "/etc/apache2/httpd.conf" -keystone_apache_default_log_folder: "/var/log/apache2" -keystone_apache_default_log_owner: "root" -keystone_apache_default_log_grp: "root" -keystone_apache_security_conf: "{{ keystone_apache_conf }}" - -keystone_apache_configs: - - { src: "keystone-ports.conf.j2", dest: "/etc/apache2/conf.d/ports.conf" } - - { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/conf.d/keystone-httpd.conf" } - - { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mod_{{ keystone_httpd_mpm_backend }}.conf" } - -keystone_apache_modules: - - name: "authz_host" - state: "present" - - name: "access_compat" - state: "present" - - name: "version" - state: "present" - - name: "ssl" - state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" - - name: "shib2" - state: "{{ keystone_sp_apache_mod_shib | ternary('present', 'absent') }}" - - name: "auth_openidc" - state: "{{ keystone_sp_apache_mod_auth_openidc | ternary('present', 'absent') }}" - - name: "proxy" - state: "present" - - name: "proxy_http" - state: "present" - - name: "proxy_fcgi" - state: "present" - - name: "proxy_wstunnel" - state: "present" - - name: "proxy_uwsgi" - state: "present" - - name: "headers" - state: "present" -# This can be enabled when Apache2.5+ is available -# - name: "mod_journald" -# state: "present" - -keystone_nginx_conf_path: 'conf.d' - -keystone_system_service_name: apache2 - -keystone_uwsgi_bin: '/usr/sbin' - -keystone_sshd: sshd