Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update lighttpd role #571

Open
spartan782 opened this issue Apr 30, 2021 · 1 comment
Open

Update lighttpd role #571

spartan782 opened this issue Apr 30, 2021 · 1 comment
Labels
3.0 Fresh start
Milestone
3.0

Comments

@spartan782
Copy link
Contributor

Each role needs to be checked and update any ansible modules or tasks that are deprecated, failing or giving warnings.
@spartan782 spartan782 added this to the 3.0 milestone Apr 30, 2021
@koelslaw
Copy link
Contributor

Online Deploy LGTM

PLAY [docket,kibana] *******************************************************************************************

TASK [Gathering Facts] *****************************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Include user-override vars] ******************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Install packages] *****************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Install ROCK lighttpd configuration] *********************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=10-rock-auth.conf)
changed: [simplerockbuild.simplerock.lan] => (item=10-tls.conf)
changed: [simplerockbuild.simplerock.lan] => (item=20-rock-vars.conf)
changed: [simplerockbuild.simplerock.lan] => (item=50-rockproxy.conf)

TASK [Enable lighttpd vhosts] **********************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Disable lighttpd ipv6] ***********************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Enable lighttpd to perform proxy connect] ****************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Generate sensor private key] ******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Generate sensor public key] *******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Generate sensor CSR] **************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Generate sensor certificate] ******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Combine sensor cert and key] ******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Generate DH parameters] ***********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Configure firewall ports] *********************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=443)

TASK [lighttpd : Check if initial user has already been created] ***********************************************
ok: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Determine initial username] *******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Determine initial password] *******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Set initial credentials] **********************************************************************
included: /usr/share/rock/roles/lighttpd/tasks/add-user.yml for simplerockbuild.simplerock.lan

TASK [lighttpd : Ensure passwd file exists] ********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Hash password] ********************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Add a new user to lighttpd] ******************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [lighttpd : Output initial credentials] *******************************************************************
changed: [simplerockbuild.simplerock.lan]

RUNNING HANDLER [Enable and restart lighttpd] ******************************************************************
changed: [simplerockbuild.simplerock.lan]

PLAY [docket,stenographer] *************************************************************************************

TASK [Gathering Facts] *****************************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Include user-override vars] ******************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Check for docket and stenographer hosts] *****************************************************************
ok: [simplerockbuild.simplerock.lan] => {
    "changed": false, 
    "msg": "All assertions passed"
}

TASK [docket : Configure RockNSM online repos] *****************************************************************
ok: [simplerockbuild.simplerock.lan] => (item={u'gpgcheck': True, u'name': u'rocknsm_2_5', u'baseurl': u'https://packagecloud.io/rocknsm/2_5/el/7/$basearch'})
ok: [simplerockbuild.simplerock.lan] => (item={u'gpgcheck': False, u'name': u'rocknsm_2_5-source', u'baseurl': u'https://packagecloud.io/rocknsm/2_5/el/7/SRPMS'})

TASK [docket : Install packages] *******************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Ensure ansible_cache dir exists] ****************************************************************
ok: [simplerockbuild.simplerock.lan -> localhost]

TASK [docket : Set ansible_cache fact] *************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [docket : Ensure rock nsm conf dir exists] ****************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Ensure docket x509 user exists] **************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Ensure docket x509 group exists] *************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Ensure docket x509 dir exists] ***************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Create docket private key] *******************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Set perms on private key] ***********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Check for certificate] **************************************************************************
ok: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Debug cert output] ******************************************************************************
ok: [simplerockbuild.simplerock.lan] => {
    "docket_cert.results": [
        {
            "ansible_loop_var": "item", 
            "changed": false, 
            "failed": false, 
            "invocation": {
                "module_args": {
                    "checksum_algorithm": "sha1", 
                    "follow": false, 
                    "get_attributes": true, 
                    "get_checksum": true, 
                    "get_md5": false, 
                    "get_mime": true, 
                    "path": "/etc/pki/docket/docket-simplerockbuild_sensor-simplerockbuild.simplerock.lan_cert.pem"
                }
            }, 
            "item": "simplerockbuild.simplerock.lan", 
            "stat": {
                "exists": false
            }
        }
    ]
}

TASK [Create docket csr] ***************************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Fetch csr] **************************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Dump number of missing certs] *******************************************************************
ok: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan) => {
    "msg": "Number of missing certs: 1"
}

TASK [docket : Dump the cert info for] *************************************************************************
ok: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan) => {
    "ansible_loop_var": "item", 
    "hostvars[item].docket_cert|json_query('results[?item==inventory_hostname_short]')": [], 
    "item": "simplerockbuild.simplerock.lan"
}

TASK [docket : Push csr to stenographer hosts] *****************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Sign certificate signing requests] **************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Pull certificates back] *************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Pull back ca certificates] **********************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Push certificates to docket hosts] ***********************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Push stenographer ca certs] *********************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=simplerockbuild.simplerock.lan)

TASK [docket : Cleanup /tmp/ansible.pdYxt9 dir] ****************************************************************
ok: [simplerockbuild.simplerock.lan -> localhost]

TASK [docket : Check existing secret_key] **********************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [docket : debug] ******************************************************************************************
ok: [simplerockbuild.simplerock.lan] => {
    "msg": {
        "changed": false, 
        "cmd": "awk '/^SECRET_KEY/ {print $2}' /etc/docket/prod.yaml", 
        "delta": "0:00:00.005365", 
        "end": "2021-10-29 01:26:11.270622", 
        "failed": false, 
        "rc": 0, 
        "start": "2021-10-29 01:26:11.265257", 
        "stderr": "", 
        "stderr_lines": [], 
        "stdout": "CHANGE_THIS_SECRET_KEY_TO_ANY_RANDOM_VALUE", 
        "stdout_lines": [
            "CHANGE_THIS_SECRET_KEY_TO_ANY_RANDOM_VALUE"
        ]
    }
}

TASK [docket : Keep existing secret_key] ***********************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Set production docket config] ****************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Set uwsgi config] *******************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Enable redis] ***********************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Enable docket celery services] ***************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=docket-celery-io)
changed: [simplerockbuild.simplerock.lan] => (item=docket-celery-query)

TASK [Enable docket uwsgi service] *****************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Create lighttpd + uwsgi config] *****************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Create vhost logdir] ****************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Enable lighttpd vhosts] *************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Add lighttpd into docket group] **************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [docket : Enable lighttpd service] ************************************************************************
ok: [simplerockbuild.simplerock.lan]

RUNNING HANDLER [docket : Restart redis] ***********************************************************************
changed: [simplerockbuild.simplerock.lan]

RUNNING HANDLER [Restart docket celery services] ***************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=docket-celery-io)
changed: [simplerockbuild.simplerock.lan] => (item=docket-celery-query)

RUNNING HANDLER [Restart docket uwsgi] *************************************************************************
changed: [simplerockbuild.simplerock.lan]

RUNNING HANDLER [docket : Restart lighttpd] ********************************************************************
changed: [simplerockbuild.simplerock.lan]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3.0 Fresh start
Projects
None yet
Milestone
3.0
Development

No branches or pull requests
2 participants
@spartan782 @koelslaw