Merge pull request #813 from roots/ansible-2.3

Ansible 2.3 compatibility
roots · Apr 15, 2017 · 1f165ea · 1f165ea
2 parents f948df1 + 28eb441
commit 1f165ea
Show file tree

Hide file tree

Showing 9 changed files with 16 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,5 @@
 ### HEAD
+* Ansible 2.3 compatibility ([#813](https://github.com/roots/trellis/pull/813))
 * Remove potentially dangerous `db_import` option ([#825](https://github.com/roots/trellis/pull/825))
 
 ### 1.0.0-rc.1: April 7th, 2017

diff --git a/roles/connection/tasks/main.yml b/roles/connection/tasks/main.yml
@@ -52,7 +52,7 @@
 - block:
   - name: Set remote user for each host
     set_fact:
-      ansible_user: "{{ ansible_user | default(('root' in connection_status.stdout_lines) | ternary('root', admin_user)) }}"
+      ansible_user: "{{ ansible_user | default((connection_status.stdout_lines | intersect(['root', '\e[0;32mroot']) | count) | ternary('root', admin_user)) }}"
     check_mode: no
 
   - name: Announce which user was selected

diff --git a/roles/letsencrypt/defaults/main.yml b/roles/letsencrypt/defaults/main.yml
@@ -1,7 +1,6 @@
 sites_using_letsencrypt: "[{% for name, site in wordpress_sites.iteritems() if site.ssl.enabled and site.ssl.provider | default('manual') == 'letsencrypt' %}'{{ name }}',{% endfor %}]"
-letsencrypt_enabled: "{{ sites_using_letsencrypt | count }}"
-site_uses_letsencrypt: "{{ ssl_enabled and item.value.ssl.provider | default('manual') == 'letsencrypt' }}"
-missing_hosts: "{{ site_uses_letsencrypt | ternary(site_hosts, []) | difference((current_hosts.results | selectattr('item.key', 'equalto', item.key) | selectattr('stdout_lines', 'defined') | sum(attribute='stdout_lines', start=[]) | map('trim') | list | join(' ')).split(' ')) }}"
+site_uses_letsencrypt: ssl_enabled and item.value.ssl.provider | default('manual') == 'letsencrypt'
+missing_hosts: "{{ site_hosts | difference((current_hosts.results | selectattr('item.key', 'equalto', item.key) | selectattr('stdout_lines', 'defined') | sum(attribute='stdout_lines', start=[]) | map('trim') | list | join(' ')).split(' ')) }}"
 letsencrypt_cert_ids: "{ {% for item in (generate_cert_ids | default({'results':[{'skipped':True}]})).results if not item | skipped %}'{{ item.item.key }}':'{{ item.stdout }}', {% endfor %} }"
 
 acme_tiny_repo: 'https://github.com/diafygi/acme-tiny.git'

diff --git a/roles/letsencrypt/tasks/nginx.yml b/roles/letsencrypt/tasks/nginx.yml
@@ -18,7 +18,9 @@
     src: nginx-challenge-site.conf.j2
     dest: "{{ nginx_path }}/sites-available/letsencrypt-{{ item.key }}.conf"
   register: challenge_site_confs
-  when: missing_hosts | count
+  when:
+    - site_uses_letsencrypt
+    - missing_hosts | count
   with_dict: "{{ wordpress_sites }}"
 
 - name: Enable Nginx sites
@@ -27,7 +29,9 @@
     dest: "{{ nginx_path }}/sites-enabled/letsencrypt-{{ item.key }}.conf"
     state: link
   register: challenge_sites_enabled
-  when: missing_hosts | count
+  when:
+    - site_uses_letsencrypt
+    - missing_hosts | count
   with_dict: "{{ wordpress_sites }}"
   notify: disable temporary challenge sites
 

diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
@@ -21,7 +21,7 @@
   args:
     chdir: "{{ nginx_path }}/ssl"
     creates: "{{ nginx_path }}/ssl/dhparams.pem"
-  when: true in [{% for key, site in wordpress_sites.iteritems() %}{{ site.ssl.enabled }},{% endfor %}]
+  when: wordpress_sites.values() | map(attribute='ssl') | selectattr('enabled') | list | count
   notify: reload nginx
   tags: [diffie-hellman]
 

diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
@@ -33,7 +33,7 @@
     name: "{{ item.name }}"
     group: "{{ item.groups[0] }}"
     groups: "{{ item.groups | join(',') }}"
-    password: '{% for user in vault_users | default([]) if user.name == item.name and user.password is defined %}{{ user.password | password_hash("sha512", user.salt | default("") | truncate(16, true, "") | regex_replace("[^\.\/a-zA-Z0-9]", "x")) }}{% else %}{{ None }}{% endfor %}'
+    password: '{% for user in vault_users | default([]) if user.name == item.name and user.password is defined %}{{ user.password | password_hash("sha512", (user.salt | default(""))[:16] | regex_replace("[^\.\/a-zA-Z0-9]", "x")) }}{% else %}{{ None }}{% endfor %}'
     state: present
     shell: /bin/bash
     update_password: always

diff --git a/roles/wordpress-install/tasks/main.yml b/roles/wordpress-install/tasks/main.yml
@@ -14,7 +14,7 @@
   command: rsync -ac --info=NAME /tmp/{{ item.key }}.env {{ www_root }}/{{ item.key }}/{{ item.value.current_path | default('current') }}/.env
   with_dict: "{{ wordpress_sites }}"
   register: env_file
-  changed_when: env_file.stdout == "{{ item.key }}.env"
+  changed_when: env_file.stdout == item.key + '.env'
 
 - name: Add known_hosts
   known_hosts:

diff --git a/roles/wp-cli/tasks/main.yml b/roles/wp-cli/tasks/main.yml
@@ -9,7 +9,7 @@
   args:
     warn: false
   register: wp_cli
-  changed_when: wp_cli.stdout == "wp-cli{{ wp_cli_version }}.phar"
+  changed_when: wp_cli.stdout == 'wp-cli-' + wp_cli_version + '.phar'
 
 - name: Retrieve WP-CLI tab completions
   command: curl -4Ls {{ wp_cli_completion_url }} -o /tmp/wp-completion-{{ wp_cli_version }}.bash
@@ -22,4 +22,4 @@
   args:
     warn: false
   register: wp_cli_completion
-  changed_when: wp_cli_completion.stdout == "wp-completion-{{ wp_cli_version }}.bash"
+  changed_when: wp_cli_completion.stdout == 'wp-completion-' + wp_cli_version + '.bash'
diff --git a/server.yml b/server.yml
@@ -38,5 +38,5 @@
     - { role: logrotate, tags: [logrotate] }
     - { role: composer, tags: [composer] }
     - { role: wp-cli, tags: [wp-cli] }
-    - { role: letsencrypt, tags: [letsencrypt], when: letsencrypt_enabled }
+    - { role: letsencrypt, tags: [letsencrypt], when: sites_using_letsencrypt | count }
     - { role: wordpress-setup, tags: [wordpress, wordpress-setup, letsencrypt] }