Updated roles and playbooks- Added michaelpporter.certbot-cloudflare …

…replacing inline setup- Split Jenkins and Web plyabooks

.gitignore

@@ -1,6 +1,5 @@
 *.retry
 vars/main-vars.yml
 files/git_user_old
-jenkins.yml
 jphp.yml
-web.yml
+test.yml

jenkins.yml

@@ -0,0 +1,35 @@
+- hosts: jenkinsgroup
+  remote_user: demo
+  become: true
+  gather_facts: false
+  pre_tasks:
+  - name: Install python for Ansible
+    raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
+    changed_when: False
+  - setup: # aka gather_facts
+  - name: set timezone to America/Chicago
+    timezone:
+      name: America/Chicago
+  - name: gather os specific variables
+    include_vars: "{{ item }}"
+    with_first_found:
+      - "{{ ansible_distribution }}-{{ php_version }}.yml"
+      - "{{ ansible_distribution }}.yml"
+    tags: vars
+  vars_files:
+    - vars/jenkins.yml
+    - vars/main-vars.yml
+
+  roles:
+    - users
+    - geerlingguy.git
+    - andrewrothstein.hub
+    - geerlingguy.postfix
+    - geerlingguy.pip
+    - role: oefenweb.swapfile
+      check_mode: no
+    - geerlingguy.certbot
+    - geerlingguy.java
+    - geerlingguy.jenkins
+    - geerlingguy.apache
+

main.yml

@@ -1,74 +1,3 @@
-- hosts: demogroup
-  remote_user: demo
-  become: true
-  gather_facts: false
-  pre_tasks:
-  - name: Install python for Ansible
-    raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
-    changed_when: False
-  - setup: # aka gather_facts
-  - name: set timezone to America/Chicago
-    timezone:
-      name: America/Chicago
-  - name: gather os specific variables
-    include_vars: "{{ item }}"
-    with_first_found:
-      - "{{ ansible_distribution }}-{{ php_version }}.yml"
-      - "{{ ansible_distribution }}.yml"
-    tags: vars
-  - name: gather apache variables
-    include_vars: "{{ item }}"
-    with_first_found:
-      - "{{ inventory_hostname }}.yml"
-      - "webgroup.yml"
-    tags: vars
-  vars_files:
-    - vars/main-vars.yml
-
-  roles:
-    - users
-    - role: geerlingguy.pip
-      when: "'webgroup' in group_names"
-    - { role: geerlingguy.certbot, certbot_certs: [] }
-    - role: setup
-      when: "'webgroup' in group_names"
-    - geerlingguy.postfix
-    - geerlingguy.certbot
-    - geerlingguy.git
-    - andrewrothstein.hub
-    - role: geerlingguy.java
-      when: "'jenkinsgroup' in group_names"
-    - role: geerlingguy.jenkins
-      when: "'jenkinsgroup' in group_names"
-    - role: oefenweb.swapfile
-      check_mode: no
-    - role: pedrocarmona.github-git-lfs
-      when: "'webgroup' in group_names"
-    - geerlingguy.apache
-    - role: geerlingguy.php-versions
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.php
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.apache-php-fpm
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.composer
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.php-mysql
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.mysql
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.adminer
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.drush
-      when: "'webgroup' in group_names"
-    - role: geerlingguy.nodejs
-      when: "'webgroup' in group_names"
-    - role: sbaerlocher.wp-cli
-      when: "'webgroup' in group_names"
-    - role: wtanaka.jq
-      when: "'webgroup' in group_names"
-    - role: logwatch
-      when: "'webgroup' in group_names"
-    - role: config
-      when: "'webgroup' in group_names"
-
+---
+- import_playbook: web.yml
+- import_playbook: jenkins.yml

roles/setup/defaults/main.yml

@@ -13,5 +13,28 @@ setup_slack_api: "slackAPIKey"
 setup_memcache_password: "password"
 setup_apc_password: "password"
 
-setup_dns_cloudflare_email: ''
-setup_dns_cloudflare_api_key: ''
+setup_apt_install:
+  - aptitude
+  - build-essential
+  - cpanminus
+  - curl
+  - imagemagick
+  - libcache-cache-perl
+  - libdbd-mysql-perl
+  - libdbi-perl
+  - libffi-dev
+  - libssl-dev
+  - librose-datetime-perl
+  - libtext-csv-perl
+  - libtext-csv-xs-perl
+  - ntp
+  - pdftk
+  - perl
+  - php-pear
+  - python-apt
+  - python-dev
+  - python-pycurl
+  - ruby-dev
+  - s3cmd
+  - sshpass
+  - unzip

roles/setup/tasks/main.yml

@@ -36,31 +36,7 @@
 
   - name: Get software for apt repository management.
     apt: name={{ item }} state=present
-    with_items:
-      - aptitude
-      - build-essential
-      - cpanminus
-      - curl
-      - imagemagick
-      - libcache-cache-perl
-      - libdbd-mysql-perl
-      - libdbi-perl
-      - libffi-dev
-      - libssl-dev
-      - librose-datetime-perl
-      - libtext-csv-perl
-      - libtext-csv-xs-perl
-      - ntp
-      - pdftk
-      - perl
-      - php-pear
-      - python-apt
-      - python-dev
-      - python-pycurl
-      - ruby-dev
-      - s3cmd
-      - sshpass
-      - unzip
+    with_items: "{{ setup_apt_install }}"
 
   - name: Install iTerm shell intergration
     get_url:
@@ -172,28 +148,3 @@
       minute: "*/15"
       hour: "*"
       job: "/usr/local/bin/sites.sh > /dev/null"
-
-
-  - name: Install certbot-dns-cloudflare
-    shell: "cd /opt/certbot/certbot-dns-cloudflare && python setup.py install"
-    when: "'webgroup' in group_names"
-  - name: Create certbot folder - sudouser
-    file:
-      path: /etc/letsencrypt
-      state: directory
-      owner: root
-      group: root
-      mode: 0700
-    when: "'webgroup' in group_names"
-  - name: Certbot Template
-    template:
-      src: "{{ item.src }}"
-      dest: "{{ item.dest }}"
-      owner: root
-      group: root
-      mode: 0600
-    with_items:
-      - { src: 'files/templates/confcloudflare.ini.j2', dest: '/etc/letsencrypt/dnscloudflare.ini' }
-      - { src: 'files/templates/letsencrypt_cli.ini.j2', dest: '/etc/letsencrypt/cli.ini' }
-    when: "'webgroup' in group_names"
-

vars/main-vars.sample.yml

@@ -51,10 +51,10 @@ certbot_create_if_missing: yes
 # Install from source to get dns plugin folders
 certbot_install_from_source: yes
 
-# Username for htaccess to protect stage sites
-setup_dns_cloudflare_email: "[email protected]"
-# ansible-vault encrypt_string 'cloudflareAPIKey' --name 'setup_dns_cloudflare_api_key'
-setup_dns_cloudflare_api_key: ''
+# Email address for Cloudflare Global API Key
+certbot_cloudflare_email: "[email protected]"
+# ansible-vault encrypt_string 'cloudflareAPIKey' --name 'certbot_cloudflare_api_key'
+certbot_cloudflare_api_key: ''
 
 
 config_htaccess_user: "demo"
@@ -164,3 +164,27 @@ my_custom_path_var: /usr/local/scripts
 # for jq
 package_name: jq
 
+setup_apt_install:
+  - aptitude
+  - build-essential
+  - cpanminus
+  - curl
+  - imagemagick
+  - libcache-cache-perl
+  - libdbd-mysql-perl
+  - libdbi-perl
+  - libffi-dev
+  - libssl-dev
+  - librose-datetime-perl
+  - libtext-csv-perl
+  - libtext-csv-xs-perl
+  - ntp
+  - perl
+  - php-pear
+  - python-apt
+  - python-dev
+  - python-pycurl
+  - ruby-dev
+  - s3cmd
+  - sshpass
+  - unzip

web.yml

@@ -0,0 +1,48 @@
+- hosts: webgroup
+  remote_user: demo
+  become: true
+  gather_facts: false
+  pre_tasks:
+  - name: Install python for Ansible
+    raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
+    changed_when: False
+  - setup: # aka gather_facts
+  - name: set timezone to America/Chicago
+    timezone:
+      name: America/Chicago
+  - name: gather os specific variables
+    include_vars: "{{ item }}"
+    with_first_found:
+      - "{{ ansible_distribution }}-{{ php_version }}.yml"
+      - "{{ ansible_distribution }}.yml"
+    tags: vars
+  vars_files:
+    - vars/webgroup.yml
+    - vars/main-vars.yml
+
+  roles:
+    - users
+    - geerlingguy.git
+    - andrewrothstein.hub
+    - geerlingguy.postfix
+    - geerlingguy.pip
+    - role: oefenweb.swapfile
+      check_mode: no
+    - setup
+    - michaelpporter.certbot-cloudflare
+    - pedrocarmona.github-git-lfs
+    - geerlingguy.apache
+    - geerlingguy.php-versions
+    - geerlingguy.php
+    - geerlingguy.apache-php-fpm
+    - geerlingguy.composer
+    - geerlingguy.php-mysql
+    - geerlingguy.mysql
+    - geerlingguy.adminer
+    - geerlingguy.drush
+    - geerlingguy.nodejs
+    - sbaerlocher.wp-cli
+    - wtanaka.jq
+    - logwatch
+    - config
+