diff --git a/roles/karaage3.1.17/tasks/apacheDebian.yml b/roles/karaage3.1.17/tasks/apacheDebian.yml
index 2ee1fdbb820e03f72bad26f7096f6dec62d5624f..44ffcdc4a675736cfdf50a9d0be0c1d5016cc565 100644
--- a/roles/karaage3.1.17/tasks/apacheDebian.yml
+++ b/roles/karaage3.1.17/tasks/apacheDebian.yml
@@ -7,14 +7,6 @@
- apache2-dev
sudo: true
--
- name: "Setting default-ssl site"
- lineinfile: dest=/etc/apache2/sites-available/default-ssl.conf regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
- - { regexp : "^\\s+SSLCertificateFile", line : " SSLCertificateFile {{ x509_cert_file }}" }
- - { regexp : "SSLCertificateKeyFile", line : " SSLCertificateKeyFile {{ x509_key_file }}" }
- - { regexp : "SSLCACertificateFile", line : " SSLCACertificateFile {{ x509_cacert_file }}" }
- sudo: true
-
name: "Templating default-ssl site"
template: src=default-ssl.j2 dest=/etc/apache2/sites-available/default-ssl.conf owner=www-data group=www-data
diff --git a/roles/karaage3.1.17/tasks/apacheRedHat.yml b/roles/karaage3.1.17/tasks/apacheRedHat.yml
index 3515c7c200e7b4dd18045dcc478b2d61b535322b..584ed275655dbff3b919d20679e9c8ce3a56be03 100644
--- a/roles/karaage3.1.17/tasks/apacheRedHat.yml
+++ b/roles/karaage3.1.17/tasks/apacheRedHat.yml
@@ -14,14 +14,12 @@
name: Setting httpd.conf
sudo: true
replace: dest=/etc/httpd/conf/httpd.conf regexp="^#ServerName www.example.com:80" replace="ServerName {{ ansible_fqdn }}"
+
-
- name: Setting ssl.conf
+ name: "Templating default-ssl site"
+ template: src=default-ssl.j2 dest=/etc/httpd/conf.d/ssl.conf owner=apache group=apache
sudo: true
- lineinfile: dest=/etc/httpd/conf.d/ssl.conf regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
- - { regexp : "^SSLCertificateFile", line : "SSLCertificateFile {{ x509_cert_file }}" }
- - { regexp : "SSLCertificateKeyFile", line : "SSLCertificateKeyFile {{ x509_key_file }}" }
- - { regexp : "SSLCACertificateFile", line : "SSLCACertificateFile {{ x509_cacert_file }}" }
+
-
name: Templating wsgi.conf
sudo: true
diff --git a/roles/karaage3.1.17/tasks/karaage.yml b/roles/karaage3.1.17/tasks/karaage.yml
index d4a11f1ce9699f0845d231694e19bf519a680e56..6e66587faea9f8d1b9227ff873d3228991723f65 100644
--- a/roles/karaage3.1.17/tasks/karaage.yml
+++ b/roles/karaage3.1.17/tasks/karaage.yml
@@ -13,6 +13,8 @@
- python-cracklib
- git
- apache2-dev
+ - mysql-client
+ - python-dev
when: ansible_os_family == "Debian"
-
name: "Installing prerequisites Redhat"
@@ -55,7 +57,6 @@
sudo: true
with_items:
- six
- - MySQL-python
- slimit
- ply
- cython
diff --git a/roles/karaage3.1.17/templates/default-ssl.j2 b/roles/karaage3.1.17/templates/default-ssl.j2
index 6462e0a413c8c1e102d02f36eb680324c1938b5e..30ba1f3c652cb230ea0195a483c3791f2ec92adc 100644
--- a/roles/karaage3.1.17/templates/default-ssl.j2
+++ b/roles/karaage3.1.17/templates/default-ssl.j2
@@ -50,7 +50,7 @@
# certificate chain for the server certificate. Alternatively
# when the CA certificates are directly appended to the server
# certificate for convinience.
- #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+ SSLCertificateChainFile {{ x509_cert_chain }}
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
@@ -59,13 +59,6 @@
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
- {% if ldapCaCertFile is defined and ldapCaCertDir is defined %}
- SSLCACertificatePath {{ ldapCaCertDir }}
- SSLCACertificateFile {{ ldapCaCertDir }}/{{ ldapCaCertFile }}
- {% else %}
- SSLCACertificatePath /etc/ssl/certs/
- SSLCACertificateFile {{ x509_cacert_file }}
- {% endif %}
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
diff --git a/roles/ldapserver/tasks/main.yml b/roles/ldapserver/tasks/main.yml
index dab389be020e153c5a393d640246c21bcba62528..d569bf2164bf73059dbf2fd4b4dc2a232a53caeb 100644
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -99,21 +99,21 @@
with_items: ldapCertFiles
sudo: true
-- name: copy cert
- command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
- sudo: true
+#- name: copy cert
+# command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
+# sudo: true
-- name: copy cacert
- command: cp /etc/ssl/certs/ca.crt {{ cacert }}
- sudo: true
+#- name: copy cacert
+# command: cp /etc/ssl/certs/ca.crt {{ cacert }}
+# sudo: true
-- name: copy key
- command: cp /etc/ssl/private/server.key {{ ldapkey }}
- sudo: true
+#- name: copy key
+# command: cp /etc/ssl/private/server.key {{ ldapkey }}
+# sudo: true
-- name: chmod key
- file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
- sudo: true
+#- name: chmod key
+# file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
+# sudo: true
- name: enable ssl centos
lineinfile: regexp="SLAPD_LDAPS=no" state=present line="SLAPD_LDAPS=yes" dest=/etc/sysconfig/ldap
diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml
index bc39805e12f63115eb9d0d88fc9d19af77fbb8de..fd7181ba5206b53ab92a9a0802a239a2f0b0fde2 100644
--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
@@ -1,3 +1,3 @@
---
- - include: mysql_client.yml mysql_type=mysql_client
- - include: mysql_server.yml mysql_type=mysql_server
+- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
+- include: "{{ mysql_type }}.yml"
diff --git a/roles/mysql/tasks/mysql_server.yml b/roles/mysql/tasks/mysql_server.yml
index 9e4b32d5a1c8a1a30daf641f873afd6a7403db79..170178fc889a46b1ecaed03c3817fd7b0dd4cf7c 100644
--- a/roles/mysql/tasks/mysql_server.yml
+++ b/roles/mysql/tasks/mysql_server.yml
@@ -1,27 +1,29 @@
---
- name: "Installing MySQL Debian"
apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
- with_items:
- - python
- - python-dev
- - libmysqlclient-dev
- - python-pip
- - libapache2-mod-wsgi
- - python-mysql.connector
- - mysql-server
- - python-mysqldb
+ with_items: server_packages
sudo: true
when: ansible_os_family == "Debian"
+- name: "Remove rdo repo"
+ file: path=/etc/yum.repos.d/rdo-release.repo state=absent
+ sudo: true
+ when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7
+
+- name: "Check RPM packages"
+ shell: ls /etc/yum.repos.d/mysql-community.repo
+ register: mysql_repo
+ ignore_errors: true
+ when: rpm_package is defined
+
+- name: "Add RPM packages"
+ shell: rpm -iUvh {{ rpm_package }}
+ sudo: true
+ when: mysql_repo | failed
+
- name: Installing MySQL RedHat
- yum: name="{{ item }}" state=latest
- with_items:
- - python
- - python-devel
- - mysql-devel
- - mysql-libs
- - MySQL-python
- - mysql-server
+ yum: name={{ item }}
+ with_items: server_packages
sudo: true
when: ansible_os_family == "RedHat"
@@ -36,7 +38,8 @@
when: ansible_os_family == "RedHat" and ansible_distribution_major_version < 7
- name: "Starting MySQL"
- service: name=mariadb state=started enabled=true
+# service: name=mariadb state=started enabled=true
+ service: name=mysqld state=started enabled=true
sudo: true
when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7
diff --git a/roles/mysql/vars/CentOS_6.yml b/roles/mysql/vars/CentOS_6.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e3bbeaef6a54dfe6bdc1dfbf788974ffcfb73c28
--- /dev/null
+++ b/roles/mysql/vars/CentOS_6.yml
@@ -0,0 +1,9 @@
+server_packages:
+ - python
+ - python-devel
+ - mysql-devel
+ - mysql-libs
+ - MySQL-python
+ - mysql-server
+
+
diff --git a/roles/mysql/vars/CentOS_7.yml b/roles/mysql/vars/CentOS_7.yml
new file mode 100644
index 0000000000000000000000000000000000000000..524f128c51bfd90d07b7386d88836f78068a3db2
--- /dev/null
+++ b/roles/mysql/vars/CentOS_7.yml
@@ -0,0 +1,9 @@
+rpm_package: "http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm"
+
+server_packages:
+ - python
+ - python-devel
+ - MySQL-python
+ - mysql-community-server
+
+
diff --git a/roles/mysql/vars/Debian_7.yml b/roles/mysql/vars/Debian_7.yml
new file mode 100644
index 0000000000000000000000000000000000000000..eec16f6a706186a4ad21541298425f17191f9bc4
--- /dev/null
+++ b/roles/mysql/vars/Debian_7.yml
@@ -0,0 +1,10 @@
+server_packages:
+ - python
+ - python-dev
+ - libmysqlclient-dev
+ - python-pip
+ - libapache2-mod-wsgi
+ - python-mysql.connector
+ - mysql-server
+ - python-mysqldb
+
diff --git a/roles/mysql/vars/Debian_8.yml b/roles/mysql/vars/Debian_8.yml
new file mode 100644
index 0000000000000000000000000000000000000000..eec16f6a706186a4ad21541298425f17191f9bc4
--- /dev/null
+++ b/roles/mysql/vars/Debian_8.yml
@@ -0,0 +1,10 @@
+server_packages:
+ - python
+ - python-dev
+ - libmysqlclient-dev
+ - python-pip
+ - libapache2-mod-wsgi
+ - python-mysql.connector
+ - mysql-server
+ - python-mysqldb
+
diff --git a/roles/mysql/vars/main.yml b/roles/mysql/vars/main.yml
deleted file mode 100644
index 5ab6594867c30436d4a67277577cfc5cae58f643..0000000000000000000000000000000000000000
--- a/roles/mysql/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-mysql_config_file_name: mysql_config