roles/ldapservertest/templates/db.ldif.j2

+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcSuffix
+olcSuffix: dc=example,dc=com
+
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcRootDN
+olcRootDN: cn=read-only-admin,dc=example,dc=com
+
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcRootPW
+olcRootPW: {{ROOT_PW}}

roles/ldapservertest/templates/monitor.ldif.j2

+dn: olcDatabase={1}monitor,cn=config
+changetype: modify
+replace: olcAccess
+olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=read-only-admin,dc=example,dc=com" read by * none

roles/ldapservertest/tests/test_default.py

+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    '.molecule/ansible_inventory').get_hosts('all')
+
+
+def test_hosts_file(File):
+    f = File('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'

roles/link_usr_local/tasks/main.yml → roles/link_directories/tasks/main.yml

@@ -3,17 +3,23 @@
   stat: path={{ dest }}
   register: stat_r
 
+
+- name: debug1
+  debug: var=stat_r
+
 - name: mv
   command: mv "{{ dest }}" "{{ dest }}_old"
   when: stat_r.stat.exists and stat_r.stat.isdir
-  sudo: true
+  become: true
 
-- name: stat 
+- name: stat
   stat: path={{ dest }}
   register: stat_r
 
+- name: debug2
+  debug: var=stat_r
 
 - name: link
   file: src="{{ src }}" dest="{{ dest }}" state=link
   when: not stat_r.stat.exists
-  sudo: true
+  become: true

roles/lmod/tasks/main.yml

 ---
 - include_vars: "{{ ansible_os_family }}.yml"
 
-- name: add epel on CentOS 7
-  shell: rpm -iUvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
-  sudo: true
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
-  ignore_errors: true
-
-#- name: add epel on CentOS 7
-#  shell: yum -y update
-#  sudo: true
-#  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
-
-- name: Install epel-release
-  yum: name=epel-release-7-5.noarch state=present
-  sudo: true
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
+- name: install lua centos
+  package:
+    state: present
+    name:
+      - lua
+      - tcl
+      - rsync
+      - gcc
+      - lua-devel
+  become: true
+  when: ansible_os_family == 'RedHat'
 
-- name: Enable epel
-  command: yum-config-manager --enable epel
-  sudo: true
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
+- name: install lua centos
+  package:
+    state: present
+    enablerepo: epel
+    name:
+      - lua-filesystem
+      - lua-posix
+  become: true
+  when: 
+    - ansible_os_family == 'RedHat'
+    - '"DGX" not in ansible_product_name'
 
+- name: install lua RHEL7
+  yum:
+    state: present
+    update_cache: yes
+    enablerepo: "org_monash_uni_EPEL_7_EPEL_7_-_x86_64"
+    name:
+      - lua
+      - lua-filesystem
+      - lua-posix
+      - tcl
+      - rsync
+      - gcc
+      - lua-devel
+  when:
+   - '"DGX" in ansible_product_name'
+   - '"RedHat" in ansible_distribution'
+  become: true
 
-- name: install lua
-  yum: name={{ item }} state=installed
-  with_items:
-    - lua
-    - lua-filesystem
-    - lua-posix
-    - tcl
-    - rsync
-    - gcc
-    - lua-devel
-  sudo: true
-  when: ansible_os_family == 'RedHat'
-
-- name: install lua
-  apt: name={{ item }} state=installed
-  with_items:
-    - lua5.2
-    - lua5.2
-    - lua-filesystem
-    - lua-bitop
-    - lua-posix
-    - liblua5.2-0
-    - liblua5.2-dev
-    - tcl
-  sudo: true
+- name: install lua debian
+  package:
+    name: lmod
+    state: present
+  become: true
   when: ansible_os_family == 'Debian'
 
+- name: stat lmod
+  stat: path="{{ soft_dir }}/lmod/{{ lmod_version }}"
+  register: lmodstat
+
 - name: Download LMOD
   get_url:
-    url=http://downloads.sourceforge.net/project/lmod/Lmod-{{ lmod_version }}.tar.bz2
-    dest={{source_dir}}/Lmod-{{ lmod_version }}.tar.bz2
+    url=https://object-store.rc.nectar.org.au/v1/AUTH_56ccfd36d0ad454a883a98e8489c97b5/hpc-repo/src/Lmod-{{ lmod_version }}.tar.bz2
+    dest={{ source_dir }}/Lmod-{{ lmod_version }}.tar.bz2
     mode=0444
+  when: ansible_os_family == 'RedHat' and not lmodstat.stat.exists
 
 - name: Uncompress LMOD
   unarchive:
     src={{ source_dir }}/Lmod-{{ lmod_version }}.tar.bz2
     dest={{ source_dir }}
     copy=no
-    creates={{source_dir}}/Lmod-{{ lmod_version }}/README
+    creates={{ source_dir }}/Lmod-{{ lmod_version }}/README
+  when: ansible_os_family == 'RedHat' and not lmodstat.stat.exists
 
 - name: Compile and install Lmod
   shell: cd {{ source_dir }}/Lmod-{{ lmod_version }}; ./configure --prefix={{ soft_dir }} --with-mpathSearch=YES --with-caseIndependentSorting=YES && make install LUA_INCLUDE={{ lua_include }}
   args:
     creates: "{{ soft_dir }}/lmod/{{ lmod_version }}"
-  sudo: true
+  become: true
+  when: ansible_os_family == 'RedHat'

roles/lmod/vars/main.yml

 ---
 source_dir: /tmp
-soft_dir: /usr/local
+soft_dir: /opt/lmod/
 lmod_version: 5.8.6

roles/logrotate/files/syslog_RedHat_7

+/var/log/cron
+/var/log/maillog
+/var/log/messages
+/var/log/secure
+/var/log/spooler
+{
+    missingok
+    sharedscripts
+    compress
+    postrotate
+	/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
+    endscript
+}

roles/logrotate/tasks/main.yml

+---
+- name: enable compression etc logrotate.conf
+  replace:
+    path: /etc/logrotate.conf
+    regexp:  '#compress'
+    replace: 'compress'
+  become: true
+  
+- name: /etc/logrotate.d/syslog
+  copy:
+    src: "syslog_{{ ansible_os_family }}_{{ ansible_distribution_major_version }}"
+    dest: /etc/logrotate.d/syslog
+  become: true
+  when: ansible_os_family == 'RedHat'
\ No newline at end of file

roles/lustre-client/files/ibdev2netdev.sh

+#! /bin/bash
+#
+#modified by simon to print device name
+#
+
+
+usage()
+{
+        echo "$(basename $0) <options>"
+        echo "-h, --help                print help message"
+        echo "-v, --verbose             print more info"
+}
+
+function find_pdev()
+{
+	pdevlist=$(ls /sys/bus/pci/devices)
+
+	for pdev in $pdevlist; do
+		if [ -d /sys/bus/pci/devices/$pdev/infiniband ]; then
+			ibd=$(ls /sys/bus/pci/devices/$pdev/infiniband/)
+			if [ "x$ibd" == "x$1" ]; then
+				echo -n $pdev
+			fi
+		fi
+	done
+}
+
+case $1 in
+        "-h" | "--help")
+                usage
+                exit 0
+                ;;
+esac
+
+if (( $# > 1 )); then
+	usage
+	exit -1
+fi
+
+if (( $# == 1 )) && [ "$1" != "-v" ]; then
+	usage
+        exit -1
+fi
+
+ibdevs=$(ls /sys/class/infiniband/)
+
+devs=
+for netpath in /sys/class/net/*
+do
+    if (grep 0x15b3 ${netpath}/device/vendor > /dev/null 2>&1); then
+        devs="$devs ${netpath##*/}"
+    fi
+done
+
+if [ "x$devs" == "x" ]; then
+	# no relevant devices - quit immediately
+	exit
+fi
+
+for d in $devs; do
+	if [ -f /sys/class/net/$d/dev_id ]; then
+		oldstyle=n
+		break
+	fi
+done
+
+if [ "x$oldstyle" == "xn" ]; then
+	for d in $ibdevs; do
+		ibrsc=$(cat /sys/class/infiniband/$d/device/resource)
+		eths=$(ls /sys/class/net/)
+		for eth in $eths; do
+			filepath_resource=/sys/class/net/$eth/device/resource
+
+			if [ -f $filepath_resource ]; then
+				ethrsc=$(cat $filepath_resource)
+				if [ "x$ethrsc" == "x$ibrsc" ]; then
+					filepath_devid=/sys/class/net/$eth/dev_id
+					filepath_devport=/sys/class/net/$eth/dev_port
+					if [ -f $filepath_devid ]; then
+						port1=0
+						if [ -f $filepath_devport ]; then
+							port1=$(cat $filepath_devport)
+							port1=$(printf "%d" $port1)
+						fi
+
+						port=$(cat $filepath_devid)
+						port=$(printf "%d" $port)
+						if [ $port1 -gt $port ]; then
+							port=$port1
+						fi
+
+						port=$(( port + 1 ))
+
+						filepath_carrier=/sys/class/net/$eth/carrier
+
+						if [ -f $filepath_carrier ]; then
+							link_state=$(cat $filepath_carrier 2> /dev/null)
+        	                                        if (( link_state == 1 )); then
+                	                                        link_state="Up"
+                        	                        else
+                                	                        link_state="Down"
+                                        	        fi
+						else
+							link_state="NA"
+						fi
+
+						x=$(find_pdev $d)
+						if [ "$1" == "-v" ]; then
+							filepath_portstate=/sys/class/infiniband/$d/ports/$port/state
+							filepath_deviceid=/sys/class/infiniband/$d/device/device
+							filepath_fwver=/sys/class/infiniband/$d/fw_ver
+							filepath_vpd=/sys/class/infiniband/$d/device/vpd
+
+							# read port state
+							if [ -f $filepath_portstate ]; then
+								ibstate=$(printf "%-6s" $(cat $filepath_portstate | gawk '{print $2}'))
+							else
+								ibstate="NA"
+							fi
+
+							# read device
+							if [ -f $filepath_deviceid ]; then
+								devid=$(printf "MT%d" $(cat $filepath_deviceid))
+							else
+								devid="NA"
+							fi
+
+							# read FW version
+							if [ -f $filepath_fwver ]; then
+								fwver=$(cat $filepath_fwver)
+							else
+								fwver="NA"
+							fi
+
+							# read device description and part ID from the VPD
+							if [ -f $filepath_vpd ]; then
+								tmp=$IFS
+								IFS=":"
+								vpd_content=`cat $filepath_vpd`
+								devdesc=$(printf "%-15s" $(echo $vpd_content | strings | head -1))
+								partid=$(printf "%-11s" $(echo $vpd_content | strings | head -4 | tail -1 | gawk '{print $1}'))
+								IFS=$tmp
+							else
+								devdesc=""
+								partid="NA"
+							fi
+							#echo "$x $d ($devid - $partid) $devdesc fw $fwver port $port ($ibstate) ==> $eth ($link_state)"
+							echo -n "$eth"
+						else
+							echo -n "$eth"
+							#echo "$d port $port ==> $eth ($link_state)"
+						fi
+					fi
+				fi
+			fi
+		done
+	done
+else
+##########################
+### old style
+##########################
+
+function print_line()
+{
+	echo -n "$eth"
+#	echo "$1 port $2 <===> $3"
+
+}
+
+function find_guid()
+{
+	ibdevs=$(ls /sys/class/infiniband/)
+	for ibdev in $ibdevs; do
+		ports=$(ls /sys/class/infiniband/$ibdev/ports/)
+		for port in $ports; do
+			gids=$(ls /sys/class/infiniband/$ibdev/ports/$port/gids)
+			for gid in $gids; do
+				pguid=$(cat /sys/class/infiniband/$ibdev/ports/$port/gids/$gid | cut -b 21- | sed -e 's/://g')
+				if [ x$pguid == x$1 ]; then
+					print_line $ibdev $port $2
+				fi
+			done
+		done
+	done
+}
+
+function find_mac()
+{
+	ibdevs=$(ls /sys/class/infiniband/)
+	for ibdev in $ibdevs; do
+		ports=$(ls /sys/class/infiniband/$ibdev/ports/)
+		for port in $ports; do
+			gids=$(ls /sys/class/infiniband/$ibdev/ports/$port/gids)
+			for gid in $gids; do
+				first=$(cat /sys/class/infiniband/$ibdev/ports/$port/gids/$gid | cut -b 21-22)
+				first=$(( first ^ 2 ))
+				first=$(printf "%02x" $first)
+				second=$(cat /sys/class/infiniband/$ibdev/ports/$port/gids/$gid | cut -b 21- | sed -e 's/://g' | cut -b 3-6)
+				third=$(cat /sys/class/infiniband/$ibdev/ports/$port/gids/$gid | cut -b 21- | sed -e 's/://g' | cut -b 11-)
+				pmac=$first$second$third
+				if [ x$pmac == x$1 ]; then
+					print_line $ibdev $port $2
+				fi
+			done
+		done
+	done
+}
+
+ifcs=$(ifconfig -a | egrep '^eth|^ib' | gawk '{print $1}')
+
+for ifc in $ifcs; do
+	len=$(cat /sys/class/net/$ifc/addr_len)
+	if (( len == 20 )); then
+		guid=$(cat /sys/class/net/$ifc/address | cut -b 37- | sed -e 's/://g')
+		find_guid $guid $ifc
+	elif (( len == 6)); then
+		mac=$(cat /sys/class/net/$ifc/address | sed -e 's/://g')	
+		find_mac $mac $ifc
+	fi
+done
+fi
+

roles/lustre-client/tasks/main.yml

@@ -9,44 +9,64 @@
 
 #- name: install rpms
 #  yum: name="/tmp/{{ item }}"
-#  sudo: true
+#  become: true
 #  with_items: "{{ lustre_pkgs }}"
 
 - name: install rpms
-  yum: name=/tmp/lustre-client-modules-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
-  sudo: true
+  yum:  name=/tmp/lustre-client-modules-2.7.65-3.10.0_327.4.4.el7.x86_64_gab38c3a.x86_64.rpm
+  become: true
   when: ansible_os_family == "RedHat"
 
 - name: install rpms
-  yum: name=/tmp/lustre-client-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
-  sudo: true
+  yum:  name=/tmp/lustre-client-2.7.65-3.10.0_327.4.4.el7.x86_64_gab38c3a.x86_64.rpm
+  become: true
+  when: ansible_os_family == "RedHat"
+
+- name: install e2fsprogs
+  yum:
+    name: e2fsprogs
+    state: present
+  become: true
   when: ansible_os_family == "RedHat"
 
 # instructions to build these debs:
+# instructions based on this https://linuxsysadm.wordpress.com/2014/10/10/lustre-2-6-on-debian-wheezy-clients/
 # Instantiate an Ubuntu 14.04 instance
 # git clone git://git.hpdd.intel.com/fs/lustre-release.git
 # cd lustre-release
 # optionally git checkout 0754bc8f2623bea184111af216f7567608db35b6 <- I know this commit works on Ubuntu, but I had a lot of trouble with other branches
 # sh autogen.sh
-# ./configure --enable-dist --disable-doc  --disable-server --disable-dependency-tracking --with-o2ib=/var/lib/dkms/mlnx-ofed-kernel/3.1/build/
+# ./configure --enable-dist --disable-doc  --disable-server --disable-dependency-tracking --with-o2ib=/var/lib/dkms/mlnx-ofed-kernel/3.1/build/ <- if you didn't checkout the commit above you may also need to --disable-manpages or similar
+# make dist
 # mkdir BUILD
 # cd BUILD
 # ln -s ../lustre-2.7.62.tar.gz lustre-2.7.62.orig.tar.gz
 # tar zxvf ../lustre-2.7.62.tar.gz
 # cd lustre-2.7.62
 # ./configure --disable-doc  --disable-server --disable-dependency-tracking --with-o2ib=/var/lib/dkms/mlnx-ofed-kernel/3.1/build/
-# vi debian/changelog (the version number on the first line is incorrect)
+# vi debian/changelog (the version number on the first line is incorrect) instead of 2.7.50-1 it should be 2.7.62 .... this may not be true depending on what commit you checked out
 # make debs
 #
-- name: install debs
-  apt: name="/tmp/{{ item }}"
-  sudo: true
-  with_items: "{{ lustre_pkgs }}"
+
+
+- name: install  linux-patch-lustre_2.7.62-1_all.deb
+  apt: deb="/tmp/linux-patch-lustre_2.7.62-1_all.deb"
+  become: true
+  when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "14"
+
+- name: install lustre-client-modules-3.13.0-83-generic_2.7.62-1_amd64.deb
+  apt: deb="/tmp/lustre-client-modules-3.13.0-83-generic_2.7.62-1_amd64.deb"
+  become: true
+  when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "14"
+
+- name: install lustre-utils_2.7.62-1_amd64.deb
+  apt: deb="/tmp/lustre-utils_2.7.62-1_amd64.deb"
+  become: true
   when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "14"
 
 - name: "Mount lustre filesystems"
-  mount: name="{{ item.mntpt }}" src="{{ item.servers }}"/"{{ item.src }}" state="mounted" fstype="lustre" opts="_netdev,flock" 
-  sudo: true
+  mount: name="{{ item.mntpt }}" src="{{ item.servers }}"/"{{ item.src }}" state="mounted" fstype="lustre" opts="_netdev,flock"
+  become: true
   with_items: "{{ mntlist }}"
 
 

roles/lustre-client/templates/lustre.conf.j2

+options lnet networks=tcp0({{ MELLANOX_DEVICE_NAME.stdout }})

roles/lustre-client/vars/CentOS_7.yaml

 ---
 lustre_pkgs:
-  - lustre-client-modules-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
-  - lustre-client-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
+  # old rmps for older kernel
+  #- lustre-client-modules-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
+  #- lustre-client-2.7.0-3.10.0_229.14.1.el7.x86_64.x86_64.rpm
+  #simon comment out
+  #-  lustre-client-modules-2.7.0-3.10.0_229.20.1.el7.x86_64.x86_64.rpm
+  #-  lustre-client-2.7.0-3.10.0_229.20.1.el7.x86_64.x86_64.rpm
+  # shahahh mods
+  -  lustre-client-modules-2.7.65-3.10.0_327.4.4.el7.x86_64_gab38c3a.x86_64.rpm
+  -  lustre-client-2.7.65-3.10.0_327.4.4.el7.x86_64_gab38c3a.x86_64.rpm
 

roles/lustre-client/vars/Ubuntu_14.yaml

 ---
 lustre_pkgs:
-  - linux-patch-lustre_2.7.62-1_all.deb
-  - lustre-client-modules-3.13.0-58-generic_2.7.62-1_amd64.deb
+  #
+  - linux-patch-lustre_2.7.62-1_all.deb 
+  - lustre-client-modules-3.13.0-83-generic_2.7.62-1_amd64.deb 
   - lustre-utils_2.7.62-1_amd64.deb
+  #- linux-patch-lustre_2.7.62-1_all.deb
+  #- lustre-client-modules-3.13.0-58-generic_2.7.62-1_amd64.deb
+  #- lustre-utils_2.7.62-1_amd64.deb
+

roles/lustre-symlinks/tasks/main.yml

+---
+- name: Create a directory for the symlink scripts
+  ansible.builtin.file:
+    path: /opt/symlinker/
+    state: directory
+    mode: '0755'
+  become: true
+
+- name: Template project symlink script to /opt/symlinker/symlinker-{{ lustre_storage_type }}.sh
+  ansible.builtin.template:
+    src: symlinker.sh.j2
+    dest: /opt/symlinker/symlinker-{{ lustre_storage_type }}.sh
+    owner: root
+    group: root
+    mode: '0700'
+  vars:
+    lustre_storage_type: "{{ item }}"
+  with_items:
+    "{{ lustre_storage_types }}"
+  become: true
+
+- name: Ensure a job that runs every 15 minutes exists. This updates the symlinks
+  ansible.builtin.cron:
+    name: "Update lustre symlinks {{ item }} (node local)"
+    minute: "*/15"
+    job: "/opt/symlinker/symlinker-{{ item }}.sh"
+    user: root
+  with_items:
+    "{{ lustre_storage_types }}"
+  become: true
+
+- name: run symlinker job manually once
+  shell: "/opt/symlinker/symlinker-{{ item }}.sh"
+  with_items:
+    "{{ lustre_storage_types }}"
+  become: true

roles/lustre-symlinks/templates/symlinker.sh.j2

+#!/bin/bash
+
+originallfs={{ lustre_mount }}
+symlinkdest={{ local_directory_path }}
+
+  # Check that original lustre filesystem is mounted, exit if it isn't
+if [ ! -d $originallfs ]; then
+  echo "Check that the filesystem $originalfs is mounted, exiting...";
+  exit 1
+fi
+
+  # Check that the symlink destination exists, has the correct permissions etc
+if [ ! -d $symlinkdest ]; then
+  echo "Creating $symlinkdest as it does not exist yet";
+  mkdir -p $symlinkdest;
+  chown root:root $symlinkdest;
+  chmod 0755 $symlinkdest;
+fi
+
+  # Iterate over directories inside the original fs, create symlinks if they do _not_ exist
+for sourcepath in `find "$originallfs" -maxdepth 1 -mindepth 1 -type d`; do
+  foldername=`basename "$sourcepath"`;
+  linkpath="$symlinkdest/$foldername";
+  if [ ! -L $linkpath ]; then
+    ln -sT $sourcepath $linkpath;
+  fi
+done

roles/mailchimpLastlogin/README.md

+This role installs the tool from
+
+https://gitlab.erc.monash.edu.au/hpc-team/mclastlogin
+
+It simply updates a mailchimp audience with tags containing data from the last log (/var/log/lastlog)
+
+You need a playbook entry like
+
+- { role: mailchimpLastlogin, python3_bin: /usr/local/python/3.6.2-static/bin/python3, mailchimp_user: na, mailchimp_key: na, mailchimp_list: "Monash HPC Users", mailchimp_datetag: "m3_last_login", mailchimp_numtag: "m3_days_since_active", install_path: /opt/mclastlog, cron_user: root }

roles/mailchimpLastlogin/tasks/main.yml

+- name: create install dir
+  file:
+    name: "{{ item }}"
+    state: directory
+    owner: "{{ cron_user }}"
+  with_items:
+   - "{{ install_path }}"
+  become: true
+  become_user: root
+
+- name: upgrade pip
+  pip:
+    virtualenv: "{{ install_path }}"
+    virtualenv_command: "{{ python3_bin }} -m venv"
+    name: "pip"
+    extra_args: "--upgrade"
+  become: true
+  become_user: "{{ cron_user }}"
+
+- name: install mclastlogin
+  pip:
+    virtualenv: "{{ install_path }}"
+    name: "git+https://gitlab.erc.monash.edu.au/hpc-team/mclastlogin.git"
+    extra_args: "--upgrade"
+  become: true
+  become_user: "{{ cron_user }}"
+
+- name: install config
+  template:
+    src: "{{ item }}.j2"
+    dest: "{{install_path}}/{{ item }}"
+    owner: root
+    mode: "0600"
+  become: true
+  become_user: "{{ cron_user }}"
+  with_items:
+    - mailchimpconfig.yml
+    - ldapconfig.yml
+
+- name: install cronjob
+  cron:
+    cron_file: mclastlogin
+    hour: "1"
+    minute: "0"
+    job: "sleep $[ ( $RANDOM \\% 100 )  + 1 ]s ; {{ install_path}}/bin/mclastlogin --configdir {{ install_path }}"
+    name: "mclastlogin"
+    user: "{{ cron_user }}"
+  become: true
+  become_user: root
+
+

roles/mailchimpLastlogin/templates/ldapconfig.yml.j2

+---
+ldapDomain: {{ ldapBase }}
+user: {{ ldapBindDN }} 
+passwd: {{ ldapBindDNPassword }}
+ldapURI: {{ ldapURI }}
+cafile: {{ ldapCaCertFile }}

roles/mailchimpLastlogin/templates/mailchimpconfig.yml.j2

+---
+  user: {{ mailchimp_user }}
+  key: {{ mailchimp_key }}
+  default_list: {{ mailchimp_list }}
+  default_datetag: {{ mailchimp_datetag }}
+  default_numtag: {{ mailchimp_numtag }} 
+