do_become

2022-10-19 00:16:16 +02:00 · 2022-10-19 00:16:16 +02:00 · 985ae6be37
commit 985ae6be37
parent 0a3ffc4bdd
12 changed files with 45 additions and 45 deletions
--- a/ansible/roles/ironicbadger_ansible-role-proxmox-nag-removal/tasks/remove-nag.yml
+++ b/ansible/roles/ironicbadger_ansible-role-proxmox-nag-removal/tasks/remove-nag.yml
@ -1,7 +1,7 @@
 ---
 # credit: https://johnscs.com/remove-proxmox51-subscription-notice/ & https://github.com/foundObjects/pve-nag-buster
 - name: Modify line in file to remove nag message
-  become: true
+  become: "{{ do_become }}"
  replace:
    path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
    regexp: 'res === null \|\| res === undefined \|\| !res \|\| res[\s\n]*\.data\.status\.toLowerCase\(\) !== .active.'
--- a/ansible/roles/kubernetes/handlers/main.yml
+++ b/ansible/roles/kubernetes/handlers/main.yml
@ -1,5 +1,5 @@
 - name: kube | systemctl restart systemd-modules-load.service
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.service:
    name: "systemd-modules-load.service"
    state: "restarted"
@ -7,7 +7,7 @@
  failed_when: false

 - name: kube | docker options changed
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.service:
    name: "docker.service"
    state: "restarted"
@ -15,13 +15,13 @@
  failed_when: false

 - name: kube | sysctl --system
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.command: sysctl --system
  changed_when: false
  failed_when: false

 - name: kube | boot options changed
-  become: true
+  become: "{{ do_become }}"
  changed_when: false
  failed_when: false
  ansible.builtin.reboot:
--- a/ansible/roles/kubernetes/tasks/controlplane.yml
+++ b/ansible/roles/kubernetes/tasks/controlplane.yml
@ -1,5 +1,5 @@
 - name: Install kubectl
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt:
    name: "{{ item }}={{ kube_apt }}"
    state: present
@ -7,7 +7,7 @@
    - kubectl

 - name: Hold kubectl version
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.dpkg_selections:
    name: "{{ item }}"
    selection: "hold"
--- a/ansible/roles/kubernetes/tasks/node.yml
+++ b/ansible/roles/kubernetes/tasks/node.yml
@ -1,11 +1,11 @@
 - name: Disable SWAP
  when: ansible_memory_mb.swap.total != 0
  register: swap_disable
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.command: swapoff -a

 - name: Remove swapfile from /etc/fstab
-  become: true
+  become: "{{ do_become }}"
  ansible.posix.mount:
    name: "{{ item }}"
    fstype: swap
@ -14,7 +14,7 @@
    - swap

 - name: Add propogation to systemd
-  become: true
+  become: "{{ do_become }}"
  community.general.ini_file:
    path: /lib/systemd/system/docker.service
    section: Service
@ -26,7 +26,7 @@

 - name: Set up kmsg in LXC # https://kevingoos.medium.com/kubernetes-inside-proxmox-lxc-cce5c9927942
  when: inventory_hostname in groups['lxc_guest']
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.copy:
    content: |
      #!/bin/sh -e
@ -63,7 +63,7 @@
    - kube | boot options changed

 - name: Tweak modeprobe entries
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.ini_file:
    option: "{{ item.option }}"
    state: "{{ item.state }}"
@ -78,7 +78,7 @@
    - kube | systemctl restart systemd-modules-load.service

 - name: Tweak sysctl entries
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
@ -117,7 +117,7 @@
    - kube | sysctl --system

 - name: Add Apt signing key for Google and Libcontainers
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt_key:
    url: "{{ item }}"
    state: present
@ -125,7 +125,7 @@
    - https://packages.cloud.google.com/apt/doc/apt-key.gpg

 - name: Add repo for Google and Libcontainers
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt_repository:
    filename: Kubernetes
    repo: "deb {{ item }}"
@ -135,7 +135,7 @@
    - https://apt.kubernetes.io/ kubernetes-xenial main

 - name: Install kubernetes packages
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt:
    name: "{{ item }}={{ kube_apt }}"
    state: present
@ -144,7 +144,7 @@
    - kubeadm

 - name: Hold kubernetes version
-  become: true
+  become: "{{ do_become }}"
  when: ! is_controlplane is defined
  ansible.builtin.dpkg_selections:
    name: "{{ item }}"
--- a/ansible/roles/pi_dnsmasq/tasks/main.yml
+++ b/ansible/roles/pi_dnsmasq/tasks/main.yml
@ -5,7 +5,7 @@

 - name: Set up dnsmasq hosts
  register: dnsmasq_hosts
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.template:
    src: hosts.custom.j2
    group: root
@ -16,7 +16,7 @@
 - name: Set up dnsmasq rules
  when: dnsmasq_setup.stat.isdir is defined and dnsmasq_setup.stat.isdir
  register: dnsmasq
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.template:
    src: 02-custom.conf.j2
    group: root
@ -31,7 +31,7 @@

 - name: Restart PiHole systems
  when: (dnsmasq.changed or dnsmasq_hosts.changed) and pihole_bin.stat.exists
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.command:
    argv:
      - pihole
--- a/ansible/roles/pihole/tasks/configure.yml
+++ b/ansible/roles/pihole/tasks/configure.yml
@ -1,5 +1,5 @@
 - name: Set pihole webpassword
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^WEBPASSWORD="
@ -7,7 +7,7 @@
    create: yes

 - name: Set pihole theme
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^WEBTHEME="
@ -15,7 +15,7 @@
    create: yes

 - name: Set pihole layout
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^WEBUIBOXEDLAYOUT="
@ -23,7 +23,7 @@
    create: yes

 - name: Set pihole listen
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^DNSMASQ_LISTENING="
@ -31,7 +31,7 @@
    create: yes

 - name: Set pihole fqdn forwarding
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^DNS_FQDN_REQUIRED="
@ -39,7 +39,7 @@
    create: yes

 - name: Set pihole reverse lookup
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^DNS_BOGUS_PRIV="
@ -47,7 +47,7 @@
    create: yes

 - name: Set pihole iCloud relay
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.lineinfile:
    path: /etc/pihole/setupVars.conf
    regexp: "^BLOCK_ICLOUD_PR="
--- a/ansible/roles/pihole/tasks/gather.yml
+++ b/ansible/roles/pihole/tasks/gather.yml
@ -1,6 +1,6 @@
 - name: Get dependencies for PiHole
  when: not pihole_setup.stat.exists
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt:
    name:
      [
@ -34,7 +34,7 @@
    state: latest

 - name: Checkout PiHole
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.git:
    repo: "https://github.com/pi-hole/pi-hole.git"
    clone: yes
--- a/ansible/roles/pihole_updatelist/tasks/main.yml
+++ b/ansible/roles/pihole_updatelist/tasks/main.yml
@ -14,7 +14,7 @@
    mode: "0644"
    owner: "root"
    group: "root"
-  become: true
+  become: "{{ do_become }}"

 - name: Check if updatelist is installed
  ansible.builtin.stat:
@ -23,7 +23,7 @@

 - name: Activate changes
  when: updatelist_exec.stat.exists
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.command:
    argv:
      - pihole-updatelists
--- a/ansible/roles/zfs/tasks/install.yml
+++ b/ansible/roles/zfs/tasks/install.yml
@ -1,5 +1,5 @@
 - name: Install packages
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt:
    name: "{{ item }}={{ zfs_ver }}"
    state: present
@ -7,7 +7,7 @@
    - zfsutils-linux

 - name: Hold ZFS version
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.dpkg_selections:
    name: "{{ item }}"
    selection: "hold"
--- a/ansible/roles/zfs/tasks/main.yml
+++ b/ansible/roles/zfs/tasks/main.yml
@ -8,7 +8,7 @@
  include_tasks: install.yml

 - name: Give user passwordless access to ZFS commands
-  become: true
+  become: "{{ do_become }}"
  lineinfile:
    path: /etc/sudoers
    line: "{{ item }} ALL=(ALL) NOPASSWD: /usr/sbin/zfs,/usr/sbin/zpool"
--- a/ansible/run.yml
+++ b/ansible/run.yml
@ -99,7 +99,7 @@
          - github3.py

 - hosts: docker
-  become: true
+  become: "{{ do_become }}"
  tags:
    - docker
  vars_files:
@ -147,7 +147,7 @@
    - "vars/vault.yml"
  tasks:
    - name: Install runtime dependencies
-      become: true
+      become: "{{ do_become }}"
      ansible.builtin.apt:
        name: "{{ item }}"
        state: present
@ -159,12 +159,12 @@
      include_role:
        name: geerlingguy.containerd
        apply:
-          become: true
+          become: "{{ do_become }}"
    - name: Include Docker role
      include_role:
        name: geerlingguy.docker
        apply:
-          become: true
+          become: "{{ do_become }}"
    - name: Include Kubernetes role
      include_role:
        name: kubernetes
@ -177,7 +177,7 @@
      include_role:
        name: geerlingguy.nfs
        apply:
-          become: true
+          become: "{{ do_become }}"

 - hosts: prox
  vars_files:
@ -203,12 +203,12 @@
    - update
  tasks:
    - name: Install packages
-      become: true
+      become: "{{ do_become }}"
      ansible.builtin.apt:
        name: libraspberrypi-bin

    - name: Place PoE fan file
-      become: true
+      become: "{{ do_become }}"
      ansible.builtin.copy:
        content: |
          # Ansible managed
@ -284,7 +284,7 @@
      when: ansible_distribution == 'Ubuntu'

    - name: Place MoTD
-      become: true
+      become: "{{ do_become }}"
      when: ansible_distribution == 'Ubuntu'
      ansible.builtin.copy:
        content: |
@ -303,7 +303,7 @@

    - name: Update PiHole
      when: inventory_hostname in groups['piholes'] and pihole_exec.stat.exists
-      become: true
+      become: "{{ do_become }}"
      ansible.builtin.command:
        argv:
          - pihole
--- a/ansible/tasks/omp.yml
+++ b/ansible/tasks/omp.yml
@ -1,10 +1,10 @@
 - name: Install pip package
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.apt:
    name: python3-pip

 - name: Install github package
-  become: true
+  become: "{{ do_become }}"
  ansible.builtin.pip:
    name: github3.py