Newer
Older
---
- hosts: all
tasks:
- name: Update APT sources
raw: DEBIAN_FRONTEND=noninteractive apt-get update
changed_when: False
- name: APT install Python
raw: DEBIAN_FRONTEND=noninteractive apt-get install -qy python2.7 python
register: debian_bootstrap_install_python
changed_when: "'Unpacking' in debian_bootstrap_install_python.stdout"
- name: APT install
apt:
name: ['nginx-light', 'collectd-core', 'openssl']
state: present
- name: Collectd facts
collectd_facts:
register: collectd_facts
- name: Debug
debug:
var: collectd_facts
verbosity: 2
- name: Assertions
assert:
that:
- collectd_facts is defined
- collectd_facts.changed == False
- collectd is defined
- major in collectd
- collectd.major is number
- name: Nginx facts
nginx_facts:
register: nginx_facts
- name: Debug
debug:
var: nginx_facts
verbosity: 2
- name: Assertions
assert:
that:
- nginx_facts is defined
- version in nginx_facts
- major in nginx_facts
- nginx_facts.major is number
- nginx_facts.changed == False
- name: DH params for missing file
ignore_errors: True
dhparams:
path: /etc/ssl/dhparams.pem
register: missing_dhparams
- name: Debug
debug:
var: missing_dhparams
verbosity: 2
- name: Assertions
assert:
that:
- missing_dhparams is defined
- bits in missing_dhparams
- missing_dhparams.bits == 0
- failed in missing_dhparams
- missing_dhparams.failed == True
- path in missing_dhparams
- missing_dhparams.path == '/etc/ssl/dhparams.pem'
- name: Generate DH params
command: openssl dhparam -out /etc/ssl/dhparams.pem 2048
changed_when: True
- name: DH params for existing file
dhparams:
path: /etc/ssl/dhparams.pem
register: existing_dhparams
- name: Debug
debug:
var: existing_dhparams
verbosity: 2
- name: Assertions
assert:
that:
- existing_dhparams is defined
- bits in existing_dhparams
- existing_dhparams.bits == 2048
- failed in existing_dhparams
- existing_dhparams.failed == False
- path in existing_dhparams
- existing_dhparams.path == '/etc/ssl/dhparams.pem'