From 211103887979c346201cbb7eadbf9c6880f5eadd Mon Sep 17 00:00:00 2001
From: Aaron Guise <aaron.guise@ultrafast.co.nz>
Date: Thu, 17 Nov 2016 13:41:44 +1300
Subject: [PATCH] Refactored to individual files by function

---
 tasks/RedHat.yml        | 166 ++++------------------------------------
 tasks/communication.yml |  34 ++++++++
 tasks/motd.yml          |  19 +++++
 tasks/networking.yml    |  72 +++++++++++++++++
 4 files changed, 142 insertions(+), 149 deletions(-)
 create mode 100644 tasks/communication.yml
 create mode 100644 tasks/motd.yml
 create mode 100644 tasks/networking.yml

diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml
index e088722..7d46845 100644
--- a/tasks/RedHat.yml
+++ b/tasks/RedHat.yml
@@ -1,164 +1,28 @@
 ---
 # tasks file for common role
-   
-- name: Create admin group
-  group: name={{ADMIN_GROUP}} state=present
-  
-- name: Ensure common packages
-  yum: 
-    name: "{{item}}"
-    state: present
-    enablerepo: epel
-  with_items: 
-    - libselinux-python
-    - MySQL-python
-    - ntp
-    - nano
-    - git
-    - htop
-    - atop
-    - wget
-    - bind-utils
-    - yum-utils
-    - unzip
-  tags: packages
-    
+
 - name: Ensure SELinux status
   selinux:
     state: disabled
   tags: security
-    
-- name: Ensure DNS and SSH common config
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    mode: "{{ item.mode }}"
-    backup: yes
-  with_items:
-    - { src: etc.sysconfig.network.j2,
-        dest: /etc/sysconfig/network,
-        mode: u+rw,a+r
-      }
-    - { src: etc.resolv.conf.j2,
-        dest: /etc/resolv.conf,
-        mode: u+rw,a+r
-      }
-    - { src: sshd_config.j2,
-        dest: /etc/ssh/sshd_config,
-        mode: u+rw,a+r
-      }
-  notify:
-    - Restart SSH
-  tags: dns
 
-- name: Ensure NetworkManager does not fiddle DNS
-  ini_file:
-    dest: /etc/NetworkManager/NetworkManager.conf
-    section: "main"
-    option: "dns"
-    value: "none"
-    backup: yes
-  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7")
-  notify:
-    - restart NetworkManager
-  
-- name: Ensure hosts file correct
-  lineinfile:
-    dest: /etc/hosts
-    regexp: "{{ item.regexp }}"
-    line: "{{ item.line }}"
-    backrefs: yes
-    backup: yes
-  with_items:
-    - {regexp: "^127.0.0.1.+localdomain4$",
-         line: "127.0.0.1   localhost {{ inventory_hostname }}"
-      }
-    - {regexp: "^::1.+localdomain6$",
-         line: "::1         localhost {{ inventory_hostname }}"
-      }
-    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_default_ipv4.address.split('.')[-1] }}$",
-         line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
-      }
-    - {regexp: "^127.0.0.1.+{{ ansible_nodename.split('.')[0] }}$",
-       line: "127.0.0.1   localhost {{ inventory_hostname }}"
-      }
-    - {regexp: "^::1.+{{ ansible_nodename.split('.')[0] }}$",
-       line: "::1         localhost {{ inventory_hostname }}"
-      }
-    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_nodename.split('.')[0] }}$",
-       line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
-      }         
-      
-- name: Ensure correct permissions (hosts/resolv.conf)
-  file:
-    path: "{{item}}"
-    state: touch
-    mode: u+rw,g+r,a+r
-  with_items: 
-    - /etc/resolv.conf
-    - /etc/hosts
-  changed_when: false
-  tags: dns
-  
-- name: Configure yum
+- name: Create admin group
+  group: name={{ADMIN_GROUP}} state=present
+
+- name: Configure yum limit
   lineinfile:
     dest: /etc/yum.conf
     regexp: "installonly_limit="
     line: "installonly_limit=2"
   tags: packages
-  
-- name: Apply postfix configuration
-  lineinfile: 
-    dest: "{{item.dest}}"
-    regexp: "{{item.regexp}}"
-    line: "{{item.line}}"
-    insertafter: EOF
-  notify: Restart Postfix
-  with_items:
-    - { dest: /etc/postfix/main.cf,
-        regexp: "inet_protocols =",
-        line: "inet_protocols = ipv4"
-      }
-    - { dest: /etc/postfix/main.cf,
-        regexp: "inet_interfaces =",
-        line: "inet_interfaces = all"
-      }
-    - { dest: /etc/postfix/main.cf,
-        regexp: "relayhost =",
-        line: "relayhost = {{ relayhost }}"
-      }
-      
-- name: Ensure Postfix is Started/Enabled
-  service:
-    name: postfix
-    state: started
-    enabled: yes
 
-- name: Ensure root forwarding address is set
-  lineinfile:
-    dest: ~/.forward
-    regexp: "{{ root_email }}"
-    line: "{{ root_email }}"
-    create: yes
-    
-- name: Ensure Dynamic MOTD Script is in place
-  copy:
-    src: dynmotd
-    dest: /usr/local/bin/dynmotd
-    mode: a+x
-
-- name: Remove Dynamic MOTD in profile
-  lineinfile:
-    dest: /etc/profile
-    regexp: "^/usr/local/bin/dynmotd"
-    state: absent
-    
-- name: Configure Dynamic MOTD in profile.d
-  lineinfile:
-    dest: /etc/profile.d/motd.sh
-    regexp: "^/usr/local/bin/dynmotd"
-    line: "/usr/local/bin/dynmotd"
-    create: yes
+- name: Ensure common packages
+  yum: 
+    name: "{{item}}"
+    state: present
+    enablerepo: epel
+  with_items: "{{ common_packages }}"
+  tags: packages
     
 - name: Ensure Hostname is set
   hostname: 
@@ -168,4 +32,8 @@
   user: 
     name: root 
     password: "{{ root_pwd }}"
-  changed_when: false
\ No newline at end of file
+  changed_when: false
+
+include: communication.yml
+include: networking.yml
+include: motd.yml
\ No newline at end of file
diff --git a/tasks/communication.yml b/tasks/communication.yml
new file mode 100644
index 0000000..6bb68a9
--- /dev/null
+++ b/tasks/communication.yml
@@ -0,0 +1,34 @@
+---
+- name: Apply postfix configuration
+  lineinfile:
+    dest: "{{item.dest}}"
+    regexp: "{{item.regexp}}"
+    line: "{{item.line}}"
+    insertafter: EOF
+  notify: Restart Postfix
+  with_items:
+    - { dest: /etc/postfix/main.cf,
+        regexp: "inet_protocols =",
+        line: "inet_protocols = ipv4"
+      }
+    - { dest: /etc/postfix/main.cf,
+        regexp: "inet_interfaces =",
+        line: "inet_interfaces = all"
+      }
+    - { dest: /etc/postfix/main.cf,
+        regexp: "relayhost =",
+        line: "relayhost = {{ relayhost }}"
+      }
+
+- name: Ensure Postfix is Started/Enabled
+  service:
+    name: postfix
+    state: started
+    enabled: yes
+
+- name: Ensure root forwarding address is set
+  lineinfile:
+    dest: ~/.forward
+    regexp: "{{ root_email }}"
+    line: "{{ root_email }}"
+    create: yes
\ No newline at end of file
diff --git a/tasks/motd.yml b/tasks/motd.yml
new file mode 100644
index 0000000..3819221
--- /dev/null
+++ b/tasks/motd.yml
@@ -0,0 +1,19 @@
+---
+- name: Ensure Dynamic MOTD Script is in place
+  copy:
+    src: dynmotd
+    dest: /usr/local/bin/dynmotd
+    mode: a+x
+
+- name: Remove Dynamic MOTD in profile if present
+  lineinfile:
+    dest: /etc/profile
+    regexp: "^/usr/local/bin/dynmotd"
+    state: absent
+
+- name: Configure Dynamic MOTD in profile.d
+  lineinfile:
+    dest: /etc/profile.d/motd.sh
+    regexp: "^/usr/local/bin/dynmotd"
+    line: "/usr/local/bin/dynmotd"
+    create: yes
\ No newline at end of file
diff --git a/tasks/networking.yml b/tasks/networking.yml
new file mode 100644
index 0000000..d43759c
--- /dev/null
+++ b/tasks/networking.yml
@@ -0,0 +1,72 @@
+---
+- name: Ensure DNS and SSH common config
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: "{{ item.mode }}"
+    backup: yes
+  with_items:
+    - { src: etc.sysconfig.network.j2,
+        dest: /etc/sysconfig/network,
+        mode: u+rw,a+r
+      }
+    - { src: etc.resolv.conf.j2,
+        dest: /etc/resolv.conf,
+        mode: u+rw,a+r
+      }
+    - { src: sshd_config.j2,
+        dest: /etc/ssh/sshd_config,
+        mode: u+rw,a+r
+      }
+  notify:
+    - Restart SSH
+  tags: dns
+
+- name: Ensure hosts file correct
+  lineinfile:
+    dest: /etc/hosts
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    backrefs: yes
+    backup: yes
+  with_items:
+    - {regexp: "^127.0.0.1.+localdomain4$",
+         line: "127.0.0.1   localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^::1.+localdomain6$",
+         line: "::1         localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_default_ipv4.address.split('.')[-1] }}$",
+         line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
+      }
+    - {regexp: "^127.0.0.1.+{{ ansible_nodename.split('.')[0] }}$",
+       line: "127.0.0.1   localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^::1.+{{ ansible_nodename.split('.')[0] }}$",
+       line: "::1         localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_nodename.split('.')[0] }}$",
+       line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
+      }
+
+- name: Ensure NetworkManager does not fiddle DNS
+  ini_file:
+    dest: /etc/NetworkManager/NetworkManager.conf
+    section: "main"
+    option: "dns"
+    value: "none"
+    backup: yes
+  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7")
+  notify:
+    - restart NetworkManager
+
+- name: Ensure correct permissions (hosts/resolv.conf)
+  file:
+    path: "{{item}}"
+    state: touch
+    mode: u+rw,g+r,a+r
+  with_items:
+    - /etc/resolv.conf
+    - /etc/hosts
+  changed_when: false
+  tags: dns
\ No newline at end of file