wordpress-nginx-rhel7 linted and updated

wordpress-nginx/roles/mysql/tasks/main.yml → wordpress-nginx_rhel6/roles/mysql/tasks/main.yml

@@ -2,10 +2,10 @@
 - name: Install Mysql package
   yum: name={{ item }} state=present
   with_items:
-   - mysql-server
-   - MySQL-python
-   - libselinux-python
-   - libsemanage-python
+    - mysql-server
+    - MySQL-python
+    - libselinux-python
+    - libsemanage-python
 
 - name: Configure SELinux to start mysql on any port
   seboolean: name=mysql_connect_any state=true persistent=yes
@@ -14,7 +14,7 @@
 - name: Create Mysql configuration file
   template: src=my.cnf.j2 dest=/etc/my.cnf
   notify:
-  - restart mysql
+    - restart mysql
 
 - name: Start Mysql Service
   service: name=mysqld state=started enabled=yes

wordpress-nginx/roles/wordpress/tasks/main.yml → wordpress-nginx_rhel6/roles/wordpress/tasks/main.yml

@@ -1,7 +1,6 @@
 ---
 - name: Download WordPress
-  get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz
-           sha256sum="{{ wp_sha256sum }}"
+  get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz sha256sum="{{ wp_sha256sum }}"
 
 - name: Extract archive
   unarchive:
@@ -18,8 +17,8 @@
 - name: Fetch random salts for WordPress config
   get_url:
     url: https://api.wordpress.org/secret-key/1.1/salt/
-  register: "wp_salt"
-  become: no
+  register: wp_salt
+  become: false
   become_method: sudo
   changed_when: true
   delegate_to: localhost

wordpress-nginx_rhel7/roles/common/files/nginx.repo

@@ -1,7 +1,15 @@
-[nginx]
-name=Nginx repo - $basearch
-baseurl=http://nginx.org/packages/centos/7/$basearch
-failovermethod=priority
+[nginx-stable]
+name=nginx stable repo
+baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
 gpgcheck=1
 enabled=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NGINX
+gpgkey=https://nginx.org/keys/nginx_signing.key
+module_hotfixes=true
+
+[nginx-mainline]
+name=nginx mainline repo
+baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
+gpgcheck=1
+enabled=0
+gpgkey=https://nginx.org/keys/nginx_signing.key
+module_hotfixes=true

wordpress-nginx_rhel7/roles/common/tasks/main.yml

@@ -1,24 +1,44 @@
 ---
 - name: Copy the NGINX repository definition
-  copy: src=nginx.repo dest=/etc/yum.repos.d/
+  ansible.builtin.copy:
+    src: nginx.repo
+    dest: /etc/yum.repos.d/
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
 
-- name: Copy the EPEL repository definition
-  copy: src=epel.repo dest=/etc/yum.repos.d/
+- name: Install the EPEL repository definition
+  ansible.builtin.yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
+    state: present
 
-- name: Copy the REMI repository definition
-  copy: src=remi.repo dest=/etc/yum.repos.d/
+- name: Install the REMI repository definition
+  ansible.builtin.yum:
+    name: https://rpms.remirepo.net/enterprise/remi-release-7.rpm
+    state: present
 
 - name: Create the GPG key for NGINX
-  copy: src=RPM-GPG-KEY-NGINX dest=/etc/pki/rpm-gpg
+  ansible.builtin.rpm_key:
+    state: present
+    key: https://nginx.org/keys/nginx_signing.key
 
-- name: Create the GPG key for EPEL
-  copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg
+- name: Create the GPG key for EPEL 7
+  ansible.builtin.rpm_key:
+    state: present
+    key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+
+- name: Create the GPG key for Remi Repo EL 7
+  ansible.builtin.rpm_key:
+    state: present
+    key: https://rpms.remirepo.net/enterprise/7/RPM-GPG-KEY-remi
 
-- name: Create the GPG key for REMI
-  copy: src=RPM-GPG-KEY-remi dest=/etc/pki/rpm-gpg
-
 - name: Install Firewalld
-  yum: name=firewalld state=present
+  ansible.builtin.yum:
+    name: firewalld
+    state: present
 
 - name: Firewalld service state
-  service: name=firewalld state=started enabled=yes
+  ansible.builtin.service:
+    name: firewalld
+    state: started
+    enabled: true

wordpress-nginx_rhel7/roles/mariadb/handlers/main.yml

@@ -1,5 +1,8 @@
 ---
 # Handler to handle DB tier notifications
 
-- name: restart mariadb
-  service: name=mariadb state=restarted
+- name: Restart mariadb
+  ansible.builtin.service:
+    name: mariadb
+    state: restarted
+  listen: restart mariadb

wordpress-nginx_rhel7/roles/mariadb/tasks/main.yml

@@ -1,28 +1,49 @@
 ---
 # This playbook will install MariaDB and create db user and give permissions.
-
 - name: Install MariaDB package
-  yum: name={{ item }} state=installed
-  with_items:
-   - mariadb-server
-   - MySQL-python
-   - libselinux-python
-   - libsemanage-python
+  ansible.builtin.yum:
+    name: "{{ mariadb_packages }}"
+    state: installed
+  vars:
+    mariadb_packages:
+      - mariadb-server
+      - MySQL-python
+      - libselinux-python
+      - libsemanage-python
 
 - name: Configure SELinux to start mysql on any port
-  seboolean: name=mysql_connect_any state=true persistent=yes
+  ansible.posix.seboolean:
+    name: mysql_connect_any
+    state: true
+    persistent: true
 
 - name: Create Mysql configuration file
-  template: src=my.cnf.j2 dest=/etc/my.cnf
+  ansible.builtin.template:
+    src: my.cnf.j2
+    dest: /etc/my.cnf
+    owner: root
+    group: mysql
+    mode: u=rw,g=r,o=r
   notify:
-  - restart mariadb
+    - restart mariadb
 
 - name: Create MariaDB log file
-  file: path=/var/log/mysqld.log state=touch owner=mysql group=mysql mode=0775
+  ansible.builtin.file:
+    path: /var/log/mysqld.log
+    state: touch
+    owner: mysql
+    group: mysql
+    mode: u=rwx,g=rwx,o=rx
 
 - name: Start MariaDB Service
-  service: name=mariadb state=started enabled=yes
+  ansible.builtin.service:
+    name: mariadb
+    state: started
+    enabled: true
 
-- name: insert firewalld rule
-  firewalld: port={{ mysql_port }}/tcp permanent=true state=enabled immediate=yes
-  ignore_errors: yes
+- name: Insert firewalld rule
+  ansible.posix.firewalld:
+    port: "{{ mysql_port }}/tcp "
+    permanent: true
+    state: enabled
+    immediate: true

wordpress-nginx_rhel7/roles/nginx/handlers/main.yml

@@ -1,3 +1,7 @@
 ---
-- name: restart nginx
-  service: name=nginx state=restarted enabled=yes
+- name: Restart nginx
+  ansible.builtin.service:
+    name: nginx
+    state: restarted
+    enabled: true
+  listen: restart nginx