Merge latest upstream changes (#45)

* Limit ansible version range in `>=2.10.0,<6` See: roots#1393 * Fix ansible incompatibility with `Failed connection to remote repo` Newer versions of `ansible.builtin.git` puts error message in `msg` instead of `stderr`. * Switch order of PHP operations Stop old process(es) before starting a new one. Fixes roots#1394 Signed-off-by: Rob Record <[email protected]> * Set max journal log file size Fixes roots#1307 * Fix shared folder permissions * chore: Use new `requirements.yml` format * Update CHANGELOG * Remove broken and unused cli import Fixes roots#1393 Importing `cli` from `__main__` no longer works as of ansible 2.13.1 This import is no longer used anyway so the fix is to remove it. * v1.16.0 * regularize indentation in galaxy.yml Co-authored-by: Tang Rufus <[email protected]> Co-authored-by: Scott Walkinshaw <[email protected]> Co-authored-by: Rob Record <[email protected]> Co-authored-by: Lee Hanbury <[email protected]>
pressbooks · Jul 19, 2022 · b6f51c9 · b6f51c9
1 parent 6d9d629
commit b6f51c9
Show file tree

Hide file tree

Showing 9 changed files with 63 additions and 30 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,21 @@
-### HEAD
+### 1.16.0: July 18th, 2022
+* Fix Ansible 6 support - remove broken and unused `cli` import ([#1404](https://github.com/roots/trellis/pull/1404))
+* Fix #1400 - update shared path permission ([#1403](https://github.com/roots/trellis/pull/1403))
+* Update requirements.yml to new format ([#1402](https://github.com/roots/trellis/pull/1402))
+* Set journald max log file size ([#1399](https://github.com/roots/trellis/pull/1399))
+* Stop old php-fpm services before starting new one ([#1395](https://github.com/roots/trellis/pull/1395))
+* Fix ansible incompatibility in git connection error ([#1397](https://github.com/roots/trellis/pull/1397))
+* Update Ansible version requirement ([#1396](https://github.com/roots/trellis/pull/1396))
+
+### 1.15.0: June 8th, 2022
+* Add variables for web and uploads paths ([#1378](https://github.com/roots/trellis/pull/1378))
+* Fix WP is-installed check during deploys for multisite installs ([#1388](https://github.com/roots/trellis/pull/1388))
+* Set `mjs` as `application/javascript` in Nginx confs ([#1383](https://github.com/roots/trellis/pull/1383))
+* Change MariaDB PPA repo ([#1384](https://github.com/roots/trellis/pull/1384))
+* Allow newer Vagrant versions on Linux ([#1382](https://github.com/roots/trellis/pull/1382))
+* Remove redundant `ansible_connection=local` and comments ([#1380](https://github.com/roots/trellis/pull/1380))
+* Update `build-after` deploy hook example for Sage 10 ([#1377](https://github.com/roots/trellis/pull/1377))
+* Update `geerlingguy.ntp` role to `2.3.1` ([#1376](https://github.com/roots/trellis/pull/1376))
 * Add built-in fail2ban filters ([#1375](https://github.com/roots/trellis/pull/1375))
 * Support Ansible >= 2.10 (tested up to 5.4.0) ([#1373](https://github.com/roots/trellis/pull/1373))
 * Remove Python 2 support ([#1361](https://github.com/roots/trellis/pull/1361))

diff --git a/galaxy.yml b/galaxy.yml
@@ -1,22 +1,24 @@
-- name: composer
-  src: geerlingguy.composer
-  version: 1.9.0
+---
+roles:
+  - name: composer
+    src: geerlingguy.composer
+    version: 1.9.0
 
-- name: ntp
-  src: geerlingguy.ntp
-  version: 2.3.1
+  - name: ntp
+    src: geerlingguy.ntp
+    version: 2.3.1
 
-- name: logrotate
-  src: nickhammond.logrotate
-  version: v0.0.5
+  - name: logrotate
+    src: nickhammond.logrotate
+    version: v0.0.5
 
-- name: swapfile
-  src: oefenweb.swapfile
-  version: v2.0.32
+  - name: swapfile
+    src: oefenweb.swapfile
+    version: v2.0.32
 
-- name: mailhog
-  src: geerlingguy.mailhog
-  version: 2.3.0
+  - name: mailhog
+    src: geerlingguy.mailhog
+    version: 2.3.0
 
-- src: geerlingguy.redis
-  version: 1.7.0
+  - src: geerlingguy.redis
+    version: 1.7.0
diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
@@ -3,7 +3,7 @@ apt_package_state: present
 apt_security_package_state: latest
 apt_dev_package_state: latest
 composer_keep_updated: true
-php_version: "7.4"
+php_version: "8.0"
 apt_packages_custom:
   libxml2-utils: "{{ apt_package_state }}"
   default-jdk: "{{ apt_package_state }}"
@@ -22,6 +22,7 @@ ntp_manage_config: true
 www_root: /srv/www
 ip_whitelist:
   - "{{ (env == 'development') | ternary(ansible_default_ipv4.gateway, ipify_public_ip | default('')) }}"
+max_journal_size: 512M
 
 # Values of raw_vars will be wrapped in `{% raw %}` to avoid templating problems if values include `{%` and `{{`.
 # Will recurse dicts/lists. `*` is wildcard for one or more dict keys, list indices, or strings. Example:

diff --git a/lib/trellis/plugins/callback/vars.py b/lib/trellis/plugins/callback/vars.py
@@ -2,12 +2,10 @@
 import sys
 import os
 
-from __main__ import cli
 from ansible.module_utils.six import iteritems
 from ansible.errors import AnsibleError
 from ansible.parsing.yaml.objects import AnsibleMapping, AnsibleSequence, AnsibleUnicode
 from ansible.playbook.play_context import PlayContext
-from ansible.playbook.task import Task
 from ansible.plugins.callback import CallbackBase
 from ansible.template import Templar
 from ansible.utils.unsafe_proxy import wrap_var

diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
@@ -12,4 +12,9 @@
     name: php{{ php_version }}-fpm
     state: reloaded
 
+- name: restart journald
+  service:
+    name: systemd-journald
+    state: restarted
+
 - import_tasks: reload_nginx.yml
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
@@ -183,3 +183,13 @@
     - name: Fail when unable to retrieve SSH client IP
       fail:
         msg: "External IP resolution failed. Check that your DNS servers are working. Try to disable DNSCrypt if you are using it."
+
+- name: Restrict journal log size
+  lineinfile:
+    backup: yes
+    dest: /etc/systemd/journald.conf
+    insertafter: "^[Journal]"
+    line: "SystemMaxUse={{ max_journal_size }}"
+    regexp: "^#?(SystemMaxUse=.*?)$"
+    state: present
+  notify: restart journald
diff --git a/roles/deploy/tasks/share.yml b/roles/deploy/tasks/share.yml
@@ -40,7 +40,7 @@
 - name: Ensure parent directories for shared paths are present
   file:
     path: "{{ deploy_helper.new_release_path }}/{{ item.path | dirname }}"
-    mode: '0777'
+    mode: '0755'
     state: directory
   with_items: "{{ project.project_shared_children | default(project_shared_children) }}"
 

diff --git a/roles/deploy/tasks/update.yml b/roles/deploy/tasks/update.yml
@@ -41,7 +41,7 @@
       > https://roots.io/trellis/docs/ssh-keys/#cloning-remote-repo-using-ssh-agent-forwarding
 
       Error:
-      {{ git_clone.stderr }}
+      {{ git_clone.msg | default(git_clone.stderr) }}
   when: git_clone is failed
 
 - name: Remove untracked files from project folder

diff --git a/roles/php/tasks/main.yml b/roles/php/tasks/main.yml
@@ -16,13 +16,7 @@
   community.general.alternatives:
     name: php
     path: /usr/bin/php{{ php_version }}
-
-- name: Start php fpm service
-  service:
-    name: "php{{ php_version }}-fpm"
-    state: started
-    enabled: true
-
+
 - name: Find existing php fpm services
   find:
     paths: /etc/init.d
@@ -40,6 +34,12 @@
     label: "{{ item.path | basename }}"
   notify: reload php-fpm
 
+- name: Start php fpm service
+  service:
+    name: "php{{ php_version }}-fpm"
+    state: started
+    enabled: true
+
 - name: Copy PHP-FPM configuration file
   template:
     src: php-fpm.ini.j2