Upgrade playbooks to Ansible 2.0.

1 files changed, 27 insertions, 89 deletions

diff --git a/ansible.cfg b/ansible.cfg
index 3810727..2de77ef 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -3,105 +3,43 @@
 # ansible will read ~/.ansible.cfg or /etc/ansible/ansible.cfg, whichever it finds first
 
 [defaults]
-
-# location of inventory file, eliminates need to specify -i
-
-#hostfile = ./stage_vms
-
-# location of ansible library, eliminates need to specify --module-path
-
-library = ./lib/modules:/usr/share/ansible
-
-# default module name used in /usr/bin/ansible when -m is not specified
-
-module_name = command
-
-# home directory where temp files are stored on remote systems.  Should
-# almost always contain $HOME or be a directory writeable by all users
-
-remote_tmp = $HOME/.ansible/tmp
-
-# the default pattern for ansible-playbooks ("hosts:")
-
-pattern = *
-
-# the default number of forks (parallelism) to be used.  Usually you
-# can crank this up.
-
-forks = 5
-
-# the timeout used by various connection types.  Usually this corresponds
-# to an SSH timeout
-
-timeout = 10
-
-# when using --poll or "poll:" in an ansible playbook, and not specifying
-# an explicit poll interval, use this interval
-
-poll_interval = 15
-
-# when specifying --sudo to /usr/bin/ansible or "sudo:" in a playbook,
-# and not specifying "--sudo-user" or "sudo_user" respectively, sudo
-# to this user account
-
-sudo = True
-#sudo_user = root
-
-# what flags to pass to sudo
-sudo_flags = -H LC_ALL=C
-
-# the following forces ansible to always ask for the sudo password (instead of having
-# to add -K to the commandline). Or you can use the environment variable (ANSIBLE_ASK_SUDO_PASS)
-
-ask_sudo_pass = True
-
-# the following forces ansible to always ask for the ssh-password (-k)
-# can also be set by the environment variable ANSIBLE_ASK_PASS
-
-#ask_pass = True
-
-# connection to use when -c <connection_type> is not specified
-
-transport = ssh
-
-# remote SSH port to be used when --port or "port:" or an equivalent inventory
-# variable is not specified.
-
-remote_port = 22
-
-# if set, always run /usr/bin/ansible commands as this user, and assume this value
-# if "user:" is not set in a playbook.  If not set, use the current Unix user
-# as the default
-
-#remote_user = root
-
-# if set, always use this private key file for authentication, same as if passing
-# --private-key to ansible or ansible-playbook
-
-#private_key_file=/path/to/file
-
-# format of string $ansible_managed available within Jinja2 templates, replacing
-# {file}, {host} and {uid} with template filename, host and owner respectively.
-# The resulting string is passed through strftime(3) so it may contain any
-# time-formatting specifiers.
-#
-# Example: ansible_managed = DONT TOUCH {file}: call {uid} at {host} for changes
+library        = ./lib/modules:/usr/share/ansible
+remote_tmp     = $HOME/.ansible/tmp
+forks          = 5
+poll_interval  = 15
+transport      = ssh
+remote_port    = 22
+module_lang    = C
+timeout        = 10
+
+# format of string {{ ansible_managed }} available within Jinja2
+# templates indicates to users editing templates files will be replaced.
+# replacing {file}, {host} and {uid} and strftime codes with proper values.
 ansible_managed = Ansible Managed: modified on %Y-%m-%d %H:%M:%S by {uid}@{host}
 
 # additional plugin paths for non-core plugins
-
 action_plugins     = ./lib/action_plugins
 callback_plugins   = ./lib/callback_plugins
 connection_plugins = ./lib/connection_plugins
 lookup_plugins     = ./lib/lookup_plugins
 vars_plugins       = ./lib/vars_plugins
 
-[ssh_connection]
+# retry files
+# When a playbook fails by default a .retry file will be created in ~/
+# You can disable this feature by setting retry_files_enabled to False
+# and you can change the location of the files by setting retry_files_save_path
+retry_files_enabled = False
+#retry_files_save_path = ~/.ansible-retry
+
 
-# if uncommented, sets the ansible ssh arguments to the following.  Leaving off ControlPersist
-# will result in poor performance, so use transport=paramiko on older platforms rather than
-# removing it
+[privilege_escalation]
+become=True
+become_method=sudo
+#become_user=root
+become_ask_pass=True
 
-control_path = /run/shm/ansible-ssh-%%C
+
+[ssh_connection]
+control_path = ~/.ssh/S.ansible-%%C
 ssh_args = -oHashKnownHosts=no -oUserKnownHostsFile=./certs/ssh_known_hosts -oStrictHostKeyChecking=yes -oControlMaster=auto -oControlPersist=60s
 pipelining = True