Catching up config with known state

roles/IRC/tasks/daemon.yml

@@ -27,6 +27,13 @@
      group: ircd
      mode: 0640
 
+ - name: Add ircd user to ssl
+   become: yes
+   user:
+       name: ircd
+       groups: ssl
+       append: yes
+
  - name: Copy service file
    become: yes
    register: servicesfile

roles/IRC/templates/inspircd/inspircd.conf.j2

@@ -58,7 +58,7 @@
     pingfreq="120"
     port="6697"
     recvq="8192"
-    requiressl="on"
+    requiressl="off"
     resolvehostnames="on"
     softsendq="8192"
     threshold="25"

roles/ShadowArch/tasks/archlinux-network.yml

@@ -9,35 +9,35 @@
 
   - name: Static ArchLinux network config
     become: yes
-    when: static and not tap
+    when: static is defined and not tap is defined
     template:
         src: netctl-static.j2
         dest: "/etc/netctl/{{ ipinterface }}"
 
   - name: Tap ArchLinux network config
     become: yes
-    when: tap and not static
+    when: tap is defined and not static is defined
     template:
-        src: netctl-tap.j2
+        src: netctl-tap is defined.j2
         dest: "/etc/netctl/{{ ipinterface }}"
 
   - name: Bridge ArchLinux network config
     become: yes
-    when: tap and not static
+    when: tap is defined and not static is defined
     template:
         src: netctl-bond.j2
         dest: "/etc/netctl/br0"
 
   - name: Tunnel ArchLinux network config
     become: yes
-    when: tap and not static
+    when: tap is defined and not static is defined
     copy:
         src: netctl-tun
         dest: "/etc/netctl/tun0"
 
   - name: Dynamic ArchLinux network config
     become: yes
-    when: not static and not tap
+    when: not static is defined and not tap is defined
     template:
         src: netctl-dhcp.j2
         dest: "/etc/netctl/{{ ipinterface }}"

roles/ShadowArch/tasks/main.yml

@@ -3,6 +3,33 @@
  # This role installs the basic package and host setup for AniNIX operations.
 
   # This is an AniNIX convention to allow password management by Ansible.
+
+  - name: Test root password
+    ignore_errors: yes
+    register: root_password_test
+    vars:
+      ansible_become_user: "{{ item }}"
+      ansible_become_method: su
+      ansible_become_password: "{{ passwords[inventory_hostname] }}"
+    become: yes
+    command: id
+    loop:
+      - root
+      - "{{ ansible_user_id }}"
+
+  - name: Define passwords
+    ignore_errors: yes
+    vars:
+      ansible_become_user: "root"
+      ansible_become_password: "{{ passwords[inventory_hostname] }}"
+    become: yes
+    when: root_password_test.rc is not defined or root_password_test.rc != 0
+    command:
+      cmd: /bin/bash -l -c "echo '{{item}}:{{ passwords[inventory_hostname] }}' | chpasswd {{ item }}"
+    loop:
+      - root
+      - "{{ ansible_user_id }}"
+
   - name: Base packages
     vars:
       ansible_become_method: su
@@ -54,31 +81,6 @@
       regexp: "includedir /etc/sudoers.d"
       line: "#includedir /etc/sudoers.d"
 
-  - name: Test root password
-    ignore_errors: yes
-    register: root_password_test
-    vars:
-      ansible_become_user: "{{ item }}"
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    command: id
-    loop:
-      - root
-      - "{{ ansible_user_id }}"
-
-  - name: Define passwords
-    vars:
-      ansible_become_user: "root"
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    when: root_password_test.rc is not defined or root_password_test.rc != 0
-    command:
-      cmd: /bin/bash -l -c "echo '{{item}}:{{ passwords[inventory_hostname] }}' | chpasswd {{ item }}"
-    loop:
-      - root
-      - "{{ ansible_user_id }}"
-
   - name: Set up pacman.conf
     vars:
       ansible_become_password: "{{ passwords[inventory_hostname] }}"