From 7a433ded5916579474ad4e39d15e494b0627f4e9 Mon Sep 17 00:00:00 2001
From: Francis Kayiwa <fkayiwa@princeton.edu>
Date: Fri, 1 Nov 2024 13:04:05 -0400
Subject: [PATCH] nodejs role needs common

---
 roles/nodejs/meta/main.yml                    |  2 ++
 roles/passenger/tasks/main.yml                | 31 ++++++++++---------
 roles/pulmap/meta/main.yml                    |  2 +-
 roles/pulmap/molecule/default/molecule.yml    | 14 +++++++--
 roles/redis/tasks/main.yml                    |  4 ---
 roles/sidekiq_worker/meta/main.yml            |  3 +-
 .../molecule/default/molecule.yml             | 14 +++++++--
 roles/sneakers_worker/tasks/main.yml          |  8 ++---
 8 files changed, 46 insertions(+), 32 deletions(-)

diff --git a/roles/nodejs/meta/main.yml b/roles/nodejs/meta/main.yml
index 3a416a65e1..07ed0d2a86 100644
--- a/roles/nodejs/meta/main.yml
+++ b/roles/nodejs/meta/main.yml
@@ -13,3 +13,5 @@ galaxy_info:
     - name: Ubuntu
       versions:
         - bionic
+dependencies:
+  - role: common
diff --git a/roles/passenger/tasks/main.yml b/roles/passenger/tasks/main.yml
index 4e2cb3a1de..5d7fe38244 100644
--- a/roles/passenger/tasks/main.yml
+++ b/roles/passenger/tasks/main.yml
@@ -1,30 +1,29 @@
 ---
 # Variable setup.
 - name: Phusion | Include OS-specific variables.
-  include_vars: "main.yml"
+  ansible.builtin.include_vars: "main.yml"
 
 - name: Phusion | Define nginx_user.
   ansible.builtin.set_fact:
     nginx_user: "{{ __nginx_user }}"
   when: nginx_user is not defined
 
-# Passenger repository setup.
-- name: Phusion | Add Passenger apt key.
-  ansible.builtin.apt_key:
-    keyserver: keyserver.ubuntu.com
-    id: 561F9B9CAC40B2F7
-    state: present
+# passenger keys
+- name: Phusion | Add Phusion Passenger GPG key
+  ansible.builtin.shell:
+    cmd: curl https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt | gpg --dearmor | tee /etc/apt/trusted.gpg.d/phusion.gpg >/dev/null
+  changed_when: false
 
-- name: Phusion | Add Phusion apt repo.
-  ansible.builtin.apt_repository:
-    repo: 'deb https://oss-binaries.phusionpassenger.com/apt/passenger {{ ansible_distribution_release }} main'
-    state: present
-    filename: passenger
+# Passenger repository setup.
+- name: Phusion | Add Phusion Passenger APT repository
+  ansible.builtin.shell:
+    cmd: echo deb https://oss-binaries.phusionpassenger.com/apt/passenger {{ ansible_distribution_release }} main > /etc/apt/sources.list.d/passenger.list
   changed_when: false
 
 - name: Phusion | Install Nginx and Passenger.
   ansible.builtin.apt:
     name: "{{ nginx_passenger_packages }}"
+    update_cache: true
     state: present
 
 # Nginx and passenger configuration.
@@ -32,7 +31,7 @@
   ansible.builtin.template:
     src: nginx.conf.j2
     dest: /etc/nginx/nginx.conf
-    mode: 0644
+    mode: "0644"
   tags: passenger_config
   notify: 'passenger : restart nginx'
 
@@ -49,7 +48,7 @@
   ansible.builtin.template:
     src: passenger.j2
     dest: /etc/nginx/sites-available/passenger
-    mode: 0644
+    mode: "0644"
   notify: restart nginx
 
 - name: Phusion | Ensure passenger virtual host is enabled.
@@ -62,7 +61,7 @@
   ansible.builtin.file:
     path: /etc/nginx/sites-enabled/default
     state: absent
-    mode: 0644
+    mode: "0644"
   when: nginx_remove_default_vhost
   notify:
     - restart nginx
@@ -71,12 +70,14 @@
   ansible.builtin.file:
     path: /etc/systemd/system/nginx.service.d
     state: directory
+    mode: "0644"
   tags: nginx
 
 - name: Phusion | Restart nginx on crash
   ansible.builtin.copy:
     src: 'systemd_override.conf'
     dest: /etc/systemd/system/nginx.service.d/override.conf
+    mode: "0644"
   tags: nginx
   notify:
     - reload systemd
diff --git a/roles/pulmap/meta/main.yml b/roles/pulmap/meta/main.yml
index 4e30c6517c..9e512076a5 100644
--- a/roles/pulmap/meta/main.yml
+++ b/roles/pulmap/meta/main.yml
@@ -12,7 +12,7 @@ galaxy_info:
   platforms:
     - name: Ubuntu
       versions:
-        - 18.04
+        - bionic
 dependencies:
   - role: "samba"
   - role: "redis"
diff --git a/roles/pulmap/molecule/default/molecule.yml b/roles/pulmap/molecule/default/molecule.yml
index 0e1659c89a..c9d31684a2 100644
--- a/roles/pulmap/molecule/default/molecule.yml
+++ b/roles/pulmap/molecule/default/molecule.yml
@@ -9,14 +9,22 @@ lint: |
   ansible-lint
 platforms:
   - name: instance
-    image: "quay.io/pulibrary/jammy-ansible:latest"
-    command: ""
+    image: "ghcr.io/pulibrary/pul_containers:jammy_multi"
+    command: "/lib/systemd/systemd"
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /run
+      - /run/lock
+    cgroupns_mode: host
     privileged: true
     pre_build_image: true
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp
   log: true
 verifier:
   name: ansible
diff --git a/roles/redis/tasks/main.yml b/roles/redis/tasks/main.yml
index 2f756c9527..84283364f0 100644
--- a/roles/redis/tasks/main.yml
+++ b/roles/redis/tasks/main.yml
@@ -19,10 +19,6 @@
     dest: /etc/apt/sources.list.d/redis.list
     mode: '0644'
 
-- name: Redis | update apt cache
-  ansible.builtin.apt:
-    update_cache: true
-
 - name: Redis | install redis packages
   ansible.builtin.apt:
     name: "{{ redis_packages }}"
diff --git a/roles/sidekiq_worker/meta/main.yml b/roles/sidekiq_worker/meta/main.yml
index ddb5ea324b..9dd785dbbe 100644
--- a/roles/sidekiq_worker/meta/main.yml
+++ b/roles/sidekiq_worker/meta/main.yml
@@ -12,8 +12,7 @@ galaxy_info:
   platforms:
     - name: Ubuntu
       versions:
-        - 16.04
-        - 18.04
+        - bionic
 
 dependencies:
   - role: rails_app
diff --git a/roles/sneakers_worker/molecule/default/molecule.yml b/roles/sneakers_worker/molecule/default/molecule.yml
index 0e1659c89a..c9d31684a2 100644
--- a/roles/sneakers_worker/molecule/default/molecule.yml
+++ b/roles/sneakers_worker/molecule/default/molecule.yml
@@ -9,14 +9,22 @@ lint: |
   ansible-lint
 platforms:
   - name: instance
-    image: "quay.io/pulibrary/jammy-ansible:latest"
-    command: ""
+    image: "ghcr.io/pulibrary/pul_containers:jammy_multi"
+    command: "/lib/systemd/systemd"
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /run
+      - /run/lock
+    cgroupns_mode: host
     privileged: true
     pre_build_image: true
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp
   log: true
 verifier:
   name: ansible
diff --git a/roles/sneakers_worker/tasks/main.yml b/roles/sneakers_worker/tasks/main.yml
index e23926e4ce..513a641fd0 100644
--- a/roles/sneakers_worker/tasks/main.yml
+++ b/roles/sneakers_worker/tasks/main.yml
@@ -1,19 +1,19 @@
 ---
-- name: sneakers_worker | Install startup script for sneakers workers
+- name: Sneakers_worker | Install startup script for sneakers workers
   ansible.builtin.template:
     src: sneakers.service
     dest: "/etc/systemd/system/{{ sneakers_worker_name }}.service"
-    mode: 0644
+    mode: "0644"
   notify: 'restart sneakers worker'
 
-- name: sneakers_worker | Keep workers running
+- name: Sneakers_worker | Keep workers running
   ansible.builtin.service:
     name: "{{ sneakers_worker_name }}"
     enabled: true
     state: started
   when: running_on_server
 
-- name: sneakers_worker Allow deploy user to restart workers
+- name: Sneakers_worker Allow deploy user to restart workers
   ansible.builtin.lineinfile:
     dest: /etc/sudoers
     state: present