From 18ddd445161e1570e60758febbb04684932c6887 Mon Sep 17 00:00:00 2001
From: John Jarvis <john@jarv.org>
Date: Sat, 26 Oct 2013 14:26:37 -0400
Subject: [PATCH] formatting updates, upstart bash wrapper for forum

---
 playbooks/edx-east/edx_continuous_integration.yml      |  43 ++++++++++++++++++++-----------------------
 playbooks/group_vars/all                               |   1 -
 playbooks/roles/common/tasks/main.yml                  |  19 +++++++++----------
 playbooks/roles/discern/tasks/main.yml                 |  14 ++++++++------
 playbooks/roles/edxapp/tasks/main.yml                  |  43 ++++++++++++++++++-------------------------
 playbooks/roles/forum/tasks/main.yml                   |  33 +++++++++++++++++++++------------
 playbooks/roles/forum/templates/forum-supervisor.sh.j2 |   4 ++++
 playbooks/roles/forum/templates/forum.conf.j2          |   1 -
 playbooks/roles/gh_users/tasks/main.yml                |  10 +++-------
 playbooks/roles/mongo/tasks/main.yml                   |  19 ++++++++++---------
 playbooks/roles/nginx/tasks/main.yml                   |  69 +++++++++++++++++++++++++++------------------------------------------
 playbooks/roles/nginx/templates/basic-auth.j2          |   1 -
 playbooks/roles/notifier/tasks/main.yml                | 113 ++++++++++++++++++++++-------------------------------------------------------------------------------------------
 playbooks/roles/ora/tasks/main.yml                     |  15 +++++----------
 playbooks/roles/oraclejdk/tasks/main.yml               |  28 ++++++++--------------------
 playbooks/roles/rabbitmq/tasks/main.yml                |  41 +++++++++++++++++++++++------------------
 playbooks/roles/rbenv/tasks/main.yml                   |  15 +++++----------
 playbooks/roles/supervisor/defaults/main.yml           |   2 +-
 playbooks/roles/supervisor/handlers/main.yml           |   3 +++
 playbooks/roles/supervisor/tasks/main.yml              |  18 ++++++++++++++----
 20 files changed, 201 insertions(+), 291 deletions(-)
 create mode 100644 playbooks/roles/forum/templates/forum-supervisor.sh.j2

diff --git a/playbooks/edx-east/edx_continuous_integration.yml b/playbooks/edx-east/edx_continuous_integration.yml
index 707f72e..74cfd41 100644
--- a/playbooks/edx-east/edx_continuous_integration.yml
+++ b/playbooks/edx-east/edx_continuous_integration.yml
@@ -8,27 +8,24 @@
     openid_workaround: True
   roles:
     - common
-#    - role: nginx
-#      nginx_sites:
-#      - cms
-#      - lms
-#      - lms-preview
-#      - ora
-#      - xqueue
-#      - xserver
-#    - edxlocal
-#    - role: supervisor
-#      supervisor_servers:
-#      - forum
-#      - lms
-#    - mongo
-#    - edxapp
-#    - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
-#    - { role: 'edxapp', celery_worker: True }
-#    - oraclejdk
-#    - elasticsearch
-#    - forum
-#    - { role: "xqueue", update_users: True }
-#    - xserver
-#    - ora
+    - role: nginx
+      nginx_sites:
+      - cms
+      - lms
+      - lms-preview
+      - ora
+      - xqueue
+      - xserver
+    - edxlocal
+    - supervisor
+    - mongo
+    - edxapp
+    - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
+    - { role: 'edxapp', celery_worker: True }
+    - oraclejdk
+    - elasticsearch
+    - forum
+    - { role: "xqueue", update_users: True }
+    - xserver
+    - ora
     - discern
diff --git a/playbooks/group_vars/all b/playbooks/group_vars/all
index 5ca0021..2f99445 100644
--- a/playbooks/group_vars/all
+++ b/playbooks/group_vars/all
@@ -5,7 +5,6 @@
 data_dir: /edx/var
 app_dir: /edx/app
 log_dir: "{{ data_dir }}/log"
-venvs_dir: "{{ app_dir }}/venvs"
 bin_dir: /edx/bin
 cfg_dir: /edx/etc
 
diff --git a/playbooks/roles/common/tasks/main.yml b/playbooks/roles/common/tasks/main.yml
index f06fab3..48f8212 100644
--- a/playbooks/roles/common/tasks/main.yml
+++ b/playbooks/roles/common/tasks/main.yml
@@ -7,30 +7,29 @@
 
 - name: common | Create common directories
   file: >
-    path={{ item }}
-    state=directory
-    owner=root
-    group=root
-    mode=0755
+    path={{ item }} state=directory owner=root
+    group=root mode=0755
   with_items:
     - "{{ data_dir }}"
     - "{{ app_dir }}"
     - "{{ log_dir }}"
-    - "{{ venvs_dir }}"
     - "{{ bin_dir }}"
     - "{{ cfg_dir }}"
 
 - name: common | Install role-independent useful system packages
   # do this before log dir setup; rsyslog package guarantees syslog user present
-  apt: pkg={{','.join(common_debian_pkgs)}} install_recommends=yes state=present update_cache=yes
+  apt: >
+    pkg={{','.join(common_debian_pkgs)}} install_recommends=yes
+    state=present update_cache=yes
 
 - name: common | upload sudo config for key forwarding as root
-  copy: src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward validate='visudo -c -f %s' owner=root group=root mode=0440
+  copy: >
+    src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward
+    validate='visudo -c -f %s' owner=root group=root mode=0440
 
 - name: common | pip install virtualenv
   pip: >
-    name="{{ item }}"
-    state=present
+    name="{{ item }}" state=present
     extra_args="-i {{ PYPI_MIRROR_URL }}"
   with_items: common_pip_pkgs
 
diff --git a/playbooks/roles/discern/tasks/main.yml b/playbooks/roles/discern/tasks/main.yml
index 28b77af..c2851d3 100644
--- a/playbooks/roles/discern/tasks/main.yml
+++ b/playbooks/roles/discern/tasks/main.yml
@@ -26,19 +26,21 @@
   with_items: discern_ease_debian_pkgs
 
 - name: discern | render celery service from template
-  template: src=celery.conf.j2 dest=/etc/init/celery.conf
+  template: >
+    src=celery.conf.j2 dest=/etc/init/celery.conf
+    owner=root group=root
   notify: discern | restart celery
 
 - name: discern | render discern service from template
-  template: src=discern.conf.j2 dest=/etc/init/discern.conf
+  template: >
+    src=discern.conf.j2 dest=/etc/init/discern.conf
+    owner=root group=root
   notify: discern | restart discern
 
 - name: discern | copy sudoers file for discern
   copy: >
-    src=sudoers-discern
-    dest=/etc/sudoers.d/discern
-    mode=0440
-    validate='visudo -cf %s'
+    src=sudoers-discern dest=/etc/sudoers.d/discern
+    mode=0440 validate='visudo -cf %s' owner=root group=root
 
 #Needed if using redis to prevent memory issues
 - name: discern | change memory commit settings -- needed for redis
diff --git a/playbooks/roles/edxapp/tasks/main.yml b/playbooks/roles/edxapp/tasks/main.yml
index 678e98c..02fa4ea 100644
--- a/playbooks/roles/edxapp/tasks/main.yml
+++ b/playbooks/roles/edxapp/tasks/main.yml
@@ -9,33 +9,26 @@
 
 - name: edxapp | create application user
   user: >
-    name="{{ edxapp_user }}"
-    home="{{ edxapp_app_dir }}"
-    createhome=no
-    shell=/bin/false
+    name="{{ edxapp_user }}" home="{{ edxapp_app_dir }}"
+    createhome=no shell=/bin/false
 
 - name: edxapp | create edxapp app dir
   file: >
-    path="{{ item }}"
-    state=directory
-    owner="{{ edxapp_user }}"
-    group="{{ common_web_group }}"
+    path="{{ item }}" state=directory
+    owner="{{ edxapp_user }}" group="{{ common_web_group }}"
   with_items:
     - "{{ edxapp_app_dir }}"
     - "{{ edxapp_venvs_dir }}"
 
 - name: edxapp | create edxapp log dir
   file: >
-    path="{{ edxapp_log_dir }}"
-    state=directory
-    owner="{{ common_log_user }}"
-    group="{{ common_log_user }}"
+    path="{{ edxapp_log_dir }}" state=directory
+    owner="{{ common_log_user }}" group="{{ common_log_user }}"
 
 - name: edxapp | create edxapp writable dirs
   file: >
-    path="{{ item }}"
-    state=directory
-    owner="{{ edxapp_user }}"
+    path="{{ item }}" state=directory
+    owner="{{ edxapp_user }}" group="{{ edxapp_user }}"
   with_items:
     - "{{ edxapp_staticfile_dir }}"
     - "{{ edxapp_theme_dir }}"
@@ -43,10 +36,8 @@
 
 - name: edxapp | create web-writable edxapp data dirs
   file: >
-    path="{{ item }}"
-    state=directory
-    owner="{{ common_web_user }}"
-    group="{{ edxapp_user }}"
+    path="{{ item }}" state=directory
+    owner="{{ common_web_user }}" group="{{ edxapp_user }}"
     mode="0775"
   with_items:
     - "{{ edxapp_course_data_dir }}"
@@ -57,19 +48,21 @@
 
 - name: edxapp | creating edxapp upstart script
   sudo: True
-  template: src=edxapp.conf.j2 dest=/etc/init/edxapp.conf owner=root group=root
+  template: >
+    src=edxapp.conf.j2 dest=/etc/init/edxapp.conf
+    owner=root group=root
   when: "celery_worker is not defined"
 
 - name: edxapp | create edx-workers upstart script
-  template: src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf owner=root group=root
+  template: >
+    src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf
+    owner=root group=root
   when: "celery_worker is defined"
 
 - name: edxapp | create log directories for service variants
   file: >
-    path={{ edxapp_log_dir }}/{{ item }}
-    state=directory
-    owner={{ common_log_user }}
-    group={{ common_log_user }}
+    path={{ edxapp_log_dir }}/{{ item }} state=directory
+    owner={{ common_log_user }} group={{ common_log_user }}
     mode=0750
   with_items:
     - lms
diff --git a/playbooks/roles/forum/tasks/main.yml b/playbooks/roles/forum/tasks/main.yml
index 6121965..ae1adca 100644
--- a/playbooks/roles/forum/tasks/main.yml
+++ b/playbooks/roles/forum/tasks/main.yml
@@ -23,28 +23,37 @@
 
 - name: forum | create application user
   user: >
-    name="{{ forum_user }}"
-    home="{{ forum_app_dir }}"
+    name="{{ forum_user }}" home="{{ forum_app_dir }}"
     createhome=no
     shell=/bin/false
 
 - name: forum | create forum app dir
   file: >
-    path="{{ forum_app_dir }}"
-    state=directory
-    owner="{{ forum_user }}"
-    group="{{ common_web_group }}"
+    path="{{ forum_app_dir }}" state=directory
+    owner="{{ forum_user }}" group="{{ common_web_group }}"
 
 - name: forum | setup the forum env
-  template: src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
-  sudo_user: "{{ forum_user }}"
+  template: >
+    src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
+    owner={{ forum_user }}  group={{ forum_user }}
   notify:
     - forum | restart the forum service
 
+- name: forum | create the supervisor config
+  template: >
+    src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
+    owner={{ common_web_user }} group={{ supervisor_user }}
+  register: forum_supervisor
+
 - include: deploy.yml
 
-- name: forum | create the supervisor config
-  template: src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
-  notify:
-    - forum | restart the forum service
+# Reload supervisor right away when the configuration
+# changes, this happens after deploy.yml tasks so
+# that the application is installed
+
+- name: forum | reload supervisor
+  shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
+  when: forum_supervisor.changed
+
 - include: test.yml
+
diff --git a/playbooks/roles/forum/templates/forum-supervisor.sh.j2 b/playbooks/roles/forum/templates/forum-supervisor.sh.j2
new file mode 100644
index 0000000..529c767
--- /dev/null
+++ b/playbooks/roles/forum/templates/forum-supervisor.sh.j2
@@ -0,0 +1,4 @@
+#!/bin/bash
+source {{ forum_app_dir }}/forum_env
+cd {{ forum_code_dir }}
+{{ forum_rbenv_shims }}/ruby app.rb
diff --git a/playbooks/roles/forum/templates/forum.conf.j2 b/playbooks/roles/forum/templates/forum.conf.j2
index 0865c56..4019efc 100644
--- a/playbooks/roles/forum/templates/forum.conf.j2
+++ b/playbooks/roles/forum/templates/forum.conf.j2
@@ -5,6 +5,5 @@ user={{ common_web_user }}
 startsecs=10
 stdout_logfile={{ supervisor_log_dir }}/%(program_name)-stdout.log
 stderr_logfile={{ supervisor_log_dir }}/%(program_name)-stderr.log
-stderr_logfile_maxbytes=1MB
 killasgroup=true
 stopasgroup=true
diff --git a/playbooks/roles/gh_users/tasks/main.yml b/playbooks/roles/gh_users/tasks/main.yml
index e90f6d5..82e78b1 100644
--- a/playbooks/roles/gh_users/tasks/main.yml
+++ b/playbooks/roles/gh_users/tasks/main.yml
@@ -22,16 +22,12 @@
 - name: gh_users | grant full sudo access to gh group
   copy: >
     content="%adm ALL=(ALL) NOPASSWD:ALL"
-    dest=/etc/sudoers.d/gh
-    owner=root
-    group=root
-    mode=0440
-    validate='visudo -cf %s'
+    dest=/etc/sudoers.d/gh owner=root group=root
+    mode=0440 validate='visudo -cf %s'
 
 - name: gh_users | create github users
   user:
-    name={{ item }}
-    group=gh
+    name={{ item }} group=gh
     shell=/bin/bash
   with_items: gh_users
 
diff --git a/playbooks/roles/mongo/tasks/main.yml b/playbooks/roles/mongo/tasks/main.yml
index d8154b5..612dba2 100644
--- a/playbooks/roles/mongo/tasks/main.yml
+++ b/playbooks/roles/mongo/tasks/main.yml
@@ -3,10 +3,8 @@
 
 - name: mongo | install python pymongo for mongo_user ansible module
   pip: >
-    name=pymongo
-    state=present
-    version=2.6.3
-    extra_args="-i {{ PYPI_MIRROR_URL }}"
+    name=pymongo state=present
+    version=2.6.3 extra_args="-i {{ PYPI_MIRROR_URL }}"
 
 - name: mongo | add the mongodb signing key
   apt_key: >
@@ -22,15 +20,18 @@
 - name: mongo | install mongo server and recommends
   apt: >
     pkg=mongodb-10gen={{ mongo_version }}
-    state=present
-    install_recommends=yes
+    state=present install_recommends=yes
     update_cache=yes
 
-- name: mongo | create mongo data dir
+- name: mongo | create mongo dirs
   file: >
-    path="{{ mongo_data_dir }}"
-    state=directory
+    path="{{ item }}" state=directory
     owner="{{ mongo_user  }}"
+    group="{{ mongo_user }}"
+  with_items:
+    - "{{ mongo_data_dir }}"
+    - "{{ mongo_dbpath }}"
+    - "{{ mongo_app_dir }}"
 
 - name: mongo | stop mongo service
   service: name=mongodb state=stopped
diff --git a/playbooks/roles/nginx/tasks/main.yml b/playbooks/roles/nginx/tasks/main.yml
index f46aa1e..d3fabf2 100644
--- a/playbooks/roles/nginx/tasks/main.yml
+++ b/playbooks/roles/nginx/tasks/main.yml
@@ -4,85 +4,70 @@
 - name: nginx | Install nginx
   apt: pkg=nginx state={{ pkgs.nginx.state }}
   notify: nginx | restart nginx
-  tags:
-  - nginx
-  - install
 
 - name: nginx | Server configuration file
-  copy: src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf owner=root group=root mode=0644
+  copy: >
+    src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf
+    owner=root group=root mode=0644
   when: nginx_conf is defined
   notify: nginx | reload nginx
-  tags:
-  - nginx
-  - install
 
 - name: nginx | Creating common nginx configuration
-  template: src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release owner=root group=root mode=0600
+  template: >
+    src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release
+    owner=root group=root mode=0600
   notify: nginx | reload nginx
-  tags:
-  - nginx
 
 - name: nginx | Creating link for common nginx configuration
-  file: src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release state=link owner=root group=root
+  file: >
+    src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release
+    state=link owner=root group=root
   notify: nginx | reload nginx
-  tags:
-  - nginx
 
 - name: nginx | Copying nginx configs for {{ nginx_sites }}
-  template: src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} owner=root group=root mode=0600
+  template: >
+    src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }}
+    owner=root group=root mode=0600
   notify: nginx | reload nginx
   with_items: nginx_sites
-  tags:
-  - nginx
 
 - name: nginx | Creating nginx config links for {{ nginx_sites }}
-  file: src=/etc/nginx/sites-available/{{ item  }} dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
+  file: >
+    src=/etc/nginx/sites-available/{{ item  }}
+    dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
   notify: nginx | reload nginx
   with_items: nginx_sites
-  tags:
-  - nginx
 
 - name: nginx | Write out default htpasswd file
-  copy: content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd owner=www-data group=www-data mode=0600
-  tags:
-  - nginx
-  - update
+  copy: >
+    content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd
+    owner=www-data group=www-data mode=0600
 
 - name: nginx | Create nginx log file location (just in case)
-  file: path={{log_dir}}/nginx state=directory owner=syslog group=syslog mode=2770 recurse=yes
-  tags:
-  - nginx
-  - logging
-  - update
+  file: >
+    path={{log_dir}}/nginx state=directory
+    owner=syslog group=syslog mode=2770 recurse=yes
 
 # removing default link
 - name: nginx | Removing default nginx config and restart (enabled)
   file: path=/etc/nginx/sites-enabled/default state=absent
   notify: nginx | reload nginx
-  tags:
-  - nginx
-  - update
 
 # Note that nginx logs to /var/log until it reads its configuration, so /etc/logrotate.d/nginx is still good
 
 - name: nginx | Set up nginx access log rotation
-  template: dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2 owner=root group=root mode=644
-  tags:
-  - logging
-  - update
+  template: >
+    dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2
+    owner=root group=root mode=644
 
 - name: nginx | Set up nginx access log rotation
-  template: dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2 owner=root group=root mode=644
-  tags:
-  - logging
-  - update
+  template: >
+    dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2
+    owner=root group=root mode=644
 
 - name: nginx | Removing default nginx config (available)
   file: path=/etc/nginx/sites-available/default state=absent
   notify: nginx | reload nginx
-  tags:
-  - nginx
-  - update
 
 # If tasks that notify restart nginx don't change the state of the remote system
 # their corresponding notifications don't get run.  If nginx has been stopped for
diff --git a/playbooks/roles/nginx/templates/basic-auth.j2 b/playbooks/roles/nginx/templates/basic-auth.j2
index 88d81c6..61ec721 100644
--- a/playbooks/roles/nginx/templates/basic-auth.j2
+++ b/playbooks/roles/nginx/templates/basic-auth.j2
@@ -1,5 +1,4 @@
      auth_basic            "Restricted";
      auth_basic_user_file  /etc/nginx/nginx.htpasswd;
-     root {{ nginx_app_dir }}/main_static;
      index index.html
      proxy_set_header X-Forwarded-Proto https;
diff --git a/playbooks/roles/notifier/tasks/main.yml b/playbooks/roles/notifier/tasks/main.yml
index 7c52d84..76e797b 100644
--- a/playbooks/roles/notifier/tasks/main.yml
+++ b/playbooks/roles/notifier/tasks/main.yml
@@ -2,16 +2,16 @@
 
 #
 # notifier
-# 
+#
 # Overview:
-# 
-# Provides the edX notifier service, a service for sending 
+#
+# Provides the edX notifier service, a service for sending
 # notifications over messaging protocols.
 #
 # Dependencies:
 #
 #   * common
-# 
+#
 # Example play:
 #   roles:
 #   - common
@@ -19,153 +19,84 @@
 #
 - name: notifier | install notifier specific system packages
   apt: pkg={{','.join(notifier_debian_pkgs)}} state=present
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | check if incommon ca is installed
   command: test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt
   register: incommon_present
   ignore_errors: yes
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: common | create incommon ca directory
-  file: 
+  file:
     path="/usr/share/ca-certificates/incommon" mode=2775 state=directory
   when: incommon_present|failed
-  tags:
-  - notifier
-  - install
-  - update
-  - ubuntu
 
 - name: common | retrieve incommon server CA
   shell: curl https://www.incommon.org/cert/repository/InCommonServerCA.txt -o /usr/share/ca-certificates/incommon/InCommonServerCA.crt
   when: incommon_present|failed
-  tags:
-  - notifier
-  - install
-  - update
-  - ubuntu
 
 - name: common | add InCommon ca cert
   lineinfile:
     dest=/etc/ca-certificates.conf
-    regexp='incommon/InCommonServerCA.crt'    
+    regexp='incommon/InCommonServerCA.crt'
     line='incommon/InCommonServerCA.crt'
-  tags:
-  - notifier
-  - install
-  - update
-  - ubuntu
 
 - name: common | update ca certs globally
   shell: update-ca-certificates
-  tags:
-  - notifier
-  - install
-  - update
-  - ubuntu
 
 - name: notifier | create notifier user {{ NOTIFIER_USER }}
-  user: 
-    name={{ NOTIFIER_USER }} state=present shell=/bin/bash 
+  user:
+    name={{ NOTIFIER_USER }} state=present shell=/bin/bash
     home={{ NOTIFIER_HOME }} createhome=yes
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | setup the notifier env
-  template: 
-    src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env 
+  template:
+    src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env
     owner="{{ NOTIFIER_USER }}" group="{{ NOTIFIER_USER }}"
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | drop a bash_profile
   copy: >
-    src=../../common/files/bash_profile 
-    dest={{ NOTIFIER_HOME }}/.bash_profile 
-    owner={{ NOTIFIER_USER }} 
+    src=../../common/files/bash_profile
+    dest={{ NOTIFIER_HOME }}/.bash_profile
+    owner={{ NOTIFIER_USER }}
     group={{ NOTIFIER_USER }}
 
 - name: notifier | ensure .bashrc exists
   shell: touch {{ NOTIFIER_HOME }}/.bashrc
-  sudo: true  
+  sudo: true
   sudo_user: "{{ NOTIFIER_USER }}"
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | add source of notifier_env to .bashrc
   lineinfile:
     dest={{ NOTIFIER_HOME }}/.bashrc
-    regexp='. {{ NOTIFIER_HOME }}/notifier_env'    
+    regexp='. {{ NOTIFIER_HOME }}/notifier_env'
     line='. {{ NOTIFIER_HOME }}/notifier_env'
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | add source venv to .bashrc
   lineinfile:
     dest={{ NOTIFIER_HOME }}/.bashrc
-    regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'    
+    regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
     line='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | create notifier DB directory
   file:
     path="{{ NOTIFIER_DB_DIR }}" mode=2775 state=directory
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | create notifier/bin directory
-  file: 
+  file:
     path="{{ NOTIFIER_HOME }}/bin" mode=2775 state=directory
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: common | create supervisor log directoy
-  file: 
+  file:
     path={{NOTIFIER_SUPERVISOR_LOG_DEST }} mode=2750 state=directory
-  tags:
-  - notifier
-  - install
-  - update
-  - ubuntu
 
 - name: notifier | supervisord config for celery workers
-  template: 
-    src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf 
+  template:
+    src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf
   notify: notifier | restart notifier-celery-workers
-  tags:
-  - notifier
-  - install
-  - update
 
 - name: notifier | supervisord config for scheduler
-  template: 
-    src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf 
+  template:
+    src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf
   notify: notifier | restart notifier-scheduler
-  tags:
-  - notifier
-  - install
-  - update
 
 - include: deploy.yml
diff --git a/playbooks/roles/ora/tasks/main.yml b/playbooks/roles/ora/tasks/main.yml
index e74122e..6cf2688 100644
--- a/playbooks/roles/ora/tasks/main.yml
+++ b/playbooks/roles/ora/tasks/main.yml
@@ -5,17 +5,13 @@
 
 - name: ora | create application user
   user: >
-    name="{{ ora_user }}"
-    home="{{ ora_app_dir }}"
-    createhome=no
-    shell=/bin/false
+    name="{{ ora_user }}" home="{{ ora_app_dir }}"
+    createhome=no shell=/bin/false
 
 - name: ora | create ora app and data dir
   file: >
-    path="{{ item }}"
-    state=directory
-    owner="{{ ora_user }}"
-    group="{{ common_web_group }}"
+    path="{{ item }}" state=directory
+    owner="{{ ora_user }}" group="{{ common_web_group }}"
   with_items:
     - "{{ ora_venvs_dir }}"
     - "{{ ora_app_dir }}"
@@ -35,5 +31,4 @@
 - name: ora | create a symlink for venv python
   file: >
     src="{{ ora_venv_bin }}/python"
-    dest={{ cfg_dir }}/python.ora
-    state=link
+    dest={{ cfg_dir }}/python.ora state=link
diff --git a/playbooks/roles/oraclejdk/tasks/main.yml b/playbooks/roles/oraclejdk/tasks/main.yml
index d550cd9..7edd1cc 100644
--- a/playbooks/roles/oraclejdk/tasks/main.yml
+++ b/playbooks/roles/oraclejdk/tasks/main.yml
@@ -1,11 +1,11 @@
 ---
 
 # oraclejdk
-# 
+#
 # Dependencies:
 #
 #   * common
-# 
+#
 # Example play:
 #
 #   roles:
@@ -16,40 +16,28 @@
   command: test -d /usr/lib/jvm/{{ oraclejdk_base }}
   ignore_errors: true
   register: oraclejdk_present
-  tags:
-    - oraclejdk
-    - install
 
 - name: oraclejdk | download Oracle Java
   shell: >
-    curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }} 
-      executable=/bin/bash 
-      chdir=/var/tmp 
-      creates=/var/tmp/{{ oraclejdk_file }} 
+    curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }}
+      executable=/bin/bash
+      chdir=/var/tmp
+      creates=/var/tmp/{{ oraclejdk_file }}
   when: oraclejdk_present|failed
 
 - name: oraclejdk | install Oracle Java
   shell: >
-    mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }} 
+    mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }}
     creates=/usr/lib/jvm/{{ oraclejdk_base }}
-    executable=/bin/bash 
+    executable=/bin/bash
 
   sudo: true
   when: oraclejdk_present|failed
-  tags:
-    - oraclejdk
-    - install
 
 - name: oraclejdk | create symlink expected by elasticsearch
   file: src=/usr/lib/jvm/{{ oraclejdk_base }} dest={{ oraclejdk_link }} state=link
   when: oraclejdk_present|failed
-  tags:
-    - oraclejdk
-    - install
 
 - name: oraclejdk | add JAVA_HOME for Oracle Java
   template: src=java.sh.j2 dest=/etc/profile.d/java.sh owner=root group=root mode=0755
   when: oraclejdk_present|failed
-  tags:
-  - oraclejdk
-  - install
diff --git a/playbooks/roles/rabbitmq/tasks/main.yml b/playbooks/roles/rabbitmq/tasks/main.yml
index 691526f..7385959 100644
--- a/playbooks/roles/rabbitmq/tasks/main.yml
+++ b/playbooks/roles/rabbitmq/tasks/main.yml
@@ -20,26 +20,35 @@
 
 # Defaulting to /var/lib/rabbitmq
 - name: rabbitmq | create cookie directory
-  file: path={{rabbitmq_cookie_dir}} owner=rabbitmq group=rabbitmq mode=0755 state=directory
-
+  file: >
+    path={{rabbitmq_cookie_dir}}
+    owner=rabbitmq group=rabbitmq mode=0755 state=directory
 
 - name: rabbitmq | add rabbitmq erlang cookie
-  template: src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}} owner=rabbitmq group=rabbitmq mode=0400
+  template: >
+    src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}}
+    owner=rabbitmq group=rabbitmq mode=0400
   register: erlang_cookie
 
 # Defaulting to /etc/rabbitmq
 - name: rabbitmq | create rabbitmq config directory
-  file: path={{rabbitmq_config_dir}} owner=root group=root mode=0755 state=directory
- 
+  file: >
+    path={{rabbitmq_config_dir}}
+    owner=root group=root mode=0755 state=directory
+
 - name: rabbitmq | add rabbitmq environment configuration
-  template: src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf owner=root group=root mode=0644
+  template: >
+    src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf
+    owner=root group=root mode=0644
 
 - name: rabbitmq | add rabbitmq cluster configuration
-  template: src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config owner=root group=root mode=0644
+  template: >
+    src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config
+    owner=root group=root mode=0644
   register: cluster_configuration
 
 - name: rabbitmq | install plugins
-  rabbitmq_plugin: 
+  rabbitmq_plugin:
     names={{",".join(rabbitmq_plugins)}} state=enabled
 
 # When rabbitmq starts up it creates a folder of metadata at '/var/lib/rabbitmq/mnesia'.
@@ -60,13 +69,9 @@
 
 - name: rabbitmq | add admin users
   rabbitmq_user: >
-    user='{{item.name}}'
-    password='{{item.password}}'
-    read_priv='.*'
-    write_priv='.*'
-    configure_priv='.*'
-    tags="administrator"
-    state=present
+    user='{{item.name}}' password='{{item.password}}'
+    read_priv='.*' write_priv='.*'
+    configure_priv='.*' tags="administrator" state=present
   with_items: rabbitmq_auth_config.admins
   when: "'admins' in rabbitmq_auth_config"
 
@@ -74,11 +79,11 @@
 # Depends upon the management plugin
 #
 - name: rabbitmq | install admin tools
-  get_url: 
+  get_url: >
     url=http://localhost:{{ rabbitmq_management_port }}/cli/rabbitmqadmin
     dest=/usr/local/bin/rabbitmqadmin
 
 - name: rabbitmq | ensure rabbitmqadmin attributes
-  file: 
-    path=/usr/local/bin/rabbitmqadmin owner=root 
+  file: >
+    path=/usr/local/bin/rabbitmqadmin owner=root
     group=root mode=0655
diff --git a/playbooks/roles/rbenv/tasks/main.yml b/playbooks/roles/rbenv/tasks/main.yml
index 21c03aa..2124a87 100644
--- a/playbooks/roles/rbenv/tasks/main.yml
+++ b/playbooks/roles/rbenv/tasks/main.yml
@@ -36,16 +36,13 @@
 
 - name: rbenv | create rbenv user {{ rbenv_user }}
   user: >
-    name={{ rbenv_user }}
-    home={{ rbenv_dir }}
-    shell=/bin/false
-    createhome=no
+    name={{ rbenv_user }} home={{ rbenv_dir }}
+    shell=/bin/false createhome=no
   when: rbenv_user != common_web_user
 
 - name: rbenv | create rbenv dir if it does not exist
   file: >
-    path="{{ rbenv_dir }}"
-    owner="{{ rbenv_user }}"
+    path="{{ rbenv_dir }}" owner="{{ rbenv_user }}"
     state=directory
 
 - name: rbenv | install build depends
@@ -55,14 +52,12 @@
 - name: rbenv | update rbenv repo
   git: >
     repo=https://github.com/sstephenson/rbenv.git
-    dest={{ rbenv_dir }}/.rbenv
-    version={{ rbenv_version }}
+    dest={{ rbenv_dir }}/.rbenv version={{ rbenv_version }}
   sudo_user: "{{ rbenv_user }}"
 
 - name: rbenv | ensure ruby_env exists
   template: >
-    src=ruby_env.j2
-    dest={{ rbenv_dir }}/ruby_env
+    src=ruby_env.j2 dest={{ rbenv_dir }}/ruby_env
   sudo_user: "{{ rbenv_user }}"
 
 - name: rbenv | check ruby-build installed
diff --git a/playbooks/roles/supervisor/defaults/main.yml b/playbooks/roles/supervisor/defaults/main.yml
index 150e429..7395eef 100644
--- a/playbooks/roles/supervisor/defaults/main.yml
+++ b/playbooks/roles/supervisor/defaults/main.yml
@@ -14,7 +14,7 @@
 supervisor_app_dir: "{{ app_dir }}/supervisor"
 supervisor_cfg_dir: "{{ supervisor_app_dir }}/conf.d"
 supervisor_data_dir: "{{ data_dir }}/supervisor"
-supervisor_venvs_dir: "{{ venvs_dir }}/supervisor"
+supervisor_venvs_dir: "{{ supervisor_app_dir }}/venvs"
 supervisor_venv_dir: "{{ supervisor_venvs_dir }}/supervisor"
 supervisor_venv_bin: "{{ supervisor_venv_dir }}/bin"
 supervisor_ctl: "{{ supervisor_venv_bin }}/supervisorctl"
diff --git a/playbooks/roles/supervisor/handlers/main.yml b/playbooks/roles/supervisor/handlers/main.yml
index a3f68cb..e2b99b8 100644
--- a/playbooks/roles/supervisor/handlers/main.yml
+++ b/playbooks/roles/supervisor/handlers/main.yml
@@ -2,3 +2,6 @@
   service: >
     name=supervisor
     state=restarted
+
+- name: supervisor | reload supervisor
+  shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
diff --git a/playbooks/roles/supervisor/tasks/main.yml b/playbooks/roles/supervisor/tasks/main.yml
index b42716e..fd7d3b6 100644
--- a/playbooks/roles/supervisor/tasks/main.yml
+++ b/playbooks/roles/supervisor/tasks/main.yml
@@ -38,7 +38,6 @@
     group={{ common_web_user }}
   with_items:
     - "{{ supervisor_app_dir }}"
-    - "{{ supervisor_cfg_dir }}"
     - "{{ supervisor_venvs_dir }}"
 
 - name: supervisor | create supervisor directories
@@ -48,6 +47,7 @@
     owner={{ common_web_user }}
     group={{ supervisor_user }}
   with_items:
+    - "{{ supervisor_cfg_dir }}"
     - "{{ supervisor_data_dir }}"
     - "{{ supervisor_log_dir }}"
 
@@ -58,12 +58,15 @@
   notify: supervisor | restart supervisor
 
 - name: supervisor | create supervisor upstart job
-  template: src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
+  template: >
+    src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
+    owner=root group=root
   notify: supervisor | restart supervisor
 
 - name: supervisor | create supervisor master config
-  template: src=supervisord.conf.j2 dest={{ supervisor_cfg }}
-  sudo_user: "{{ supervisor_user }}"
+  template: >
+    src=supervisord.conf.j2 dest={{ supervisor_cfg }}
+    owner={{ supervisor_user }}
   notify: supervisor | restart supervisor
 
 - name: supervisor | create a symlink for supervisortctl
@@ -78,5 +81,12 @@
     dest={{ cfg_dir }}/{{ supervisor_cfg|basename }}
     state=link
 
+- name: supervisor | create a symlink for supervisor cfg
+  file: >
+    src={{ supervisor_cfg_dir }}
+    dest={{ cfg_dir }}/supervisor.{{ supervisor_cfg_dir|basename }}
+    state=link
+
+
 - name: supervisor | ensure supervisor is started
   service: name=supervisor state=started
--
libgit2 0.26.0