Clean up:

Cleaning up syntax to more readable format.
Leveraging some 2.0 features (blocks) to avoid repetition

tasks/SmartOS/client.yml

@@ -5,12 +5,14 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Deploy Sensu client service manifest
-    template: dest=/opt/local/lib/svc/manifest/sensu-client.xml
-              src=../../templates/sensu-client.smartos_smf_manifest.xml.j2
-              owner=root group=root mode=644
-    notify: import sensu-client service
-              
-  - name: Initial import of Sensu client service
-    command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-client.xml
-    args:
-      creates: "/var/svc/log/application-sensu-client:default.log"
+    template:
+      dest: /opt/local/lib/svc/manifest/sensu-client.xml
+      src: '../../templates/sensu-client.smartos_smf_manifest.xml.j2'
+      owner: root
+      group: root
+      mode: 644
+    notify:
+      - import sensu-client service
+      - restart sensu-client service
+
+  - meta: flush_handlers

tasks/SmartOS/dashboard.yml

@@ -8,67 +8,81 @@
     pkgin: name=go state=present
 
   - name: Ensure Uchiwa directory exists
-    file: dest={{ uchiwa_path }} state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
-          recurse=yes
+    file:
+      dest: "{{ uchiwa_path }}"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      recurse: true
 
-  - name: Ensure Uchiwa config directory exists
-    file: dest={{ uchiwa_path }}/etc state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
-          recurse=yes
-
-  - name: Ensure Uchiwa Go directory exists
-    file: dest={{ uchiwa_path }}/go state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
-          recurse=yes
+  - name: Ensure Uchiwa Go/config directory exists
+    file:
+      dest: "{{ uchiwa_path }}/{{ item }}"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      recurse: true
+    with_items:
+      - etc
+      - go
 
   - name: Ensure Uchiwa GOPATH exists
-    file: dest={{ uchiwa_path }}/go/{{ item }}
-          owner={{ sensu_user_name }}
-          group={{ sensu_group_name }}
-          state=directory recurse=yes
+    file:
+      dest: "{{ uchiwa_path }}/go/{{ item }}"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      state: directory
+      recurse: true
     with_items:
       - bin
       - pkg
       - src
 
-  - name: Fetch Uchiwa from GitHub
-    command: go get github.com/sensu/uchiwa
-    environment:
-      GOPATH: "{{ uchiwa_path }}/go"
-    sudo: yes
-    sudo_user: "{{ sensu_user_name }}"
-    args:
-      creates: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa"
+  - block:
+
+    - name: Fetch Uchiwa from GitHub
+      command: go get github.com/sensu/uchiwa
+      environment:
+        GOPATH: "{{ uchiwa_path }}/go"
+        args:
+          creates: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa"
+
+    - name: Build and deploy Uchiwa
+      shell: npm install --production
+      args:
+        chdir: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa"
+        creates: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa/public/bower_components"
 
-  - name: Build and deploy Uchiwa
-    shell: npm install --production chdir={{ uchiwa_path }}/go/src/github.com/sensu/uchiwa
-    args:
-      creates: "{{ uchiwa_path }}/go/src/github.com/sensu/uchiwa/public/bower_components"
-    sudo: yes
-    sudo_user: "{{ sensu_user_name }}"
+    become: true
+    become_user: "{{ sensu_user_name }}"
 
   - name: Deploy Uchiwa config
-    template: src=../../templates/uchiwa_config.json.j2 dest={{ uchiwa_path }}/etc/config.json
-              owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    template:
+      src: '../../templates/uchiwa_config.json.j2'
+      dest: "{{ uchiwa_path }}/etc/config.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     notify: restart uchiwa service
 
   - name: Deploy Uchiwa service script
-    template: src=../../templates/uchiwa.sh.j2
-              dest=/opt/local/lib/svc/method/uchiwa
-              owner=root group=root mode=755
+    template:
+      src: '../../templates/uchiwa.sh.j2'
+      dest: /opt/local/lib/svc/method/uchiwa
+      owner: root
+      group: root
+      mode: 755
     notify: restart uchiwa service
 
   - name: Deploy Uchiwa service manifest
-    template: dest=/opt/local/lib/svc/manifest/uchiwa.xml
-              src=../../templates/uchiwa.smartos_smf_manifest.xml.j2
-              owner=root group=root mode=644
+    template:
+      dest: /opt/local/lib/svc/manifest/uchiwa.xml
+      src: '../../templates/uchiwa.smartos_smf_manifest.xml.j2'
+      owner: root
+      group: root
+      mode: 644
     notify: import uchiwa service
 
-  - name: Initial import of Uchiwa server service
-    command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/uchiwa.xml
-    args:
-      creates: "/var/svc/log/application-uchiwa:default.log"
+  - meta: flush_handlers
 
   - name: Ensure Uchiwa server service is running
     service: name=uchiwa state=started enabled=yes

tasks/SmartOS/main.yml

@@ -5,20 +5,24 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Ensure the Sensu group is present
-    group: name={{ sensu_group_name }}
-             state=present
+    group: name={{ sensu_group_name }} state=present
              
   - name: Ensure the Sensu user is present
-    user: name={{ sensu_user_name }}
-          group={{ sensu_group_name }}
-          shell=/bin/false
-          home={{ sensu_config_path }}
-          createhome=yes
-          state=present
+    user:
+      name: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      shell: /bin/false
+      home: "{{ sensu_config_path }}"
+      createhome: true
+      state: present
 
   - name: Ensure the Sensu config directory is present
-    file: dest={{ sensu_config_path }}/conf.d state=directory recurse=yes
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/conf.d"
+      state: directory
+      recurse: true
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
 
   - name: Ensure Sensu dependencies are installed
     pkgin: name=build-essential,ruby21-base state=present

tasks/SmartOS/rabbit.yml

@@ -2,5 +2,11 @@
 # tasks/SmartOS/rabbit.yml: Deploy RabbitMQ
 # Specific to Joyent SmartOS
 
-- name: Ensure RabbitMQ is installed
-  pkgin: name=rabbitmq state=present
+  - name: Ensure RabbitMQ is installed
+    pkgin: name=rabbitmq state=present
+  
+  - name: Ensure EPMD is running
+    service:
+      name: epmd
+      state: started
+      enabled: true

tasks/SmartOS/server.yml

@@ -6,23 +6,21 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Deploy Sensu server service manifest
-    template: dest=/opt/local/lib/svc/manifest/sensu-server.xml
-              src=../../templates/sensu-server.smartos_smf_manifest.xml.j2
-              owner=root group=root mode=644
+    template:
+      dest: /opt/local/lib/svc/manifest/sensu-server.xml
+      src: '../../templates/sensu-server.smartos_smf_manifest.xml.j2'
+      owner: root
+      group: root
+      mode: 644
     notify: import sensu-server service
 
   - name: Deploy Sensu API service manifest
-    template: dest=/opt/local/lib/svc/manifest/sensu-api.xml
-              src=../../templates/sensu-api.smartos_smf_manifest.xml.j2
-              owner=root group=root mode=644
+    template:
+      dest: /opt/local/lib/svc/manifest/sensu-api.xml
+      src: '../../templates/sensu-api.smartos_smf_manifest.xml.j2'
+      owner: root
+      group: root
+      mode: 644
     notify: import sensu-api service
  
-  - name: Initial import of Sensu server service
-    command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-server.xml
-    args:
-      creates: "/var/svc/log/application-sensu-server:default.log"
-        
-  - name: Initial import of Sensu API service
-    command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-api.xml
-    args:
-      creates: "/var/svc/log/application-sensu-api:default.log"
+  - meta: flush_handlers

tasks/Ubuntu/dashboard.yml

@@ -5,13 +5,16 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Retrieve the Uchiwa deb package
-    get_url: url={{ uchiwa_pkg_download_url }}
-             dest={{ uchiwa_pkg_download_path }}
-             sha256sum={{ uchiwa_pkg_download_sha256sum }}
+    get_url:
+      url: "{{ uchiwa_pkg_download_url }}"
+      dest: "{{ uchiwa_pkg_download_path }}"
+      sha256sum: "{{ uchiwa_pkg_download_sha256sum }}"
 
   - name: Install Uchiwa from the retrieved deb package
     apt: deb={{ uchiwa_pkg_download_path }} 
 
   - name: Deploy Uchiwa config
-    template: src=../../templates/uchiwa_config.json.j2 dest={{ sensu_config_path }}/uchiwa.json
+    template:
+      src: '../../templates/uchiwa_config.json.j2'
+      dest: "{{ sensu_config_path }}/uchiwa.json"
     notify: restart uchiwa service

tasks/Ubuntu/main.yml

@@ -5,12 +5,15 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Ensure the Sensu APT repo GPG key is present
-    apt_key: url=http://repositories.sensuapp.org/apt/pubkey.gpg
-             state=present
+    apt_key:
+      url: http://repositories.sensuapp.org/apt/pubkey.gpg
+      state: present
 
   - name: Ensure the Sensu Core APT repo is present
-    apt_repository: repo='deb     http://repositories.sensuapp.org/apt sensu main'
-                    state=present update_cache=yes
+    apt_repository:
+      repo: 'deb     http://repositories.sensuapp.org/apt sensu main'
+      state: present
+      update_cache: true
 
   - name: Ensure Sensu is installed
     apt: name=sensu state={{ sensu_pkg_state }}

tasks/Ubuntu/rabbit.yml

@@ -5,13 +5,18 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Ensure the RabbitMQ APT repo GPG key is present
-    apt_key: url=https://www.rabbitmq.com/rabbitmq-signing-key-public.asc
-             state=present
+    apt_key:
+      url: https://www.rabbitmq.com/rabbitmq-signing-key-public.asc
+      state: present
 
   - name: Ensure the RabbitMQ APT repo is present
-    apt_repository: repo='deb http://www.rabbitmq.com/debian/ testing main'
-                    state=present update_cache=yes
+    apt_repository:
+      repo: 'deb http://www.rabbitmq.com/debian/ testing main'
+      state: present
+      update_cache: true
 
   - name: Ensure RabbitMQ is installed
-    apt: name=rabbitmq-server state={{ rabbitmq_pkg_state }}
-         update_cache=yes
+    apt:
+      name: rabbitmq-server
+      state: "{{ rabbitmq_pkg_state }}"
+      update_cache: true

tasks/Ubuntu/redis.yml

@@ -5,13 +5,18 @@
   - include_vars: ../../vars/{{ ansible_distribution }}.yml
 
   - name: Ensure the Redis APT repo is present
-    apt_repository: repo={{ redis_pkg_repo }}
-                    state=present update_cache=yes
+    apt_repository:
+      repo: "{{ redis_pkg_repo }}"
+      state: present
+      update_cache: true
 
   - name: Ensure Redis is installed
-    apt: name=redis-server state={{ redis_pkg_state }}
-         update_cache=yes
+    apt:
+      name: redis-server
+      state: "{{ redis_pkg_state }}"
+      update_cache: true
 
   - name: Deploy Redis systemd service manifest
-    copy: src=../../files/ubuntu_redis_systemd.service
-          dest=/etc/systemd/system/redis.service
+    copy:
+      src: '../../files/ubuntu_redis_systemd.service'
+      dest: /etc/systemd/system/redis.service

tasks/client.yml

@@ -6,19 +6,27 @@
       - "{{ ansible_distribution }}.yml"
 
   - name: Ensure the Sensu config directory is present
-    file: dest={{ sensu_config_path }}/conf.d state=directory recurse=yes
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/conf.d"
+      state: directory
+      recurse: true
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
 
   - name: Deploy Sensu client RabbitMQ configuration
-    template: dest="{{ sensu_config_path }}/conf.d/rabbitmq.json"
-              owner={{ sensu_user_name }} group={{ sensu_group_name }}
-              src=rabbitmq.json.j2
+    template:
+      dest: "{{ sensu_config_path }}/conf.d/rabbitmq.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      src: rabbitmq.json.j2
     notify: restart sensu-client service
 
   - name: Deploy Sensu client service configuration
-    template: dest="{{ sensu_config_path }}/conf.d/client.json"
-              owner={{ sensu_user_name }} group={{ sensu_group_name }}
-              src={{ sensu_client_config  }}
+    template:
+      dest: "{{ sensu_config_path }}/conf.d/client.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      src: "{{ sensu_client_config  }}"
     notify: restart sensu-client service
 
   - include: SmartOS/client.yml

tasks/plugins.yml

@@ -6,8 +6,11 @@
       - "{{ ansible_distribution }}.yml"
 
   - name: Ensure Sensu plugin directory exists
-    file: dest={{ sensu_config_path }}/plugins state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/plugins"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
 
   - name: Register available checks
     local_action: command ls {{ static_data_store }}/sensu/checks
@@ -15,36 +18,50 @@
     changed_when: False
 
   - name: Deploy check plugins
-    copy: src={{ static_data_store }}/sensu/checks/{{ item }}/
-          dest={{ sensu_config_path }}/plugins/ mode=755
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    copy:
+      src: "{{ static_data_store }}/sensu/checks/{{ item }}/"
+      dest: "{{ sensu_config_path }}/plugins/"
+      mode: 755
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     when: sensu_available_checks.stdout.find('{{ item }}') != -1
     with_flattened:
       - group_names
     notify: restart sensu-client service
 
   - name: Deploy handler plugins
-    copy: src={{ static_data_store }}/sensu/handlers/
-          dest={{ sensu_config_path }}/plugins/ mode=755
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    copy:
+      src: "{{ static_data_store }}/sensu/handlers/"
+      dest: "{{ sensu_config_path }}/plugins/"
+      mode: 755
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     notify: restart sensu-client service
 
   - name: Deploy filter plugins
-    copy: src={{ static_data_store }}/sensu/filters/
-          dest={{ sensu_config_path }}/plugins/ mode=755
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    copy:
+      src: "{{ static_data_store }}/sensu/filters/"
+      dest: "{{ sensu_config_path }}/plugins/"
+      mode: 755
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     notify: restart sensu-client service
 
   - name: Deploy mutator plugins
-    copy: src={{ static_data_store }}/sensu/mutators/
-          dest={{ sensu_config_path }}/plugins/ mode=755
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    copy:
+      src: "{{ static_data_store }}/sensu/mutators/"
+      dest: "{{ sensu_config_path }}/plugins/"
+      mode: 755
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     notify: restart sensu-client service
 
   - name: Deploy check/handler/filter/mutator definitions to the master
-    template: src={{ static_data_store }}/sensu/definitions/{{ item }}.j2
-          dest={{ sensu_config_path }}/conf.d/{{ item }}
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    template:
+      src: "{{ static_data_store }}/sensu/definitions/{{ item }}.j2"
+      dest: "{{ sensu_config_path }}/conf.d/{{ item }}"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     when: sensu_master
     with_lines:
       - ls {{ static_data_store }}/sensu/definitions | sed 's/\.j2//'

tasks/rabbit.yml

@@ -15,40 +15,42 @@
     file: dest={{ rabbitmq_config_path }}/ssl state=directory
 
   - name: Ensure RabbitMQ SSL certs/keys are in place
-    copy: src={{ item }}
-          dest={{ rabbitmq_config_path }}/ssl
+    copy: src={{ item }} dest={{ rabbitmq_config_path }}/ssl
     with_items:
       - "{{ sensu_ssl_server_cacert }}"
       - "{{ sensu_ssl_server_cert }}"
       - "{{ sensu_ssl_server_key }}"
 
   - name: Deploy RabbitMQ config
-    template: dest={{ rabbitmq_config_path }}/rabbitmq.config
-              src={{ rabbitmq_config_template }}
-              owner=root group=root mode=644
+    template:
+      dest: "{{ rabbitmq_config_path }}/rabbitmq.config"
+      src: "{{ rabbitmq_config_template }}"
+      owner: root
+      group: root
+      mode: 644
     notify: restart rabbitmq service
 
   - name: Ensure RabbitMQ is running
-    service: name={{ item }} state=started enabled=true
-    with_items:
-      - epmd
-      - "{{ rabbitmq_service_name }}"
+    service:
+      name: "{{ rabbitmq_service_name }}"
+      state: started
+      enabled: true
 
   - name: Wait for RabbitMQ to be up and running before asking to create a vhost
     pause: seconds=3
 
-  - name: Ensure Sensu RabbitMQ vhost exists
-    rabbitmq_vhost: name={{ rabbitmq_sensu_vhost }} state=present
-    sudo: yes
-    sudo_user: rabbitmq
-
-  - name: Ensure Sensu RabbitMQ user has access to the Sensu vhost
-    rabbitmq_user: user={{ rabbitmq_sensu_user_name }}
-                   password={{ rabbitmq_sensu_password }}
-                   vhost={{ rabbitmq_sensu_vhost }}
-                   configure_priv=.*
-                   read_priv=.*
-                   write_priv=.*
-                   state=present
-    sudo: yes
-    sudo_user: rabbitmq
+  - block:
+    - name: Ensure Sensu RabbitMQ vhost exists
+      rabbitmq_vhost: name={{ rabbitmq_sensu_vhost }} state=present
+
+    - name: Ensure Sensu RabbitMQ user has access to the Sensu vhost
+      rabbitmq_user:
+        user: "{{ rabbitmq_sensu_user_name }}"
+        password: "{{ rabbitmq_sensu_password }}"
+        vhost: "{{ rabbitmq_sensu_vhost }}"
+        configure_priv: .*
+        read_priv: .*
+        write_priv: .*
+        state: present
+    become: true
+    become_user: rabbitmq

tasks/server.yml

@@ -6,19 +6,27 @@
       - "{{ ansible_distribution }}.yml"
 
   - name: Ensure the Sensu config directory is present
-    file: dest={{ sensu_config_path }}/conf.d state=directory recurse=yes
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/conf.d"
+      state: directory
+      recurse: true
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
 
   - name: Deploy Sensu server API configuration
-    template: dest={{ sensu_config_path }}/conf.d/api.json
-              owner={{ sensu_user_name }} group={{ sensu_group_name }}
-              src=sensu-api.json.j2
+    template:
+      dest: "{{ sensu_config_path }}/conf.d/api.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      src: sensu-api.json.j2
     notify: restart sensu-api service
 
   - name: Deploy Sensu Redis configuration
-    template: dest={{ sensu_config_path }}/conf.d/redis.json
-              owner={{ sensu_user_name }} group={{ sensu_group_name }}
-              src=sensu-redis.json.j2
+    template:
+      dest: "{{ sensu_config_path }}/conf.d/redis.json"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      src: sensu-redis.json.j2
     notify: restart sensu-api service
 
   - include: SmartOS/server.yml

tasks/ssl.yml

@@ -9,9 +9,11 @@
     when: sensu_ssl_gen_certs
 
   - name: Deploy the Sensu client SSL cert/key
-    copy: src={{ item }}
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
-          dest={{ sensu_config_path }}/ssl
+    copy:
+      src: "{{ item }}"
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
+      dest: "{{ sensu_config_path }}/ssl"
     with_items:
       - "{{ sensu_ssl_client_cert }}"
       - "{{ sensu_ssl_client_key }}"

tasks/ssl_generate.yml

@@ -7,40 +7,47 @@
       - "{{ ansible_distribution }}.yml"
 
   - name: Ensure Sensu SSL directory exists
-    file: dest={{ sensu_config_path }}/ssl state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/ssl"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
 
   - name: Ensure SSL generation directory exists
-    file: dest={{ sensu_config_path }}/ssl_generation state=directory
-          owner={{ sensu_user_name }} group={{ sensu_group_name }}
+    file:
+      dest: "{{ sensu_config_path }}/ssl_generation"
+      state: directory
+      owner: "{{ sensu_user_name }}"
+      group: "{{ sensu_group_name }}"
     when: sensu_master
 
-  - name: Fetch the ssl_certs tarball from sensuapp.org
-    get_url: url=http://sensuapp.org/docs/0.20/files/sensu_ssl_tool.tar
-             dest={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool.tar
-    when: sensu_master
-    sudo: yes
-    sudo_user: "{{ sensu_user_name }}"
+  - block:
 
-  - name: Untar the ssl_certs tarball from sensuapp.org
-    shell: tar xf sensu_ssl_tool.tar chdir={{ sensu_config_path }}/ssl_generation
-    args:
-      creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
-    when: sensu_master
-    sudo: yes
-    sudo_user: "{{ sensu_user_name }}"
+    - name: Fetch the ssl_certs tarball from sensuapp.org
+      get_url:
+        url: http://sensuapp.org/docs/0.20/files/sensu_ssl_tool.tar
+        dest: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool.tar"
+  
+    - name: Untar the ssl_certs tarball from sensuapp.org
+      shell: tar xf sensu_ssl_tool.tar
+      args:
+        chdir: "{{ sensu_config_path }}/ssl_generation"
+        creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
+  
+    - name: Generate SSL certs
+      shell: ./ssl_certs.sh generate
+      args:
+        chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
+        creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server"
 
-  - name: Generate SSL certs
-    shell: ./ssl_certs.sh generate chdir={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool
-    args:
-      creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server"
-    when: sensu_master
-    sudo: yes
-    sudo_user: "{{ sensu_user_name }}"
+    when: sensu_master|bool
+    become: true
+    become_user: "{{ sensu_user_name }}"
 
   - name: Stash the Sensu SSL certs/keys
-    fetch: src={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}
-           dest={{ dynamic_data_store }}
+    fetch:
+      src: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}"
+      dest: "{{ dynamic_data_store }}"
     when: sensu_master
     with_items:
       - sensu_ca/cacert.pem