From d1d8cc29a11ad234d149e2df31af6a068b15f08e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Mon, 17 Oct 2022 21:45:19 +0200 Subject: [PATCH] ansible-lint: Switch names to uppercase --- molecule/default/prepare.yml | 2 +- playbooks/avalon.yml | 2 +- playbooks/fenrir.yml | 2 +- playbooks/izanagi.yml | 2 +- playbooks/izanami.yml | 2 +- playbooks/local.yml | 2 +- playbooks/upgrade.yml | 2 +- roles/croc/tasks/main.yml | 10 +++---- roles/croc/tasks/relay.yml | 8 +++--- roles/cron/tasks/main.yml | 6 ++-- roles/deploy/tasks/main.yml | 4 +-- roles/ejabberd/handlers/main.yml | 2 +- roles/ejabberd/tasks/main.yml | 32 +++++++++++----------- roles/faceit/tasks/main.yml | 2 +- roles/fail2ban/handlers/main.yml | 2 +- roles/fail2ban/tasks/main.yml | 12 ++++---- roles/firewalld/handlers/main.yml | 4 +-- roles/firewalld/tasks/main.yml | 12 ++++---- roles/gamja/tasks/main.yml | 2 +- roles/grafana/tasks/main.yml | 2 +- roles/hedgedoc/tasks/main.yml | 2 +- roles/homepage/tasks/main.yml | 10 +++---- roles/keycloak/tasks/main.yml | 2 +- roles/mailcow/tasks/main.yml | 2 +- roles/matrix/tasks/main.yml | 2 +- roles/minio/handlers/main.yml | 2 +- roles/minio/tasks/main.yml | 12 ++++---- roles/navidrome/tasks/main.yml | 2 +- roles/nextcloud/tasks/main.yml | 2 +- roles/nginx/handlers/main.yml | 2 +- roles/nginx/tasks/main.yml | 20 +++++++------- roles/ntfy_server/tasks/main.yml | 2 +- roles/pacman/tasks/main.yml | 20 +++++++------- roles/peertube/handlers/main.yml | 2 +- roles/peertube/tasks/main.yml | 18 ++++++------ roles/prometheus/handlers/main.yml | 2 +- roles/prometheus/tasks/main.yml | 14 +++++----- roles/prometheus_clients/handlers/main.yml | 2 +- roles/prometheus_clients/tasks/server.yml | 14 +++++----- roles/screego/tasks/main.yml | 2 +- roles/searx/handlers/main.yml | 2 +- roles/searx/tasks/main.yml | 16 +++++------ roles/sinusbot/tasks/main.yml | 2 +- roles/srht/handlers/main.yml | 4 +-- roles/srht/tasks/main.yml | 32 +++++++++++----------- roles/ssh/handlers/main.yml | 2 +- roles/ssh/tasks/main.yml | 6 ++-- roles/ssh/tasks/server.yml | 6 ++-- roles/upgrade/handlers/main.yml | 2 +- roles/upgrade/tasks/Archlinux.yml | 4 +-- roles/upgrade/tasks/Debian.yml | 4 +-- roles/upgrade/tasks/main.yml | 2 +- roles/uptime_kuma/tasks/main.yml | 2 +- roles/vault/tasks/main.yml | 2 +- roles/vaultwarden/handlers/main.yml | 2 +- roles/vaultwarden/tasks/main.yml | 20 +++++++------- roles/xenrox/tasks/main.yml | 8 +++--- 57 files changed, 181 insertions(+), 181 deletions(-) diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 32816fb..7136150 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,5 +1,5 @@ --- -- name: prepare hosts +- name: Prepare hosts hosts: all tasks: - name: Setup openssh diff --git a/playbooks/avalon.yml b/playbooks/avalon.yml index 23a3321..77427b4 100644 --- a/playbooks/avalon.yml +++ b/playbooks/avalon.yml @@ -1,5 +1,5 @@ --- -- name: setup avalon +- name: Setup avalon hosts: xenrox.net become: true roles: diff --git a/playbooks/fenrir.yml b/playbooks/fenrir.yml index f6bd9b2..f5ecf1c 100644 --- a/playbooks/fenrir.yml +++ b/playbooks/fenrir.yml @@ -1,5 +1,5 @@ --- -- name: setup fenrir +- name: Setup fenrir hosts: fenrir.xenrox.net become: true roles: diff --git a/playbooks/izanagi.yml b/playbooks/izanagi.yml index 31543fb..682d020 100644 --- a/playbooks/izanagi.yml +++ b/playbooks/izanagi.yml @@ -1,5 +1,5 @@ --- -- name: setup izanagi +- name: Setup izanagi hosts: izanagi become: true roles: diff --git a/playbooks/izanami.yml b/playbooks/izanami.yml index 542dff8..82cf91a 100644 --- a/playbooks/izanami.yml +++ b/playbooks/izanami.yml @@ -1,5 +1,5 @@ --- -- name: setup izanami +- name: Setup izanami hosts: izanami become: true roles: diff --git a/playbooks/local.yml b/playbooks/local.yml index b06d9bb..7952f2e 100644 --- a/playbooks/local.yml +++ b/playbooks/local.yml @@ -1,5 +1,5 @@ --- -- name: setup localhost +- name: Setup localhost hosts: 127.0.0.1 become: true roles: diff --git a/playbooks/upgrade.yml b/playbooks/upgrade.yml index fd13ca3..7189e41 100644 --- a/playbooks/upgrade.yml +++ b/playbooks/upgrade.yml @@ -1,5 +1,5 @@ --- -- name: upgrade hosts +- name: Upgrade hosts hosts: all,!127.0.0.1 become: true roles: diff --git a/roles/croc/tasks/main.yml b/roles/croc/tasks/main.yml index 965b5f8..7f5aca4 100644 --- a/roles/croc/tasks/main.yml +++ b/roles/croc/tasks/main.yml @@ -3,16 +3,16 @@ ansible.builtin.set_fact: croc_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/croc') }}" -- name: install croc +- name: Install croc ansible.builtin.package: name: croc state: present -- name: setup croc relay +- name: Setup croc relay import_tasks: relay.yml when: croc_relay is defined and croc_relay -- name: create croc config path +- name: Create croc config path ansible.builtin.file: path: "/home/{{ primary_user }}/.config/croc" state: directory @@ -20,7 +20,7 @@ group: "{{ primary_user }}" mode: 0700 -- name: configure croc send +- name: Configure croc send ansible.builtin.template: src: send.json.j2 dest: "/home/{{ primary_user }}/.config/croc/send.json" @@ -28,7 +28,7 @@ group: "{{ primary_user }}" mode: 0600 -- name: configure croc receive +- name: Configure croc receive ansible.builtin.template: src: receive.json.j2 dest: "/home/{{ primary_user }}/.config/croc/receive.json" diff --git a/roles/croc/tasks/relay.yml b/roles/croc/tasks/relay.yml index 98636fb..247091e 100644 --- a/roles/croc/tasks/relay.yml +++ b/roles/croc/tasks/relay.yml @@ -1,5 +1,5 @@ --- -- name: create systemd unit override path +- name: Create systemd unit override path ansible.builtin.file: path: /etc/systemd/system/croc.service.d state: directory @@ -7,7 +7,7 @@ group: root mode: 0755 -- name: install systemd unit override file +- name: Install systemd unit override file ansible.builtin.template: src: croc.service.j2 dest: /etc/systemd/system/croc.service.d/override.conf @@ -15,7 +15,7 @@ group: root mode: 0644 -- name: start and enable croc +- name: Start and enable croc ansible.builtin.systemd: name: croc enabled: true @@ -37,7 +37,7 @@ state: reloaded when: croc_service.changed -- name: firewalld allow croc +- name: Firewalld allow croc ansible.posix.firewalld: service: croc state: enabled diff --git a/roles/cron/tasks/main.yml b/roles/cron/tasks/main.yml index e543564..2fed496 100644 --- a/roles/cron/tasks/main.yml +++ b/roles/cron/tasks/main.yml @@ -1,16 +1,16 @@ --- -- name: install cron +- name: Install cron ansible.builtin.package: name: "{{ cron_package[ansible_facts['os_family']] }}" state: present -- name: enable cron systemd service +- name: Enable cron systemd service ansible.builtin.systemd: name: "{{ cron_package[ansible_facts['os_family']] }}.service" enabled: true state: started -- name: set cron mailto +- name: Set cron mailto ansible.builtin.cron: env: true name: MAILTO diff --git a/roles/deploy/tasks/main.yml b/roles/deploy/tasks/main.yml index a58f267..df1fc2d 100644 --- a/roles/deploy/tasks/main.yml +++ b/roles/deploy/tasks/main.yml @@ -1,11 +1,11 @@ --- -- name: create user +- name: Create user ansible.builtin.user: name: deploy shell: /bin/bash home: /home/deploy -- name: deposit ssh pub key +- name: Deposit ssh pub key ansible.posix.authorized_key: user: deploy state: present diff --git a/roles/ejabberd/handlers/main.yml b/roles/ejabberd/handlers/main.yml index 75db7ba..1fcb94a 100644 --- a/roles/ejabberd/handlers/main.yml +++ b/roles/ejabberd/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart ejabberd +- name: Restart ejabberd ansible.builtin.systemd: name: ejabberd state: restarted diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index 0263e79..cfed226 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -3,15 +3,15 @@ ansible.builtin.set_fact: ejabberd_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/ejabberd') }}" -- name: install +- name: Install community.general.pacman: name: ejabberd state: present -- name: create DH group +- name: Create DH group ansible.builtin.command: openssl dhparam -out /etc/ejabberd/dhparams.pem 2048 creates=/etc/ejabberd/dhparams.pem -- name: create db user +- name: Create db user community.general.postgresql_user: name: ejabberd password: "{{ ejabberd_secrets['psql_password'] }}" @@ -19,7 +19,7 @@ become_user: postgres no_log: true -- name: create db +- name: Create db community.general.postgresql_db: name: ejabberd owner: ejabberd @@ -27,7 +27,7 @@ become_user: postgres register: ejabberd_db -- name: get db schema +- name: Get db schema ansible.builtin.get_url: url: https://raw.githubusercontent.com/processone/ejabberd/master/sql/pg.sql dest: /tmp/pg.sql @@ -36,7 +36,7 @@ mode: 0644 when: ejabberd_db.changed -- name: import db schema +- name: Import db schema community.general.postgresql_db: login_user: ejabberd login_password: "{{ ejabberd_secrets['psql_password'] }}" @@ -48,14 +48,14 @@ when: ejabberd_db.changed no_log: true -- name: configure +- name: Configure ansible.builtin.template: src: ejabberd.yml dest: /etc/ejabberd/ejabberd.yml owner: jabber group: jabber mode: 0600 - notify: restart ejabberd + notify: Restart ejabberd - name: Copy certificate ansible.builtin.copy: @@ -69,13 +69,13 @@ - fullchain.pem - privkey.pem -- name: start and enable +- name: Start and enable ansible.builtin.systemd: name: ejabberd enabled: true state: started -- name: firewalld allow +- name: Firewalld allow ansible.posix.firewalld: service: "{{ item }}" state: enabled @@ -85,7 +85,7 @@ - xmpp-client - xmpp-server -- name: create upload dir +- name: Create upload dir ansible.builtin.file: path: /var/www/ejabberd_upload state: directory @@ -93,7 +93,7 @@ group: jabber mode: 0755 -- name: create well-known dir +- name: Create well-known dir ansible.builtin.file: path: /etc/nginx/html/.well-known state: directory @@ -101,7 +101,7 @@ group: http mode: 0755 -- name: copy host-meta +- name: Copy host-meta ansible.builtin.copy: src: "{{ item }}" dest: "/etc/nginx/html/.well-known/{{ item }}" @@ -112,7 +112,7 @@ - host-meta - host-meta.json -- name: create xenrox user +- name: Create xenrox user community.general.ejabberd_user: username: xenrox host: xenrox.net @@ -123,14 +123,14 @@ # wait for module update to remove changed_when changed_when: false -- name: set jabber cron mailto +- name: Set jabber cron mailto ansible.builtin.cron: env: true name: MAILTO user: jabber value: admin@xenrox.net -- name: set jabber cronjobs +- name: Set jabber cronjobs ansible.builtin.cron: name: "{{ item.name }}" state: present diff --git a/roles/faceit/tasks/main.yml b/roles/faceit/tasks/main.yml index 853f86b..36fdda0 100644 --- a/roles/faceit/tasks/main.yml +++ b/roles/faceit/tasks/main.yml @@ -31,4 +31,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/fail2ban/handlers/main.yml b/roles/fail2ban/handlers/main.yml index 6f6780a..83fad83 100644 --- a/roles/fail2ban/handlers/main.yml +++ b/roles/fail2ban/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart fail2ban +- name: Restart fail2ban ansible.builtin.systemd: name: fail2ban state: restarted diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml index 9404fdf..55e8d9a 100644 --- a/roles/fail2ban/tasks/main.yml +++ b/roles/fail2ban/tasks/main.yml @@ -1,28 +1,28 @@ --- -- name: install fail2ban +- name: Install fail2ban ansible.builtin.package: name: fail2ban state: present -- name: install jail.local +- name: Install jail.local ansible.builtin.copy: src: jail.local dest: /etc/fail2ban/jail.local owner: root group: root mode: 0644 - notify: restart fail2ban + notify: Restart fail2ban -- name: install sshd.jail +- name: Install sshd.jail ansible.builtin.copy: src: sshd.jail dest: /etc/fail2ban/jail.d/sshd.local owner: root group: root mode: 0644 - notify: restart fail2ban + notify: Restart fail2ban -- name: start and enable fail2ban +- name: Start and enable fail2ban ansible.builtin.systemd: name: fail2ban enabled: true diff --git a/roles/firewalld/handlers/main.yml b/roles/firewalld/handlers/main.yml index 2022096..bdf1a17 100644 --- a/roles/firewalld/handlers/main.yml +++ b/roles/firewalld/handlers/main.yml @@ -4,10 +4,10 @@ ansible.builtin.systemd: name: firewalld state: stopped - listen: restart firewalld + listen: Restart firewalld - name: Start firewalld ansible.builtin.systemd: name: firewalld state: started - listen: restart firewalld + listen: Restart firewalld diff --git a/roles/firewalld/tasks/main.yml b/roles/firewalld/tasks/main.yml index 65a92c3..c8b1d43 100644 --- a/roles/firewalld/tasks/main.yml +++ b/roles/firewalld/tasks/main.yml @@ -1,10 +1,10 @@ --- -- name: install firewalld +- name: Install firewalld ansible.builtin.package: name: firewalld state: present -- name: configure firewalld +- name: Configure firewalld ansible.builtin.template: src: firewalld.conf.j2 dest: /etc/firewalld/firewalld.conf @@ -12,22 +12,22 @@ group: root mode: 0644 when: "'archlinux' in group_names" - notify: restart firewalld + notify: Restart firewalld -- name: start and enable firewalld +- name: Start and enable firewalld ansible.builtin.systemd: name: firewalld enabled: true state: started -- name: disable default dhcpv6-client +- name: Disable default dhcpv6-client ansible.posix.firewalld: service: dhcpv6-client state: disabled permanent: true immediate: true -- name: disable default ssh +- name: Disable default ssh ansible.posix.firewalld: service: ssh state: disabled diff --git a/roles/gamja/tasks/main.yml b/roles/gamja/tasks/main.yml index de1b5fa..41536ad 100644 --- a/roles/gamja/tasks/main.yml +++ b/roles/gamja/tasks/main.yml @@ -19,4 +19,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml index 4000b2b..29867d4 100644 --- a/roles/grafana/tasks/main.yml +++ b/roles/grafana/tasks/main.yml @@ -69,4 +69,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/hedgedoc/tasks/main.yml b/roles/hedgedoc/tasks/main.yml index a8a73bb..1121e0a 100644 --- a/roles/hedgedoc/tasks/main.yml +++ b/roles/hedgedoc/tasks/main.yml @@ -45,4 +45,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/homepage/tasks/main.yml b/roles/homepage/tasks/main.yml index 1404d8f..bf2af11 100644 --- a/roles/homepage/tasks/main.yml +++ b/roles/homepage/tasks/main.yml @@ -1,14 +1,14 @@ --- -- name: copy nginx conf +- name: Copy nginx conf ansible.builtin.template: src: homepage.conf.j2 dest: /etc/nginx/nginx.d/homepage.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx -- name: create homepage dir +- name: Create homepage dir ansible.builtin.file: state: directory path: /usr/share/webapps/homepage @@ -16,7 +16,7 @@ group: deploy mode: 0755 -- name: create repo dir +- name: Create repo dir ansible.builtin.file: state: directory path: /usr/share/webapps/repo @@ -24,7 +24,7 @@ group: xenrox mode: 0755 -- name: add deploy user to http group +- name: Add deploy user to http group ansible.builtin.user: name: deploy append: true diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index 2e7fa1c..826d162 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -51,4 +51,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/mailcow/tasks/main.yml b/roles/mailcow/tasks/main.yml index 27234b1..bf18a3f 100644 --- a/roles/mailcow/tasks/main.yml +++ b/roles/mailcow/tasks/main.yml @@ -10,7 +10,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Install cert renewal hook ansible.builtin.copy: diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml index 0873340..fb86101 100644 --- a/roles/matrix/tasks/main.yml +++ b/roles/matrix/tasks/main.yml @@ -57,7 +57,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Setup whatsapp bridge block: diff --git a/roles/minio/handlers/main.yml b/roles/minio/handlers/main.yml index ba2cc17..14ccfd4 100644 --- a/roles/minio/handlers/main.yml +++ b/roles/minio/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart minio +- name: Restart minio ansible.builtin.systemd: name: minio state: restarted diff --git a/roles/minio/tasks/main.yml b/roles/minio/tasks/main.yml index d51ce9e..d2d6f6e 100644 --- a/roles/minio/tasks/main.yml +++ b/roles/minio/tasks/main.yml @@ -8,7 +8,7 @@ name: minio state: present -- name: create minio config path +- name: Create minio config path ansible.builtin.file: path: /etc/minio state: directory @@ -16,7 +16,7 @@ group: minio mode: 0700 -- name: configure minio +- name: Configure minio ansible.builtin.template: src: minio.conf.j2 dest: /etc/minio/minio.conf @@ -24,19 +24,19 @@ group: minio mode: 0600 notify: - - restart minio + - Restart minio -- name: start and enable minio +- name: Start and enable minio ansible.builtin.systemd: name: minio enabled: true state: started -- name: copy nginx cong +- name: Copy nginx conf ansible.builtin.copy: src: minio.conf dest: /etc/nginx/nginx.d/minio.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/navidrome/tasks/main.yml b/roles/navidrome/tasks/main.yml index 626c9d5..d7d5a90 100644 --- a/roles/navidrome/tasks/main.yml +++ b/roles/navidrome/tasks/main.yml @@ -38,4 +38,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 6e77105..95077e9 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -72,7 +72,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Copy upgrade hook ansible.builtin.copy: diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml index abb7b11..4cbd8de 100644 --- a/roles/nginx/handlers/main.yml +++ b/roles/nginx/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart nginx +- name: Restart nginx ansible.builtin.systemd: name: nginx state: restarted diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 072a463..c1dd09d 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,19 +1,19 @@ --- -- name: install nginx +- name: Install nginx community.general.pacman: name: nginx-mainline state: present -- name: configure nginx +- name: Configure nginx ansible.builtin.copy: src: nginx.conf dest: /etc/nginx/nginx.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx -- name: create snippets dir +- name: Create snippets dir ansible.builtin.file: state: directory path: /etc/nginx/snippets @@ -21,7 +21,7 @@ group: root mode: 0755 -- name: copy snippets +- name: Copy snippets ansible.builtin.copy: src: "{{ item }}" dest: /etc/nginx/snippets @@ -29,7 +29,7 @@ group: root mode: 0644 with_fileglob: files/snippets/* - notify: restart nginx + notify: Restart nginx - name: Copy templated snippets ansible.builtin.template: @@ -40,9 +40,9 @@ mode: 0644 with_items: - internal_access.conf - notify: restart nginx + notify: Restart nginx -- name: create nginx.d directory +- name: Create nginx.d directory ansible.builtin.file: state: directory path: /etc/nginx/nginx.d @@ -62,13 +62,13 @@ # NOTE: Remove when upgrading to modern SSL config ansible.builtin.command: openssl dhparam -out /etc/ssl/dhparams.pem 4096 creates=/etc/ssl/dhparams.pem -- name: start and enable nginx +- name: Start and enable nginx ansible.builtin.systemd: name: nginx enabled: true state: started -- name: firewalld allow nginx +- name: Firewalld allow nginx ansible.posix.firewalld: service: "{{ item }}" state: enabled diff --git a/roles/ntfy_server/tasks/main.yml b/roles/ntfy_server/tasks/main.yml index d05edd4..e9eadc3 100644 --- a/roles/ntfy_server/tasks/main.yml +++ b/roles/ntfy_server/tasks/main.yml @@ -42,7 +42,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Make UnifiedPush topics world-writeable ansible.builtin.command: ntfy access everyone 'up*' write-only diff --git a/roles/pacman/tasks/main.yml b/roles/pacman/tasks/main.yml index b5da4a2..d39f57b 100644 --- a/roles/pacman/tasks/main.yml +++ b/roles/pacman/tasks/main.yml @@ -1,9 +1,9 @@ --- -- name: get installed packages +- name: Get installed packages ansible.builtin.package_facts: manager: pacman -- name: install pacman config +- name: Install pacman config ansible.builtin.template: src: pacman.conf.j2 dest: /etc/pacman.conf @@ -22,13 +22,13 @@ id: "{{ xenrox_pacman_key }}" keyserver: "{{ keyserver }}" -- name: install pacman packages +- name: Install pacman packages community.general.pacman: name: "{{ pacman_packages }}" state: present update_cache: true -- name: install paccache service +- name: Install paccache service ansible.builtin.copy: src: "{{ item }}" dest: "/etc/systemd/system/{{ item }}" @@ -39,14 +39,14 @@ - paccache.service - paccache.timer -- name: enable paccache.timer +- name: Enable paccache.timer ansible.builtin.systemd: name: paccache.timer enabled: true state: started daemon_reload: true -- name: install reflector service +- name: Install reflector service ansible.builtin.copy: src: "{{ item }}" dest: "/etc/systemd/system/{{ item }}" @@ -57,14 +57,14 @@ - reflector.service - reflector.timer -- name: enable reflector.timer +- name: Enable reflector.timer ansible.builtin.systemd: name: reflector.timer enabled: true state: started daemon_reload: true -- name: create pacman.d hooks dir +- name: Create pacman.d hooks dir ansible.builtin.file: path: /etc/pacman.d/hooks state: directory @@ -72,7 +72,7 @@ group: root mode: 0755 -- name: install hooks +- name: Install hooks ansible.builtin.copy: src: "{{ item }}" dest: "/etc/pacman.d/hooks/{{ item }}" @@ -83,7 +83,7 @@ - arch-audit.hook - mirrorlist.hook -- name: enable kernel-modules cleanup +- name: Enable kernel-modules cleanup ansible.builtin.systemd: name: linux-modules-cleanup.service enabled: true diff --git a/roles/peertube/handlers/main.yml b/roles/peertube/handlers/main.yml index 4b51ec5..e0e8b53 100644 --- a/roles/peertube/handlers/main.yml +++ b/roles/peertube/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart peertube +- name: Restart peertube ansible.builtin.systemd: name: peertube state: restarted diff --git a/roles/peertube/tasks/main.yml b/roles/peertube/tasks/main.yml index b4c9f31..e7f220b 100644 --- a/roles/peertube/tasks/main.yml +++ b/roles/peertube/tasks/main.yml @@ -9,7 +9,7 @@ name: nodejs-lts-gallium,yarn state: present -- name: install +- name: Install community.general.pacman: name: peertube state: present @@ -19,13 +19,13 @@ name: prosody,lua52-sec state: present -- name: create db +- name: Create db community.general.postgresql_db: db: peertube become: true become_user: postgres -- name: create db user +- name: Create db user community.general.postgresql_user: db: peertube name: peertube @@ -35,14 +35,14 @@ become_user: postgres no_log: true -- name: configure +- name: Configure ansible.builtin.template: src: production.yaml.j2 dest: /etc/peertube/production.yaml owner: peertube group: peertube mode: 0600 - notify: restart peertube + notify: Restart peertube - name: Fix folder permissions # TODO: Bug in aur package ansible.builtin.file: @@ -68,21 +68,21 @@ group: root mode: 0644 -- name: start and enable +- name: Start and enable ansible.builtin.systemd: name: peertube enabled: true state: started daemon_reload: true -- name: copy nginx conf +- name: Copy nginx conf ansible.builtin.copy: src: peertube.conf dest: /etc/nginx/nginx.d/peertube.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Copy firewalld RTMP service ansible.builtin.copy: @@ -99,7 +99,7 @@ state: reloaded when: rtmp_service.changed -- name: firewalld allow rtmp +- name: Firewalld allow rtmp ansible.posix.firewalld: service: rtmp state: enabled diff --git a/roles/prometheus/handlers/main.yml b/roles/prometheus/handlers/main.yml index d4665ae..e0e6eea 100644 --- a/roles/prometheus/handlers/main.yml +++ b/roles/prometheus/handlers/main.yml @@ -4,7 +4,7 @@ name: prometheus state: restarted -- name: reload prometheus +- name: Reload prometheus ansible.builtin.systemd: name: prometheus state: reloaded diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml index 8b6fd2d..7dc56f2 100644 --- a/roles/prometheus/tasks/main.yml +++ b/roles/prometheus/tasks/main.yml @@ -8,19 +8,19 @@ ansible.builtin.set_fact: ejabberd_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/ejabberd') }}" -- name: install +- name: Install community.general.pacman: name: "{{ prometheus_packages }}" state: present -- name: configure prometheus +- name: Configure prometheus ansible.builtin.template: src: prometheus.yml.j2 dest: /etc/prometheus/prometheus.yml owner: root group: root mode: 0644 - notify: reload prometheus + notify: Reload prometheus - name: Install cli configuration ansible.builtin.copy: @@ -31,7 +31,7 @@ mode: 0644 notify: Restart prometheus -- name: configure rules +- name: Configure rules ansible.builtin.copy: src: "{{ item }}" dest: /etc/prometheus/ @@ -40,9 +40,9 @@ mode: 0644 with_fileglob: - files/rules/* - notify: reload prometheus + notify: Reload prometheus -- name: start and enable prometheus +- name: Start and enable prometheus ansible.builtin.systemd: name: prometheus enabled: true @@ -64,7 +64,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Install pushgateway service ansible.builtin.copy: diff --git a/roles/prometheus_clients/handlers/main.yml b/roles/prometheus_clients/handlers/main.yml index 7b3b1f9..b6e7752 100644 --- a/roles/prometheus_clients/handlers/main.yml +++ b/roles/prometheus_clients/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart node exporter +- name: Restart node exporter ansible.builtin.systemd: name: prometheus-node-exporter state: restarted diff --git a/roles/prometheus_clients/tasks/server.yml b/roles/prometheus_clients/tasks/server.yml index b4c0ff1..c31d9f3 100644 --- a/roles/prometheus_clients/tasks/server.yml +++ b/roles/prometheus_clients/tasks/server.yml @@ -1,10 +1,10 @@ --- -- name: install +- name: Install community.general.pacman: name: prometheus-node-exporter state: present -- name: create textfile dir +- name: Create textfile dir ansible.builtin.file: path: /var/lib/prometheus_textfiles state: directory @@ -12,16 +12,16 @@ group: node_exporter mode: 0755 -- name: configure node exporter +- name: Configure node exporter ansible.builtin.copy: src: prometheus-node-exporter dest: /etc/conf.d/prometheus-node-exporter owner: root group: root mode: 0644 - notify: restart node exporter + notify: Restart node exporter -- name: install textfile script +- name: Install textfile script ansible.builtin.copy: src: prometheus_arch.sh dest: /usr/local/bin/prometheus_arch.sh @@ -29,7 +29,7 @@ group: root mode: 0755 -- name: start and enable node exporter +- name: Start and enable node exporter ansible.builtin.systemd: name: prometheus-node-exporter enabled: true @@ -53,7 +53,7 @@ state: started daemon_reload: true -- name: allow in firewalld +- name: Allow in firewalld ansible.posix.firewalld: zone: wireguard rich_rule: "rule family=ipv4 source address={{ hostvars['xenrox.net']['wireguard_address'] }} port port=9100 protocol=tcp accept" diff --git a/roles/screego/tasks/main.yml b/roles/screego/tasks/main.yml index d007592..0f22a34 100644 --- a/roles/screego/tasks/main.yml +++ b/roles/screego/tasks/main.yml @@ -40,7 +40,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Copy firewalld service ansible.builtin.copy: diff --git a/roles/searx/handlers/main.yml b/roles/searx/handlers/main.yml index 1e7fa03..3b3fe36 100644 --- a/roles/searx/handlers/main.yml +++ b/roles/searx/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart searx +- name: Restart searx ansible.builtin.systemd: name: uwsgi@searx state: restarted diff --git a/roles/searx/tasks/main.yml b/roles/searx/tasks/main.yml index 2ef908f..bb3de37 100644 --- a/roles/searx/tasks/main.yml +++ b/roles/searx/tasks/main.yml @@ -3,12 +3,12 @@ ansible.builtin.set_fact: searx_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/searx') }}" -- name: install +- name: Install community.general.pacman: name: searx state: present -- name: configure uwsgi +- name: Configure uwsgi ansible.builtin.lineinfile: path: /etc/uwsgi/searx.ini state: present @@ -17,28 +17,28 @@ owner: root group: root mode: 0644 - notify: restart searx + notify: Restart searx -- name: configure +- name: Configure ansible.builtin.template: src: settings.yml.j2 dest: /etc/searx/settings.yml owner: root group: root mode: 0644 - notify: restart searx + notify: Restart searx -- name: start and enable +- name: Start and enable ansible.builtin.systemd: name: uwsgi@searx enabled: true state: started -- name: copy nginx conf +- name: Copy nginx conf ansible.builtin.copy: src: search.conf dest: /etc/nginx/nginx.d/search.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/sinusbot/tasks/main.yml b/roles/sinusbot/tasks/main.yml index 6101624..4faf11a 100644 --- a/roles/sinusbot/tasks/main.yml +++ b/roles/sinusbot/tasks/main.yml @@ -32,7 +32,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Clone scripts ansible.builtin.git: diff --git a/roles/srht/handlers/main.yml b/roles/srht/handlers/main.yml index 04b3816..795f79f 100644 --- a/roles/srht/handlers/main.yml +++ b/roles/srht/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart srht +- name: Restart srht ansible.builtin.systemd: name: "{{ item }}" state: restarted @@ -10,7 +10,7 @@ name: builds.sr.ht-worker state: restarted -- name: restart nginx +- name: Restart nginx ansible.builtin.systemd: name: nginx state: restarted diff --git a/roles/srht/tasks/main.yml b/roles/srht/tasks/main.yml index 912a3c5..dcb2f9d 100644 --- a/roles/srht/tasks/main.yml +++ b/roles/srht/tasks/main.yml @@ -6,12 +6,12 @@ minio_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/minio') }}" email_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/email') }}" -- name: install srht packages +- name: Install srht packages community.general.pacman: name: "{{ srht_packages }}" state: present -- name: create srht config path +- name: Create srht config path ansible.builtin.file: path: /etc/sr.ht state: directory @@ -19,14 +19,14 @@ group: root mode: 0755 -- name: configure srht +- name: Configure srht ansible.builtin.template: src: config.ini.j2 dest: /etc/sr.ht/config.ini owner: root group: root mode: 0644 - notify: restart srht + notify: Restart srht - name: Deposit GPG private key ansible.builtin.template: @@ -44,7 +44,7 @@ group: root mode: 0644 -- name: create systemd unit override path for git +- name: Create systemd unit override path for git ansible.builtin.file: path: "/etc/systemd/system/{{ item }}.d" state: directory @@ -57,7 +57,7 @@ - git.sr.ht-webhooks.service - git.sr.ht-periodic.service -- name: install systemd unit override file +- name: Install systemd unit override file ansible.builtin.copy: src: override.conf dest: "/etc/systemd/system/{{ item }}.d/override.conf" @@ -178,7 +178,7 @@ source: build notify: Prune images -- name: start and enable srht services +- name: Start and enable srht services ansible.builtin.systemd: name: "{{ item }}" enabled: true @@ -186,7 +186,7 @@ daemon_reload: true with_items: "{{ srht_services }}" -- name: add archlinux rebuild cronjob +- name: Add archlinux rebuild cronjob ansible.builtin.cron: name: arch rebuild state: present @@ -195,7 +195,7 @@ hour: "9" minute: "0" -- name: add alpine rebuild cronjob +- name: Add alpine rebuild cronjob ansible.builtin.cron: name: alpine rebuild state: present @@ -204,7 +204,7 @@ hour: "9" minute: "30" -- name: copy nginx conf +- name: Copy nginx conf ansible.builtin.copy: src: "{{ item }}" dest: /etc/nginx/nginx.d @@ -214,7 +214,7 @@ with_fileglob: - files/nginx/* notify: - - restart nginx + - Restart nginx - name: Install nginx runenr conf ansible.builtin.template: @@ -223,7 +223,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Copy nginx snippets ansible.builtin.copy: @@ -237,9 +237,9 @@ - srht.conf - srht_robots.txt - srht_web.conf - notify: restart nginx + notify: Restart nginx -- name: copy api key +- name: Copy api key ansible.builtin.template: src: image-refresh-token.j2 dest: /etc/sr.ht/image-refresh-token @@ -247,13 +247,13 @@ group: root mode: 0644 -- name: setup image build files +- name: Setup image build files ansible.builtin.git: repo: https://git.xenrox.net/~xenrox/builds dest: /var/lib/images/builds version: master -- name: add deploy user to buildsrht group +- name: Add deploy user to buildsrht group ansible.builtin.user: name: deploy append: true diff --git a/roles/ssh/handlers/main.yml b/roles/ssh/handlers/main.yml index 2000127..e3e8b1c 100644 --- a/roles/ssh/handlers/main.yml +++ b/roles/ssh/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart sshd +- name: Restart sshd ansible.builtin.systemd: name: sshd state: restarted diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml index a7c6aa0..baf4112 100644 --- a/roles/ssh/tasks/main.yml +++ b/roles/ssh/tasks/main.yml @@ -1,11 +1,11 @@ --- -- name: install openssh +- name: Install openssh ansible.builtin.package: name: openssh state: present when: "'archlinux' in group_names" -- name: setup server +- name: Setup server import_tasks: server.yml when: "inventory_hostname != '127.0.0.1'" @@ -13,7 +13,7 @@ import_tasks: client.yml when: "inventory_hostname == '127.0.0.1'" -- name: set file permissions +- name: Set file permissions ansible.builtin.file: path: /etc/ssh mode: 0755 diff --git a/roles/ssh/tasks/server.yml b/roles/ssh/tasks/server.yml index 1df2453..60662a9 100644 --- a/roles/ssh/tasks/server.yml +++ b/roles/ssh/tasks/server.yml @@ -1,5 +1,5 @@ --- -- name: configure sshd +- name: Configure sshd ansible.builtin.template: src: sshd_config.j2 dest: /etc/ssh/sshd_config @@ -7,9 +7,9 @@ group: root mode: 0644 validate: /usr/sbin/sshd -t -f %s - notify: restart sshd + notify: Restart sshd -- name: start and enable sshd +- name: Start and enable sshd ansible.builtin.systemd: name: sshd enabled: true diff --git a/roles/upgrade/handlers/main.yml b/roles/upgrade/handlers/main.yml index 2c9bcef..e81c9be 100644 --- a/roles/upgrade/handlers/main.yml +++ b/roles/upgrade/handlers/main.yml @@ -1,3 +1,3 @@ --- -- name: reboot debian +- name: Reboot debian ansible.builtin.reboot: diff --git a/roles/upgrade/tasks/Archlinux.yml b/roles/upgrade/tasks/Archlinux.yml index c2969be..8b5d975 100644 --- a/roles/upgrade/tasks/Archlinux.yml +++ b/roles/upgrade/tasks/Archlinux.yml @@ -1,9 +1,9 @@ --- -- name: upgrade archlinux +- name: Upgrade archlinux community.general.pacman: update_cache: true upgrade: true register: upgrade_archlinux -- name: list archlinux upgrades +- name: List archlinux upgrades ansible.builtin.debug: var=upgrade_archlinux.packages diff --git a/roles/upgrade/tasks/Debian.yml b/roles/upgrade/tasks/Debian.yml index d8706c4..61ad87d 100644 --- a/roles/upgrade/tasks/Debian.yml +++ b/roles/upgrade/tasks/Debian.yml @@ -1,8 +1,8 @@ --- -- name: upgrade debian +- name: Upgrade debian ansible.builtin.apt: update_cache: true upgrade: dist autoremove: true autoclean: true - notify: reboot debian + notify: Reboot debian diff --git a/roles/upgrade/tasks/main.yml b/roles/upgrade/tasks/main.yml index 60c4aae..984369d 100644 --- a/roles/upgrade/tasks/main.yml +++ b/roles/upgrade/tasks/main.yml @@ -1,3 +1,3 @@ --- -- name: include os specific upgrade playbook +- name: Include os specific upgrade playbook include_tasks: "{{ ansible_facts['os_family'] }}.yml" diff --git a/roles/uptime_kuma/tasks/main.yml b/roles/uptime_kuma/tasks/main.yml index 67c07cf..0497c72 100644 --- a/roles/uptime_kuma/tasks/main.yml +++ b/roles/uptime_kuma/tasks/main.yml @@ -22,7 +22,7 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx - name: Install backup script ansible.builtin.copy: diff --git a/roles/vault/tasks/main.yml b/roles/vault/tasks/main.yml index 06d68ab..524c4f3 100644 --- a/roles/vault/tasks/main.yml +++ b/roles/vault/tasks/main.yml @@ -66,4 +66,4 @@ owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx diff --git a/roles/vaultwarden/handlers/main.yml b/roles/vaultwarden/handlers/main.yml index 4c71f84..8baa75e 100644 --- a/roles/vaultwarden/handlers/main.yml +++ b/roles/vaultwarden/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart vaultwarden +- name: Restart vaultwarden ansible.builtin.systemd: name: vaultwarden state: restarted diff --git a/roles/vaultwarden/tasks/main.yml b/roles/vaultwarden/tasks/main.yml index d2af166..c5cc5a6 100644 --- a/roles/vaultwarden/tasks/main.yml +++ b/roles/vaultwarden/tasks/main.yml @@ -7,7 +7,7 @@ ansible.builtin.set_fact: email_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/email') }}" -- name: install +- name: Install community.general.pacman: name: "{{ vaultwarden_packages }}" state: present @@ -27,44 +27,44 @@ become_user: postgres no_log: true -- name: configure +- name: Configure ansible.builtin.template: src: vaultwarden.env.j2 dest: /etc/vaultwarden.env owner: vaultwarden group: vaultwarden mode: 0600 - notify: restart vaultwarden + notify: Restart vaultwarden -- name: start and enable +- name: Start and enable ansible.builtin.systemd: name: vaultwarden enabled: true state: started -- name: copy nginx conf +- name: Copy nginx conf ansible.builtin.template: src: pass.conf.j2 dest: /etc/nginx/nginx.d/pass.conf owner: root group: root mode: 0644 - notify: restart nginx + notify: Restart nginx -- name: install fail2ban filter +- name: Install fail2ban filter ansible.builtin.copy: src: vaultwarden.filter dest: /etc/fail2ban/filter.d/vaultwarden.local owner: root group: root mode: 0644 - notify: restart fail2ban + notify: Restart fail2ban -- name: install fail2ban jail +- name: Install fail2ban jail ansible.builtin.copy: src: vaultwarden.jail dest: /etc/fail2ban/jail.d/vaultwarden.local owner: root group: root mode: 0644 - notify: restart fail2ban + notify: Restart fail2ban diff --git a/roles/xenrox/tasks/main.yml b/roles/xenrox/tasks/main.yml index c7ad130..46313b5 100644 --- a/roles/xenrox/tasks/main.yml +++ b/roles/xenrox/tasks/main.yml @@ -3,7 +3,7 @@ ansible.builtin.set_fact: archlinux_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/archlinux') }}" -- name: install xenrox packages +- name: Install xenrox packages community.general.pacman: name: "{{ xenrox_packages }}" state: present @@ -16,7 +16,7 @@ group: root mode: 0440 -- name: create user +- name: Create user ansible.builtin.user: name: xenrox shell: /bin/zsh @@ -24,7 +24,7 @@ password: "{{ archlinux_secrets['xenrox_password'] | password_hash('sha512', archlinux_secrets['xenrox_hash']) }}" no_log: true -- name: add to wheel +- name: Add to wheel ansible.builtin.user: name: xenrox append: true @@ -39,7 +39,7 @@ ansible.builtin.set_fact: authorized_keys: "{% for key in ssh_pubkeys %}{{ lookup('file', '../public_keys/' + key) }}\n{% endfor %}" -- name: deposit ssh pub key +- name: Deposit ssh pub key ansible.posix.authorized_key: user: xenrox state: present -- 2.44.0