From 69c5bd067efff4cfdd2bcb5f2d0cf7fae2a398b2 Mon Sep 17 00:00:00 2001 From: Wojciech Kozlowski Date: Sun, 18 Dec 2022 23:43:40 +0100 Subject: [PATCH] Introduce yamllint --- .yamllint | 38 +++++++++++++++++++ group_vars/all/vars.yml | 1 + group_vars/asgard/vars.yml | 1 + group_vars/bifrost/vars.yml | 1 + group_vars/home/vars.yml | 1 + group_vars/remote/vars.yml | 1 + host_vars/heimdall/vars.yml | 1 + host_vars/valkyrie/vars.yml | 1 + host_vars/yggdrasil/vars.yml | 1 + makefile | 2 +- playbooks/roles/backups/restic/tasks/main.yml | 4 +- .../backups/snapshots/meta/argument_specs.yml | 1 + .../roles/backups/snapshots/tasks/main.yml | 1 + .../services/backups/meta/argument_specs.yml | 1 + .../services/backups/tasks/include/restic.yml | 1 + .../backups/tasks/include/snapshots.yml | 1 + .../roles/services/backups/tasks/main.yml | 1 + .../roles/services/backups/vars/main.yml | 1 + .../backups/system/meta/argument_specs.yml | 1 + .../datasets/backups/system/tasks/main.yml | 1 + .../backups/user/meta/argument_specs.yml | 1 + .../datasets/backups/user/tasks/main.yml | 1 + .../datasets/system/meta/argument_specs.yml | 1 + .../services/datasets/system/tasks/main.yml | 1 + .../datasets/user/meta/argument_specs.yml | 1 + .../services/datasets/user/tasks/main.yml | 1 + .../deploy/cloud/meta/argument_specs.yml | 1 + .../services/deploy/cloud/tasks/main.yml | 1 + .../deploy/database/meta/argument_specs.yml | 1 + .../services/deploy/database/tasks/main.yml | 5 ++- .../deploy/git/meta/argument_specs.yml | 1 + .../roles/services/deploy/git/tasks/main.yml | 1 + .../services/deploy/include/vars/versions.yml | 1 + .../deploy/lrproxy/meta/argument_specs.yml | 1 + .../services/deploy/lrproxy/tasks/main.yml | 18 +++++++-- .../deploy/notes/meta/argument_specs.yml | 1 + .../services/deploy/notes/tasks/main.yml | 1 + .../deploy/rproxy/meta/argument_specs.yml | 1 + .../services/deploy/rproxy/tasks/main.yml | 12 ++++-- .../services/deploy/rproxy/vars/nginx.yml | 1 + .../deploy/www/meta/argument_specs.yml | 1 + .../roles/services/deploy/www/tasks/main.yml | 19 ++++++++-- .../services/include/meta/argument_specs.yml | 1 + .../services/include/tasks/daemon_reload.yml | 1 + .../include/tasks/daemon_reload/main.yml | 1 + .../roles/services/include/vars/user.yml | 4 +- .../roles/services/include/vars/volumes.yml | 1 + .../setup/system/meta/argument_specs.yml | 1 + .../roles/services/setup/system/meta/main.yml | 1 + .../system/tasks/include/auto_update.yml | 1 + .../system/tasks/include/directories.yml | 1 + .../setup/system/tasks/include/nameserver.yml | 1 + .../setup/system/tasks/include/podman.yml | 1 + .../setup/system/tasks/include/veth.yml | 1 + .../services/setup/system/tasks/main.yml | 1 + .../setup/user/meta/argument_specs.yml | 1 + .../setup/user/tasks/include/auto_update.yml | 1 + .../setup/user/tasks/include/directories.yml | 1 + .../tasks/include/directories/volumes.yml | 11 ++++-- .../setup/user/tasks/include/podman.yml | 1 + .../setup/user/tasks/include/user.yml | 1 + .../setup/user/tasks/include/veth.yml | 1 + .../roles/services/setup/user/tasks/main.yml | 1 + .../roles/services/setup/user/vars/main.yml | 1 + playbooks/roles/system/base/defaults/main.yml | 1 + .../roles/system/base/meta/argument_specs.yml | 1 + .../system/base/tasks/include/fail2ban.yml | 1 + .../system/base/tasks/include/fstrim.yml | 1 + .../roles/system/base/tasks/include/logs.yml | 1 + .../roles/system/base/tasks/include/motd.yml | 1 + .../roles/system/base/tasks/include/ntp.yml | 1 + .../roles/system/base/tasks/include/root.yml | 1 + .../roles/system/base/tasks/include/sshd.yml | 1 + .../base/tasks/include/systemd_mail.yml | 1 + .../tasks/include/unattended_upgrades.yml | 1 + .../roles/system/base/tasks/include/user.yml | 1 + .../roles/system/base/tasks/include/utils.yml | 1 + playbooks/roles/system/base/tasks/main.yml | 1 + .../roles/system/mail/meta/argument_specs.yml | 1 + playbooks/roles/system/mail/tasks/main.yml | 1 + .../roles/system/nftables/defaults/main.yml | 1 + .../system/nftables/meta/argument_specs.yml | 1 + .../roles/system/nftables/tasks/main.yml | 1 + .../system/smart/meta/argument_specs.yml | 1 + playbooks/roles/system/smart/tasks/main.yml | 1 + playbooks/roles/system/ups/tasks/main.yml | 1 + playbooks/roles/system/zfs/defaults/main.yml | 1 + .../roles/system/zfs/meta/argument_specs.yml | 1 + .../roles/system/zfs/tasks/include/conf.yml | 1 + .../roles/system/zfs/tasks/include/cron.yml | 1 + .../roles/system/zfs/tasks/include/fstrim.yml | 1 + .../system/zfs/tasks/include/load_key.yml | 1 + .../roles/system/zfs/tasks/include/scrub.yml | 1 + .../roles/system/zfs/tasks/include/trim.yml | 1 + playbooks/roles/system/zfs/tasks/main.yml | 1 + playbooks/roles/vpn/base/tasks/main.yml | 1 + .../roles/vpn/bridge/meta/argument_specs.yml | 1 + playbooks/roles/vpn/bridge/tasks/main.yml | 1 + .../vpn/wireguard/meta/argument_specs.yml | 1 + playbooks/roles/vpn/wireguard/tasks/main.yml | 1 + 100 files changed, 186 insertions(+), 18 deletions(-) create mode 100644 .yamllint diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..f6e7dff --- /dev/null +++ b/.yamllint @@ -0,0 +1,38 @@ +--- + +yaml-files: + - '*.yaml' + - '*.yml' + - '.yamllint' + +ignore: | + vault.yml + +rules: + braces: enable + brackets: enable + colons: enable + commas: enable + comments: + level: warning + comments-indentation: + level: warning + document-end: disable + document-start: + level: warning + empty-lines: enable + empty-values: disable + float-values: disable + hyphens: enable + indentation: enable + key-duplicates: enable + key-ordering: disable + line-length: + max: 100 + new-line-at-end-of-file: enable + new-lines: enable + octal-values: disable + quoted-strings: disable + trailing-spaces: enable + truthy: + level: warning diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 84ec596..afe089f 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # ansible # -------------------------------------------------------------------------------------------------- diff --git a/group_vars/asgard/vars.yml b/group_vars/asgard/vars.yml index c7ee27e..ec9bcab 100644 --- a/group_vars/asgard/vars.yml +++ b/group_vars/asgard/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # system:base # -------------------------------------------------------------------------------------------------- diff --git a/group_vars/bifrost/vars.yml b/group_vars/bifrost/vars.yml index 6edb01c..a3cea1d 100644 --- a/group_vars/bifrost/vars.yml +++ b/group_vars/bifrost/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- diff --git a/group_vars/home/vars.yml b/group_vars/home/vars.yml index d456fa3..873bb68 100644 --- a/group_vars/home/vars.yml +++ b/group_vars/home/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # network # -------------------------------------------------------------------------------------------------- diff --git a/group_vars/remote/vars.yml b/group_vars/remote/vars.yml index 451dedc..4440bd6 100644 --- a/group_vars/remote/vars.yml +++ b/group_vars/remote/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # system:base # -------------------------------------------------------------------------------------------------- diff --git a/host_vars/heimdall/vars.yml b/host_vars/heimdall/vars.yml index 98a52ea..bd0bd5f 100644 --- a/host_vars/heimdall/vars.yml +++ b/host_vars/heimdall/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # system:mail # -------------------------------------------------------------------------------------------------- diff --git a/host_vars/valkyrie/vars.yml b/host_vars/valkyrie/vars.yml index a4c99f7..7a0d18b 100644 --- a/host_vars/valkyrie/vars.yml +++ b/host_vars/valkyrie/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # system:mail # -------------------------------------------------------------------------------------------------- diff --git a/host_vars/yggdrasil/vars.yml b/host_vars/yggdrasil/vars.yml index fa12c18..2f983d6 100644 --- a/host_vars/yggdrasil/vars.yml +++ b/host_vars/yggdrasil/vars.yml @@ -1,3 +1,4 @@ +--- # -------------------------------------------------------------------------------------------------- # system:zfs # -------------------------------------------------------------------------------------------------- diff --git a/makefile b/makefile index a95f793..209ebc3 100644 --- a/makefile +++ b/makefile @@ -2,7 +2,7 @@ ansible-lint: @ansible-lint ansible-syntax: - @ansible --syntax-check main.yml -i production + @ansible-playbook --syntax-check main.yml -i production yamllint: @yamllint . diff --git a/playbooks/roles/backups/restic/tasks/main.yml b/playbooks/roles/backups/restic/tasks/main.yml index 65582b8..4aad7e1 100644 --- a/playbooks/roles/backups/restic/tasks/main.yml +++ b/playbooks/roles/backups/restic/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "check if restic is installed" ansible.builtin.stat: path: "/usr/local/bin/restic" @@ -7,7 +8,8 @@ - name: "download restic binary" ansible.builtin.get_url: - url: "https://github.com/restic/restic/releases/download/v0.14.0/restic_0.14.0_linux_amd64.bz2" + url: "\ + https://github.com/restic/restic/releases/download/v0.14.0/restic_0.14.0_linux_amd64.bz2" dest: "/usr/local/bin/restic.bz2" mode: 0644 diff --git a/playbooks/roles/backups/snapshots/meta/argument_specs.yml b/playbooks/roles/backups/snapshots/meta/argument_specs.yml index 4cc37b3..98f13cd 100644 --- a/playbooks/roles/backups/snapshots/meta/argument_specs.yml +++ b/playbooks/roles/backups/snapshots/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/backups/snapshots/tasks/main.yml b/playbooks/roles/backups/snapshots/tasks/main.yml index e5a19a6..2ee6a9c 100644 --- a/playbooks/roles/backups/snapshots/tasks/main.yml +++ b/playbooks/roles/backups/snapshots/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "install sanoid and syncoid" ansible.builtin.apt: name: diff --git a/playbooks/roles/services/backups/meta/argument_specs.yml b/playbooks/roles/services/backups/meta/argument_specs.yml index c9c89b7..c603d3a 100644 --- a/playbooks/roles/services/backups/meta/argument_specs.yml +++ b/playbooks/roles/services/backups/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/backups/tasks/include/restic.yml b/playbooks/roles/services/backups/tasks/include/restic.yml index bdf0bf6..817a3ba 100644 --- a/playbooks/roles/services/backups/tasks/include/restic.yml +++ b/playbooks/roles/services/backups/tasks/include/restic.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : restic : create restic password file" ansible.builtin.template: src: "./restic/restic.password.j2" diff --git a/playbooks/roles/services/backups/tasks/include/snapshots.yml b/playbooks/roles/services/backups/tasks/include/snapshots.yml index bd1db69..81a52ba 100644 --- a/playbooks/roles/services/backups/tasks/include/snapshots.yml +++ b/playbooks/roles/services/backups/tasks/include/snapshots.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : snapshots : configure service sanoid snapshots" ansible.builtin.blockinfile: path: "/etc/sanoid/sanoid.conf" diff --git a/playbooks/roles/services/backups/tasks/main.yml b/playbooks/roles/services/backups/tasks/main.yml index 36ec364..63f2121 100644 --- a/playbooks/roles/services/backups/tasks/main.yml +++ b/playbooks/roles/services/backups/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "play:services : role:backups:{{ services_service_name }} : tasks:vars" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/backups/vars/main.yml b/playbooks/roles/services/backups/vars/main.yml index 63803a5..acf2753 100644 --- a/playbooks/roles/services/backups/vars/main.yml +++ b/playbooks/roles/services/backups/vars/main.yml @@ -1 +1,2 @@ +--- services_backups_user_data_dataset: "{{ services_data_dataset }}/{{ services_service_user_name }}" diff --git a/playbooks/roles/services/datasets/backups/system/meta/argument_specs.yml b/playbooks/roles/services/datasets/backups/system/meta/argument_specs.yml index 1e7c35f..944477d 100644 --- a/playbooks/roles/services/datasets/backups/system/meta/argument_specs.yml +++ b/playbooks/roles/services/datasets/backups/system/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/datasets/backups/system/tasks/main.yml b/playbooks/roles/services/datasets/backups/system/tasks/main.yml index 352ebc4..4ba12c8 100644 --- a/playbooks/roles/services/datasets/backups/system/tasks/main.yml +++ b/playbooks/roles/services/datasets/backups/system/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "create root backup dataset" community.general.zfs: name: "{{ services_backups_snapshots_dataset }}" diff --git a/playbooks/roles/services/datasets/backups/user/meta/argument_specs.yml b/playbooks/roles/services/datasets/backups/user/meta/argument_specs.yml index 0219401..c7d59d1 100644 --- a/playbooks/roles/services/datasets/backups/user/meta/argument_specs.yml +++ b/playbooks/roles/services/datasets/backups/user/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/datasets/backups/user/tasks/main.yml b/playbooks/roles/services/datasets/backups/user/tasks/main.yml index 9aa9535..f334f70 100644 --- a/playbooks/roles/services/datasets/backups/user/tasks/main.yml +++ b/playbooks/roles/services/datasets/backups/user/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : set variables" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/datasets/system/meta/argument_specs.yml b/playbooks/roles/services/datasets/system/meta/argument_specs.yml index 231ac8a..1a185b9 100644 --- a/playbooks/roles/services/datasets/system/meta/argument_specs.yml +++ b/playbooks/roles/services/datasets/system/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/datasets/system/tasks/main.yml b/playbooks/roles/services/datasets/system/tasks/main.yml index 107a8d6..c5c0f69 100644 --- a/playbooks/roles/services/datasets/system/tasks/main.yml +++ b/playbooks/roles/services/datasets/system/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "create containers dataset" community.general.zfs: name: "rpool/var/lib/containers" diff --git a/playbooks/roles/services/datasets/user/meta/argument_specs.yml b/playbooks/roles/services/datasets/user/meta/argument_specs.yml index 3e3b173..7686a1d 100644 --- a/playbooks/roles/services/datasets/user/meta/argument_specs.yml +++ b/playbooks/roles/services/datasets/user/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/datasets/user/tasks/main.yml b/playbooks/roles/services/datasets/user/tasks/main.yml index c200b1e..09f588c 100644 --- a/playbooks/roles/services/datasets/user/tasks/main.yml +++ b/playbooks/roles/services/datasets/user/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : set variables" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/deploy/cloud/meta/argument_specs.yml b/playbooks/roles/services/deploy/cloud/meta/argument_specs.yml index d4b2ae4..98a5cb7 100644 --- a/playbooks/roles/services/deploy/cloud/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/cloud/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/cloud/tasks/main.yml b/playbooks/roles/services/deploy/cloud/tasks/main.yml index 20ee699..97a1957 100644 --- a/playbooks/roles/services/deploy/cloud/tasks/main.yml +++ b/playbooks/roles/services/deploy/cloud/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/deploy/database/meta/argument_specs.yml b/playbooks/roles/services/deploy/database/meta/argument_specs.yml index f0dfe9e..d512d75 100644 --- a/playbooks/roles/services/deploy/database/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/database/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/database/tasks/main.yml b/playbooks/roles/services/deploy/database/tasks/main.yml index 82bf097..13dc74b 100644 --- a/playbooks/roles/services/deploy/database/tasks/main.yml +++ b/playbooks/roles/services/deploy/database/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" @@ -13,7 +14,9 @@ - name: "configure postgres password" ansible.builtin.template: src: "./postgres/database.password.j2" - dest: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/database.password" + dest: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/\ + database.password" mode: 0600 register: services_deploy_database_password_file diff --git a/playbooks/roles/services/deploy/git/meta/argument_specs.yml b/playbooks/roles/services/deploy/git/meta/argument_specs.yml index 157252f..911d615 100644 --- a/playbooks/roles/services/deploy/git/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/git/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/git/tasks/main.yml b/playbooks/roles/services/deploy/git/tasks/main.yml index 64acf27..dbe82fc 100644 --- a/playbooks/roles/services/deploy/git/tasks/main.yml +++ b/playbooks/roles/services/deploy/git/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/deploy/include/vars/versions.yml b/playbooks/roles/services/deploy/include/vars/versions.yml index 92180cb..58a9d1a 100644 --- a/playbooks/roles/services/deploy/include/vars/versions.yml +++ b/playbooks/roles/services/deploy/include/vars/versions.yml @@ -1,3 +1,4 @@ +--- services_deploy_versions: rproxy: nginx: "stable" diff --git a/playbooks/roles/services/deploy/lrproxy/meta/argument_specs.yml b/playbooks/roles/services/deploy/lrproxy/meta/argument_specs.yml index ccc8985..8ae8103 100644 --- a/playbooks/roles/services/deploy/lrproxy/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/lrproxy/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/lrproxy/tasks/main.yml b/playbooks/roles/services/deploy/lrproxy/tasks/main.yml index a9866a4..b1dbefe 100644 --- a/playbooks/roles/services/deploy/lrproxy/tasks/main.yml +++ b/playbooks/roles/services/deploy/lrproxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" @@ -16,7 +17,8 @@ - name: "create nginx conf.d" ansible.builtin.file: - path: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/nginx-conf.d" + path: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/nginx-conf.d" state: "directory" mode: 0755 @@ -55,9 +57,13 @@ register: services_deploy_lrproxy_rsync_certificates_timer - name: "generate diffie hellman ephemeral parameters" - ansible.builtin.command: "openssl dhparam --out /{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem 4096" + ansible.builtin.command: >- + openssl dhparam + --out /{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem + 4096 args: - creates: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem" + creates: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem" register: services_deploy_lrproxy_dhparam - name: "create the .ssh directory" @@ -79,7 +85,11 @@ user: "pod-rproxy" state: "present" key: "{{ services_deploy_lrproxy_keypair.public_key }}" - key_options: "command=\"rsync --server --sender -avz . {{ hostvars['valkyrie'].services_data_directory }}/pod-rproxy/etc-letsencrypt/\",from=\"{{ vpn_wireguard_address }}\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-x11-forwarding" + key_options: "\ + command=\"rsync --server --sender -avz . \ + {{ hostvars['valkyrie'].services_data_directory }}/pod-rproxy/etc-letsencrypt/\ + \",from=\"{{ vpn_wireguard_address }}\",\ + no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-x11-forwarding" - name: "enable the service" ansible.builtin.systemd: diff --git a/playbooks/roles/services/deploy/notes/meta/argument_specs.yml b/playbooks/roles/services/deploy/notes/meta/argument_specs.yml index be85fea..23793c2 100644 --- a/playbooks/roles/services/deploy/notes/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/notes/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/notes/tasks/main.yml b/playbooks/roles/services/deploy/notes/tasks/main.yml index 3b62825..b46e75f 100644 --- a/playbooks/roles/services/deploy/notes/tasks/main.yml +++ b/playbooks/roles/services/deploy/notes/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/deploy/rproxy/meta/argument_specs.yml b/playbooks/roles/services/deploy/rproxy/meta/argument_specs.yml index ccc8985..8ae8103 100644 --- a/playbooks/roles/services/deploy/rproxy/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/rproxy/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/rproxy/tasks/main.yml b/playbooks/roles/services/deploy/rproxy/tasks/main.yml index dc04e4f..87c8d45 100644 --- a/playbooks/roles/services/deploy/rproxy/tasks/main.yml +++ b/playbooks/roles/services/deploy/rproxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" @@ -16,7 +17,8 @@ - name: "create nginx conf.d" ansible.builtin.file: - path: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/nginx-conf.d" + path: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/nginx-conf.d" state: "directory" mode: 0755 @@ -55,9 +57,13 @@ register: services_deploy_rproxy_certbot_timer - name: "generate diffie hellman ephemeral parameters" - ansible.builtin.command: "openssl dhparam --out /{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem 4096" + ansible.builtin.command: >- + openssl dhparam + --out /{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem + 4096 args: - creates: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem" + creates: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/dhparam.pem" register: services_deploy_rproxy_dhparam - name: "enable the service" diff --git a/playbooks/roles/services/deploy/rproxy/vars/nginx.yml b/playbooks/roles/services/deploy/rproxy/vars/nginx.yml index 74b8b29..50e996f 100644 --- a/playbooks/roles/services/deploy/rproxy/vars/nginx.yml +++ b/playbooks/roles/services/deploy/rproxy/vars/nginx.yml @@ -1,3 +1,4 @@ +--- services_rproxy_nginx_add_hosts: "\ {% set add_host_list = [] %}\ {% for service in ( services_all_services | dict2items ) %}\ diff --git a/playbooks/roles/services/deploy/www/meta/argument_specs.yml b/playbooks/roles/services/deploy/www/meta/argument_specs.yml index 0759bec..4b8715f 100644 --- a/playbooks/roles/services/deploy/www/meta/argument_specs.yml +++ b/playbooks/roles/services/deploy/www/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/deploy/www/tasks/main.yml b/playbooks/roles/services/deploy/www/tasks/main.yml index de91204..d5633c9 100644 --- a/playbooks/roles/services/deploy/www/tasks/main.yml +++ b/playbooks/roles/services/deploy/www/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "set the user variables" ansible.builtin.import_role: name: "services/include" @@ -17,7 +18,10 @@ - name: "install hugo" ansible.builtin.apt: - deb: "https://github.com/gohugoio/hugo/releases/download/v{{ services_deploy_www_hugo_version }}/hugo_extended_{{ services_deploy_www_hugo_version }}_Linux-64bit.deb" + deb: "\ + https://github.com/gohugoio/hugo/releases/download/\ + v{{ services_deploy_www_hugo_version }}/\ + hugo_extended_{{ services_deploy_www_hugo_version }}_Linux-64bit.deb" when: not services_deploy_www_hugo_path.stat.exists @@ -51,15 +55,22 @@ - name: "clone website repository" ansible.builtin.git: - repo: "https://{{ services[services_service_name].repo_user }}:{{ services[services_service_name].repo_token }}@git.wojciechkozlowski.eu/wojtek/wojciechkozlowski.eu.git" - dest: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/wojciechkozlowski.eu" + repo: "\ + https://{{ services[services_service_name].repo_user }}:\ + {{ services[services_service_name].repo_token }}@\ + git.wojciechkozlowski.eu/wojtek/wojciechkozlowski.eu.git" + dest: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/\ + wojciechkozlowski.eu" recursive: true register: services_deploy_www_webiste_git - name: "generate static page using hugo" ansible.builtin.command: cmd: "hugo" - chdir: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/wojciechkozlowski.eu" + chdir: "\ + {{ services_service_user_home }}/.config/{{ services_service_user_name }}/\ + wojciechkozlowski.eu" when: services_deploy_www_webiste_git.changed diff --git a/playbooks/roles/services/include/meta/argument_specs.yml b/playbooks/roles/services/include/meta/argument_specs.yml index 7f7db2e..382277a 100644 --- a/playbooks/roles/services/include/meta/argument_specs.yml +++ b/playbooks/roles/services/include/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: daemon_reload: options: diff --git a/playbooks/roles/services/include/tasks/daemon_reload.yml b/playbooks/roles/services/include/tasks/daemon_reload.yml index 2ebd44a..122995c 100644 --- a/playbooks/roles/services/include/tasks/daemon_reload.yml +++ b/playbooks/roles/services/include/tasks/daemon_reload.yml @@ -1,3 +1,4 @@ +--- - name: "daemon_reload : loop over services" ansible.builtin.include_tasks: "daemon_reload/main.yml" loop: "{{ services_host_services }}" diff --git a/playbooks/roles/services/include/tasks/daemon_reload/main.yml b/playbooks/roles/services/include/tasks/daemon_reload/main.yml index 49dc916..5e0da49 100644 --- a/playbooks/roles/services/include/tasks/daemon_reload/main.yml +++ b/playbooks/roles/services/include/tasks/daemon_reload/main.yml @@ -1,3 +1,4 @@ +--- - name: "daemon_reload : {{ services_service_name }} : set variables" ansible.builtin.import_tasks: "../vars.yml" diff --git a/playbooks/roles/services/include/vars/user.yml b/playbooks/roles/services/include/vars/user.yml index b3729b4..fb8da9d 100644 --- a/playbooks/roles/services/include/vars/user.yml +++ b/playbooks/roles/services/include/vars/user.yml @@ -1,4 +1,6 @@ +--- services_service_user_name: "pod-{{ services_service_name }}" services_service_user_home: "{{ services_home_directory }}/{{ services_service_user_name }}" services_service_user_data: "{{ services_data_directory }}/{{ services_service_user_name }}" -services_service_user_containers: "{{ services_containers_directory }}/{{ services_service_user_name }}" +services_service_user_containers: "\ + {{ services_containers_directory }}/{{ services_service_user_name }}" diff --git a/playbooks/roles/services/include/vars/volumes.yml b/playbooks/roles/services/include/vars/volumes.yml index 8f4e3d1..d655881 100644 --- a/playbooks/roles/services/include/vars/volumes.yml +++ b/playbooks/roles/services/include/vars/volumes.yml @@ -1,3 +1,4 @@ +--- services_volumes: rproxy: etc-letsencrypt: diff --git a/playbooks/roles/services/setup/system/meta/argument_specs.yml b/playbooks/roles/services/setup/system/meta/argument_specs.yml index 9aa844e..082d304 100644 --- a/playbooks/roles/services/setup/system/meta/argument_specs.yml +++ b/playbooks/roles/services/setup/system/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/setup/system/meta/main.yml b/playbooks/roles/services/setup/system/meta/main.yml index e5cba64..7644cba 100644 --- a/playbooks/roles/services/setup/system/meta/main.yml +++ b/playbooks/roles/services/setup/system/meta/main.yml @@ -1,3 +1,4 @@ +--- dependencies: - role: "system/nftables" - role: "vpn/bridge" diff --git a/playbooks/roles/services/setup/system/tasks/include/auto_update.yml b/playbooks/roles/services/setup/system/tasks/include/auto_update.yml index d874aae..f53c711 100644 --- a/playbooks/roles/services/setup/system/tasks/include/auto_update.yml +++ b/playbooks/roles/services/setup/system/tasks/include/auto_update.yml @@ -1,3 +1,4 @@ +--- - name: "auto_update : pod-service update script" ansible.builtin.copy: src: "./auto_update/pod-service-auto-update" diff --git a/playbooks/roles/services/setup/system/tasks/include/directories.yml b/playbooks/roles/services/setup/system/tasks/include/directories.yml index ae41f6d..5b65f6b 100644 --- a/playbooks/roles/services/setup/system/tasks/include/directories.yml +++ b/playbooks/roles/services/setup/system/tasks/include/directories.yml @@ -1,3 +1,4 @@ +--- - name: "directories : create services directory" ansible.builtin.file: path: "{{ services_root_directory }}" diff --git a/playbooks/roles/services/setup/system/tasks/include/nameserver.yml b/playbooks/roles/services/setup/system/tasks/include/nameserver.yml index dc76986..753afaf 100644 --- a/playbooks/roles/services/setup/system/tasks/include/nameserver.yml +++ b/playbooks/roles/services/setup/system/tasks/include/nameserver.yml @@ -1,3 +1,4 @@ +--- - name: "nameserver : fetch valkyrie's resolv.conf" ansible.builtin.fetch: src: "/etc/resolv.conf" diff --git a/playbooks/roles/services/setup/system/tasks/include/podman.yml b/playbooks/roles/services/setup/system/tasks/include/podman.yml index a4eb58a..611f624 100644 --- a/playbooks/roles/services/setup/system/tasks/include/podman.yml +++ b/playbooks/roles/services/setup/system/tasks/include/podman.yml @@ -1,3 +1,4 @@ +--- - name: "podman : install podman" ansible.builtin.apt: name: "podman" diff --git a/playbooks/roles/services/setup/system/tasks/include/veth.yml b/playbooks/roles/services/setup/system/tasks/include/veth.yml index 078ddd8..b2da1e1 100644 --- a/playbooks/roles/services/setup/system/tasks/include/veth.yml +++ b/playbooks/roles/services/setup/system/tasks/include/veth.yml @@ -1,3 +1,4 @@ +--- - name: "veth : configure connect-pod-service" ansible.builtin.copy: src: "./veth/connect-pod-service@.service" diff --git a/playbooks/roles/services/setup/system/tasks/main.yml b/playbooks/roles/services/setup/system/tasks/main.yml index 0de4f9c..736c127 100644 --- a/playbooks/roles/services/setup/system/tasks/main.yml +++ b/playbooks/roles/services/setup/system/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "play:services : role:setup:system : tasks:podman" ansible.builtin.import_tasks: "include/podman.yml" tags: "services:setup:system:podman" diff --git a/playbooks/roles/services/setup/user/meta/argument_specs.yml b/playbooks/roles/services/setup/user/meta/argument_specs.yml index 626d7dc..ad77dae 100644 --- a/playbooks/roles/services/setup/user/meta/argument_specs.yml +++ b/playbooks/roles/services/setup/user/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/services/setup/user/tasks/include/auto_update.yml b/playbooks/roles/services/setup/user/tasks/include/auto_update.yml index 93e5496..0da049a 100644 --- a/playbooks/roles/services/setup/user/tasks/include/auto_update.yml +++ b/playbooks/roles/services/setup/user/tasks/include/auto_update.yml @@ -1,3 +1,4 @@ +--- - block: - name: "{{ services_service_name }} : auto_update : enable auto-update timer" diff --git a/playbooks/roles/services/setup/user/tasks/include/directories.yml b/playbooks/roles/services/setup/user/tasks/include/directories.yml index bd36ca8..c6fc4d8 100644 --- a/playbooks/roles/services/setup/user/tasks/include/directories.yml +++ b/playbooks/roles/services/setup/user/tasks/include/directories.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : directories : create containers directory" ansible.builtin.file: path: "{{ services_service_user_containers }}" diff --git a/playbooks/roles/services/setup/user/tasks/include/directories/volumes.yml b/playbooks/roles/services/setup/user/tasks/include/directories/volumes.yml index 6afa500..69c56c9 100644 --- a/playbooks/roles/services/setup/user/tasks/include/directories/volumes.yml +++ b/playbooks/roles/services/setup/user/tasks/include/directories/volumes.yml @@ -1,4 +1,6 @@ -- name: "{{ services_service_name }} : directories : create volume \"{{ services_service_volume.key }}\"" +--- +- name: "\ + {{ services_service_name }} : directories : create volume \"{{ services_service_volume.key }}\"" ansible.builtin.file: path: "{{ services_service_user_data }}/{{ services_service_volume.key }}" state: "directory" @@ -6,12 +8,15 @@ group: "{{ services_service_user_name }}" mode: 0755 -- name: "{{ services_service_name }} : directories : check if \"{{ services_service_volume.key }}\" mount exists" +- name: "\ + {{ services_service_name }} : directories : check if \"{{ services_service_volume.key }}\" \ + mount exists" ansible.builtin.stat: path: "{{ services_service_user_data }}/{{ services_service_volume.key }}/_data" register: services_setup_user_volume_mount -- name: "{{ services_service_name }} : directories : create \"{{ services_service_volume.key }}\" mount" +- name: "\ + {{ services_service_name }} : directories : create \"{{ services_service_volume.key }}\" mount" ansible.builtin.file: path: "{{ services_service_user_data }}/{{ services_service_volume.key }}/_data" state: "directory" diff --git a/playbooks/roles/services/setup/user/tasks/include/podman.yml b/playbooks/roles/services/setup/user/tasks/include/podman.yml index cb08579..0859230 100644 --- a/playbooks/roles/services/setup/user/tasks/include/podman.yml +++ b/playbooks/roles/services/setup/user/tasks/include/podman.yml @@ -1,3 +1,4 @@ +--- - block: - name: "{{ services_service_name }} : podman : create container configuration directory" diff --git a/playbooks/roles/services/setup/user/tasks/include/user.yml b/playbooks/roles/services/setup/user/tasks/include/user.yml index 7820a58..a4335fb 100644 --- a/playbooks/roles/services/setup/user/tasks/include/user.yml +++ b/playbooks/roles/services/setup/user/tasks/include/user.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : setup : create system user" ansible.builtin.user: name: "{{ services_service_user_name }}" diff --git a/playbooks/roles/services/setup/user/tasks/include/veth.yml b/playbooks/roles/services/setup/user/tasks/include/veth.yml index d1943c6..7fcc3e1 100644 --- a/playbooks/roles/services/setup/user/tasks/include/veth.yml +++ b/playbooks/roles/services/setup/user/tasks/include/veth.yml @@ -1,3 +1,4 @@ +--- - name: "{{ services_service_name }} : veth : configure interface" ansible.builtin.template: src: "./veth/interface.j2" diff --git a/playbooks/roles/services/setup/user/tasks/main.yml b/playbooks/roles/services/setup/user/tasks/main.yml index 62c2648..f0923e5 100644 --- a/playbooks/roles/services/setup/user/tasks/main.yml +++ b/playbooks/roles/services/setup/user/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "play:services : role:setup:user:{{ services_service_name }} : tasks:vars" ansible.builtin.import_role: name: "services/include" diff --git a/playbooks/roles/services/setup/user/vars/main.yml b/playbooks/roles/services/setup/user/vars/main.yml index 9e41d31..181d9b2 100644 --- a/playbooks/roles/services/setup/user/vars/main.yml +++ b/playbooks/roles/services/setup/user/vars/main.yml @@ -1,2 +1,3 @@ +--- services_setup_user_shell: rproxy: "/usr/bin/rbash" diff --git a/playbooks/roles/system/base/defaults/main.yml b/playbooks/roles/system/base/defaults/main.yml index fd78e64..6ba68ff 100644 --- a/playbooks/roles/system/base/defaults/main.yml +++ b/playbooks/roles/system/base/defaults/main.yml @@ -1 +1,2 @@ +--- system_base_additional_ssh_users: [] diff --git a/playbooks/roles/system/base/meta/argument_specs.yml b/playbooks/roles/system/base/meta/argument_specs.yml index ffa84f9..436ad95 100644 --- a/playbooks/roles/system/base/meta/argument_specs.yml +++ b/playbooks/roles/system/base/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/system/base/tasks/include/fail2ban.yml b/playbooks/roles/system/base/tasks/include/fail2ban.yml index 3fcd5d0..dbb6a01 100644 --- a/playbooks/roles/system/base/tasks/include/fail2ban.yml +++ b/playbooks/roles/system/base/tasks/include/fail2ban.yml @@ -1,3 +1,4 @@ +--- - name: "fail2ban : install fail2ban" ansible.builtin.apt: name: "fail2ban" diff --git a/playbooks/roles/system/base/tasks/include/fstrim.yml b/playbooks/roles/system/base/tasks/include/fstrim.yml index a83ddf2..6e40ffd 100644 --- a/playbooks/roles/system/base/tasks/include/fstrim.yml +++ b/playbooks/roles/system/base/tasks/include/fstrim.yml @@ -1,3 +1,4 @@ +--- - name: "fstrim : enable fstrim.timer" ansible.builtin.systemd: name: "fstrim.timer" diff --git a/playbooks/roles/system/base/tasks/include/logs.yml b/playbooks/roles/system/base/tasks/include/logs.yml index 2c260de..b840666 100644 --- a/playbooks/roles/system/base/tasks/include/logs.yml +++ b/playbooks/roles/system/base/tasks/include/logs.yml @@ -1,3 +1,4 @@ +--- - name: "logs : install logcheck and logrotate" ansible.builtin.apt: name: diff --git a/playbooks/roles/system/base/tasks/include/motd.yml b/playbooks/roles/system/base/tasks/include/motd.yml index da804a5..b24b157 100644 --- a/playbooks/roles/system/base/tasks/include/motd.yml +++ b/playbooks/roles/system/base/tasks/include/motd.yml @@ -1,3 +1,4 @@ +--- - name: "motd : set motd" ansible.builtin.copy: src: "{{ item }}" diff --git a/playbooks/roles/system/base/tasks/include/ntp.yml b/playbooks/roles/system/base/tasks/include/ntp.yml index 7ddd555..91b0ffc 100644 --- a/playbooks/roles/system/base/tasks/include/ntp.yml +++ b/playbooks/roles/system/base/tasks/include/ntp.yml @@ -1,3 +1,4 @@ +--- - name: "ntp : install systemd-timesyncd" ansible.builtin.apt: name: "systemd-timesyncd" diff --git a/playbooks/roles/system/base/tasks/include/root.yml b/playbooks/roles/system/base/tasks/include/root.yml index 3e7179f..b3ab8e1 100644 --- a/playbooks/roles/system/base/tasks/include/root.yml +++ b/playbooks/roles/system/base/tasks/include/root.yml @@ -1,3 +1,4 @@ +--- - name: "root : disable root shell" ansible.builtin.user: name: "root" diff --git a/playbooks/roles/system/base/tasks/include/sshd.yml b/playbooks/roles/system/base/tasks/include/sshd.yml index 04d49df..2e90657 100644 --- a/playbooks/roles/system/base/tasks/include/sshd.yml +++ b/playbooks/roles/system/base/tasks/include/sshd.yml @@ -1,3 +1,4 @@ +--- # SSH must be installed so we don't bother with installing it. - name: "sshd : configure sshd" diff --git a/playbooks/roles/system/base/tasks/include/systemd_mail.yml b/playbooks/roles/system/base/tasks/include/systemd_mail.yml index 85f8c9f..070a5b5 100644 --- a/playbooks/roles/system/base/tasks/include/systemd_mail.yml +++ b/playbooks/roles/system/base/tasks/include/systemd_mail.yml @@ -1,3 +1,4 @@ +--- - name: "systemd_mail : systemd mail root script" ansible.builtin.template: src: "./systemd_mail/system/systemd-mail-systemctl-status.j2" diff --git a/playbooks/roles/system/base/tasks/include/unattended_upgrades.yml b/playbooks/roles/system/base/tasks/include/unattended_upgrades.yml index 689acb0..14fcc88 100644 --- a/playbooks/roles/system/base/tasks/include/unattended_upgrades.yml +++ b/playbooks/roles/system/base/tasks/include/unattended_upgrades.yml @@ -1,3 +1,4 @@ +--- - name: "unattended_upgrades : install unattended-upgrades" ansible.builtin.apt: name: "unattended-upgrades" diff --git a/playbooks/roles/system/base/tasks/include/user.yml b/playbooks/roles/system/base/tasks/include/user.yml index 035097e..0841ba8 100644 --- a/playbooks/roles/system/base/tasks/include/user.yml +++ b/playbooks/roles/system/base/tasks/include/user.yml @@ -1,3 +1,4 @@ +--- - block: - name: "user : clone tmux dotfiles" diff --git a/playbooks/roles/system/base/tasks/include/utils.yml b/playbooks/roles/system/base/tasks/include/utils.yml index 4f948f3..3929a4a 100644 --- a/playbooks/roles/system/base/tasks/include/utils.yml +++ b/playbooks/roles/system/base/tasks/include/utils.yml @@ -1,3 +1,4 @@ +--- - name: "utils : install utility programs" ansible.builtin.apt: name: diff --git a/playbooks/roles/system/base/tasks/main.yml b/playbooks/roles/system/base/tasks/main.yml index 3eeea46..905dbd6 100644 --- a/playbooks/roles/system/base/tasks/main.yml +++ b/playbooks/roles/system/base/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "play:system : role:base : tasks:sshd" ansible.builtin.import_tasks: "include/sshd.yml" tags: "system:base:sshd" diff --git a/playbooks/roles/system/mail/meta/argument_specs.yml b/playbooks/roles/system/mail/meta/argument_specs.yml index bc3ec69..2970124 100644 --- a/playbooks/roles/system/mail/meta/argument_specs.yml +++ b/playbooks/roles/system/mail/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/system/mail/tasks/main.yml b/playbooks/roles/system/mail/tasks/main.yml index a4bdcc4..e5e2017 100644 --- a/playbooks/roles/system/mail/tasks/main.yml +++ b/playbooks/roles/system/mail/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "configure mailname" ansible.builtin.template: src: "./mailname.j2" diff --git a/playbooks/roles/system/nftables/defaults/main.yml b/playbooks/roles/system/nftables/defaults/main.yml index ea27a80..defedd9 100644 --- a/playbooks/roles/system/nftables/defaults/main.yml +++ b/playbooks/roles/system/nftables/defaults/main.yml @@ -1,2 +1,3 @@ +--- system_base_additional_tcp_ports: [] system_base_udp_ports: [] diff --git a/playbooks/roles/system/nftables/meta/argument_specs.yml b/playbooks/roles/system/nftables/meta/argument_specs.yml index 69a5719..f800ce8 100644 --- a/playbooks/roles/system/nftables/meta/argument_specs.yml +++ b/playbooks/roles/system/nftables/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/system/nftables/tasks/main.yml b/playbooks/roles/system/nftables/tasks/main.yml index 2873d6c..2fa2ff1 100644 --- a/playbooks/roles/system/nftables/tasks/main.yml +++ b/playbooks/roles/system/nftables/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "install nftables" ansible.builtin.apt: name: "nftables" diff --git a/playbooks/roles/system/smart/meta/argument_specs.yml b/playbooks/roles/system/smart/meta/argument_specs.yml index 4eb6da8..2012319 100644 --- a/playbooks/roles/system/smart/meta/argument_specs.yml +++ b/playbooks/roles/system/smart/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/system/smart/tasks/main.yml b/playbooks/roles/system/smart/tasks/main.yml index e20f00b..71884d4 100644 --- a/playbooks/roles/system/smart/tasks/main.yml +++ b/playbooks/roles/system/smart/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "install smartmontools" ansible.builtin.apt: name: "smartmontools" diff --git a/playbooks/roles/system/ups/tasks/main.yml b/playbooks/roles/system/ups/tasks/main.yml index 1424a52..3e820f6 100644 --- a/playbooks/roles/system/ups/tasks/main.yml +++ b/playbooks/roles/system/ups/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "install acpupsd" ansible.builtin.apt: name: "apcupsd" diff --git a/playbooks/roles/system/zfs/defaults/main.yml b/playbooks/roles/system/zfs/defaults/main.yml index 4354db3..6da8094 100644 --- a/playbooks/roles/system/zfs/defaults/main.yml +++ b/playbooks/roles/system/zfs/defaults/main.yml @@ -1,3 +1,4 @@ +--- system_zfs_zpools: [] system_zfs_zpools_trim: [] system_zfs_zpools_load_key: [] diff --git a/playbooks/roles/system/zfs/meta/argument_specs.yml b/playbooks/roles/system/zfs/meta/argument_specs.yml index 7a17012..1e10527 100644 --- a/playbooks/roles/system/zfs/meta/argument_specs.yml +++ b/playbooks/roles/system/zfs/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/system/zfs/tasks/include/conf.yml b/playbooks/roles/system/zfs/tasks/include/conf.yml index 380ae89..de1f4b7 100644 --- a/playbooks/roles/system/zfs/tasks/include/conf.yml +++ b/playbooks/roles/system/zfs/tasks/include/conf.yml @@ -1,3 +1,4 @@ +--- - name: "conf : configure zfs module via modprobe.d" ansible.builtin.copy: src: "./conf/zfs.conf" diff --git a/playbooks/roles/system/zfs/tasks/include/cron.yml b/playbooks/roles/system/zfs/tasks/include/cron.yml index 40488fd..cd1d6cf 100644 --- a/playbooks/roles/system/zfs/tasks/include/cron.yml +++ b/playbooks/roles/system/zfs/tasks/include/cron.yml @@ -1,3 +1,4 @@ +--- - name: "cron : remove the zfsutils cron job" ansible.builtin.file: state: "absent" diff --git a/playbooks/roles/system/zfs/tasks/include/fstrim.yml b/playbooks/roles/system/zfs/tasks/include/fstrim.yml index 4da09d0..6ba0fe7 100644 --- a/playbooks/roles/system/zfs/tasks/include/fstrim.yml +++ b/playbooks/roles/system/zfs/tasks/include/fstrim.yml @@ -1,3 +1,4 @@ +--- # Run fstrim daily on ZFS. It's a no-op on ZFS filesystems, but it will run on zvols mounted via # fstab. Untrimmed zvol blocks occupy space in th ZFS pool. Therefore, this helps keep zvol space # requirements down if they are busy. diff --git a/playbooks/roles/system/zfs/tasks/include/load_key.yml b/playbooks/roles/system/zfs/tasks/include/load_key.yml index 31ff768..e881b76 100644 --- a/playbooks/roles/system/zfs/tasks/include/load_key.yml +++ b/playbooks/roles/system/zfs/tasks/include/load_key.yml @@ -1,3 +1,4 @@ +--- - name: "load_key : zfs load key service file" ansible.builtin.copy: src: "./load_key/zfs-load-key@.service" diff --git a/playbooks/roles/system/zfs/tasks/include/scrub.yml b/playbooks/roles/system/zfs/tasks/include/scrub.yml index 9b5b412..0fc46b0 100644 --- a/playbooks/roles/system/zfs/tasks/include/scrub.yml +++ b/playbooks/roles/system/zfs/tasks/include/scrub.yml @@ -1,3 +1,4 @@ +--- - name: "scrub : zpool status mail script" ansible.builtin.template: src: "./scrub/systemd-mail-zpool-status.j2" diff --git a/playbooks/roles/system/zfs/tasks/include/trim.yml b/playbooks/roles/system/zfs/tasks/include/trim.yml index 795da90..4c77f67 100644 --- a/playbooks/roles/system/zfs/tasks/include/trim.yml +++ b/playbooks/roles/system/zfs/tasks/include/trim.yml @@ -1,3 +1,4 @@ +--- - name: "trim : zfs trim service file" ansible.builtin.copy: src: "./trim/zfs-trim@.service" diff --git a/playbooks/roles/system/zfs/tasks/main.yml b/playbooks/roles/system/zfs/tasks/main.yml index 717350c..b72e5a7 100644 --- a/playbooks/roles/system/zfs/tasks/main.yml +++ b/playbooks/roles/system/zfs/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "play:system : role:zfs : tasks:conf" ansible.builtin.import_tasks: "include/conf.yml" tags: "system:zfs:conf" diff --git a/playbooks/roles/vpn/base/tasks/main.yml b/playbooks/roles/vpn/base/tasks/main.yml index 79092ca..84c6f19 100644 --- a/playbooks/roles/vpn/base/tasks/main.yml +++ b/playbooks/roles/vpn/base/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "enable ipv4 forwarding" ansible.posix.sysctl: name: "net.ipv4.ip_forward" diff --git a/playbooks/roles/vpn/bridge/meta/argument_specs.yml b/playbooks/roles/vpn/bridge/meta/argument_specs.yml index 812a668..7822eaf 100644 --- a/playbooks/roles/vpn/bridge/meta/argument_specs.yml +++ b/playbooks/roles/vpn/bridge/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/vpn/bridge/tasks/main.yml b/playbooks/roles/vpn/bridge/tasks/main.yml index 898b6d4..499eb60 100644 --- a/playbooks/roles/vpn/bridge/tasks/main.yml +++ b/playbooks/roles/vpn/bridge/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "post-up nftables inet script" ansible.builtin.template: src: "./post-up-br0-inet.nft.j2" diff --git a/playbooks/roles/vpn/wireguard/meta/argument_specs.yml b/playbooks/roles/vpn/wireguard/meta/argument_specs.yml index dc1428e..f0ea2a1 100644 --- a/playbooks/roles/vpn/wireguard/meta/argument_specs.yml +++ b/playbooks/roles/vpn/wireguard/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- argument_specs: main: options: diff --git a/playbooks/roles/vpn/wireguard/tasks/main.yml b/playbooks/roles/vpn/wireguard/tasks/main.yml index b7c6dfe..14dee29 100644 --- a/playbooks/roles/vpn/wireguard/tasks/main.yml +++ b/playbooks/roles/vpn/wireguard/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: "install wireguard" ansible.builtin.apt: name: "wireguard"