slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚨: yamllint conformity

Browse Source
This commit is contained in:
VC
2024-07-05 11:53:53 +02:00
parent 8ee9a0f8ef
commit 192bf6dfcd
48 changed files with 103 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.yamllint
View File

@@ -4,3 +4,11 @@ extends: default
rules: rules:
line-length: disable line-length: disable
comments:
min-spaces-from-content: 1
comments-indentation: false
braces:
max-spaces-inside: 1
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true

2
roles/bittorrent/tasks/jackett.yml
View File

@@ -22,5 +22,5 @@
ansible.builtin.template: ansible.builtin.template:
src: jackett.service.j2 src: jackett.service.j2
dest: /etc/systemd/system/jackett.service dest: /etc/systemd/system/jackett.service
mode: 0644 mode: "0o644"
notify: Restart jackett notify: Restart jackett

2
roles/bittorrent/tasks/sonarr.yml
View File

@@ -6,7 +6,7 @@
dest: /etc/apt/trusted.gpg.d/sonarr.asc dest: /etc/apt/trusted.gpg.d/sonarr.asc
owner: root owner: root
group: root group: root
mode: 0750 mode: "0o750"
- name: Install sonarr repo - name: Install sonarr repo
ansible.builtin.apt_repository: ansible.builtin.apt_repository:

2
roles/bittorrent/tasks/transmission.yml
View File

@@ -24,4 +24,4 @@
dest: /var/lib/transmission-daemon/downloads/CACHEDIR.TAG dest: /var/lib/transmission-daemon/downloads/CACHEDIR.TAG
owner: debian-transmission owner: debian-transmission
group: debian-transmission group: debian-transmission
mode: '0644' mode: "0o644"

4
roles/dovecot/tasks/main.yml
View File

@@ -12,7 +12,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/dovecot.conf src: ./files/dovecot.conf
dest: /etc/dovecot/dovecot.conf dest: /etc/dovecot/dovecot.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart dovecot - Restart dovecot
@@ -20,7 +20,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/before.sieve src: ./files/before.sieve
dest: /etc/dovecot/before.sieve dest: /etc/dovecot/before.sieve
mode: 0644 mode: "0o644"
notify: notify:
- Compile sieve - Compile sieve
- Restart dovecot - Restart dovecot

6
roles/elasticsearch/tasks/main.yml
View File

@@ -10,13 +10,13 @@
url: "{{ elasticsearch_key_url }}" url: "{{ elasticsearch_key_url }}"
dest: "{{ elasticsearch_key_path }}" dest: "{{ elasticsearch_key_path }}"
force: true force: true
mode: 0644 mode: "0o644"
- name: Set elasticsearch source repo - name: Set elasticsearch source repo
ansible.builtin.copy: ansible.builtin.copy:
content: "deb [signed-by={{ elasticsearch_key_path }}] https://artifacts.elastic.co/packages/7.x/apt stable main" content: "deb [signed-by={{ elasticsearch_key_path }}] https://artifacts.elastic.co/packages/7.x/apt stable main"
dest: /etc/apt/sources.list.d/elasticsearch.list dest: /etc/apt/sources.list.d/elasticsearch.list
mode: '0644' mode: "0o644"
- name: Install elasticsearch - name: Install elasticsearch
ansible.builtin.apt: ansible.builtin.apt:
@@ -36,7 +36,7 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: '0644' mode: "0o644"
notify: notify:
- Restart elasticsearch - Restart elasticsearch
loop: loop:

2
roles/firewall/tasks/main.yml
View File

@@ -4,5 +4,5 @@
ansible.builtin.template: ansible.builtin.template:
src: firewall.j2 src: firewall.j2
dest: /etc/config/firewall dest: /etc/config/firewall
mode: 0644 mode: "0o644"
notify: Reload firewall notify: Reload firewall

10
roles/ftp/tasks/main.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.file: ansible.builtin.file:
path: /srv/ftp path: /srv/ftp
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Add cachedir file - name: Add cachedir file
ansible.builtin.template: ansible.builtin.template:
@@ -17,7 +17,7 @@
dest: /srv/ftp/CACHEDIR.TAG dest: /srv/ftp/CACHEDIR.TAG
owner: root owner: root
group: root group: root
mode: '0644' mode: "0o644"
- name: Create upload directory - name: Create upload directory
ansible.builtin.file: ansible.builtin.file:
@@ -25,7 +25,7 @@
owner: ftp owner: ftp
group: root group: root
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Put vsftpd config file - name: Put vsftpd config file
ansible.builtin.copy: ansible.builtin.copy:
@@ -33,7 +33,7 @@
dest: /etc/vsftpd.conf dest: /etc/vsftpd.conf
owner: root owner: root
group: root group: root
mode: 0644 mode: "0o644"
notify: Restart vsftpd notify: Restart vsftpd
- name: Put control size script - name: Put control size script
@@ -42,7 +42,7 @@
dest: /usr/local/sbin/deleteoldfiles.sh dest: /usr/local/sbin/deleteoldfiles.sh
owner: root owner: root
group: root group: root
mode: '0700' mode: "0o700"
- name: Cron control size script - name: Cron control size script
ansible.builtin.cron: ansible.builtin.cron:

6
roles/garage/tasks/main.yml
View File

@@ -6,7 +6,7 @@
dest: "{{ garage_bin }}" dest: "{{ garage_bin }}"
owner: root owner: root
group: root group: root
mode: 0755 mode: "0o755"
force: true force: true
notify: notify:
- Restart garage - Restart garage
@@ -15,13 +15,13 @@
ansible.builtin.template: ansible.builtin.template:
src: garage.service.j2 src: garage.service.j2
dest: /etc/systemd/system/garage.service dest: /etc/systemd/system/garage.service
mode: 0644 mode: "0o644"
- name: Put garage.toml conf file - name: Put garage.toml conf file
ansible.builtin.template: ansible.builtin.template:
src: garage.toml.j2 src: garage.toml.j2
dest: /etc/garage.toml dest: /etc/garage.toml
mode: 0644 mode: "0o644"
vars: vars:
cluster_group: "{{ group_names | map('regex_search', '.+_cluster') | select('string') | first }}" cluster_group: "{{ group_names | map('regex_search', '.+_cluster') | select('string') | first }}"
cluster_group_length: "{{ groups[cluster_group] | reject('search', 'gw') | length }}" cluster_group_length: "{{ groups[cluster_group] | reject('search', 'gw') | length }}"

2
roles/haproxy/tasks/main.yml
View File

@@ -9,6 +9,6 @@
ansible.builtin.template: ansible.builtin.template:
src: haproxy.cfg.j2 src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg dest: /etc/haproxy/haproxy.cfg
mode: 0644 mode: "0o644"
notify: notify:
- Restart haproxy - Restart haproxy

2
roles/icecast2/tasks/main.yml
View File

@@ -9,6 +9,6 @@
ansible.builtin.template: ansible.builtin.template:
src: icecast.xml.j2 src: icecast.xml.j2
dest: /etc/icecast2/icecast.xml dest: /etc/icecast2/icecast.xml
mode: 0640 mode: "0o640"
notify: notify:
- Restart icecast2 - Restart icecast2

2
roles/mailman/tasks/main.yml
View File

@@ -12,7 +12,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/mailman.cfg src: ./files/mailman.cfg
dest: /etc/mailman3/mailman.cfg dest: /etc/mailman3/mailman.cfg
mode: 0640 mode: "0o640"
notify: Restart mailman3 notify: Restart mailman3
- name: Start mailman3 service - name: Start mailman3 service

14
roles/mariadb/tasks/main.yml
View File

@@ -13,7 +13,7 @@
owner: mysql owner: mysql
group: mysql group: mysql
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Populate mysql directory - name: Populate mysql directory
ansible.builtin.command: ansible.builtin.command:
@@ -27,7 +27,7 @@
ansible.builtin.template: ansible.builtin.template:
src: 50-server.cnf.j2 src: 50-server.cnf.j2
dest: /etc/mysql/mariadb.conf.d/50-server.cnf dest: /etc/mysql/mariadb.conf.d/50-server.cnf
mode: 0644 mode: "0o644"
notify: Restart mariadb notify: Restart mariadb
- name: Upgrade debian configuration file - name: Upgrade debian configuration file
@@ -36,7 +36,7 @@
dest: /etc/mysql/debian.cnf dest: /etc/mysql/debian.cnf
owner: root owner: root
group: root group: root
mode: '0600' mode: "0o600"
notify: Restart mariadb notify: Restart mariadb
- name: Force handlers - name: Force handlers
@@ -64,7 +64,7 @@
ansible.builtin.template: ansible.builtin.template:
src: dot.my.cnf.j2 src: dot.my.cnf.j2
dest: ~/.my.cnf dest: ~/.my.cnf
mode: '0600' mode: "0o600"
- name: Set root password (follow-up) - name: Set root password (follow-up)
community.mysql.mysql_user: community.mysql.mysql_user:
@@ -93,13 +93,13 @@
ansible.builtin.file: ansible.builtin.file:
path: /etc/systemd/system/mariadb.service.d/ path: /etc/systemd/system/mariadb.service.d/
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Create MariaDB service override - name: Create MariaDB service override
ansible.builtin.copy: ansible.builtin.copy:
src: files/override.conf src: files/override.conf
dest: /etc/systemd/system/mariadb.service.d/override.conf dest: /etc/systemd/system/mariadb.service.d/override.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart mariadb - Restart mariadb
- Daemon-reload - Daemon-reload
@@ -108,7 +108,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/backup_mysql.sh src: files/backup_mysql.sh
dest: /usr/local/bin/backup_mysql.sh dest: /usr/local/bin/backup_mysql.sh
mode: '0755' mode: "0o755"
- name: Cron backup script - name: Cron backup script
ansible.builtin.cron: ansible.builtin.cron:

4
roles/mastodon/tasks/main.yml
View File

@@ -12,7 +12,7 @@
ansible.builtin.file: ansible.builtin.file:
state: directory state: directory
path: "{{ mastodon_home }}/.ssh" path: "{{ mastodon_home }}/.ssh"
mode: 0755 mode: "0o755"
owner: mastodon owner: mastodon
group: mastodon group: mastodon
@@ -21,7 +21,7 @@
remote_src: true remote_src: true
src: /root/.ssh/authorized_keys src: /root/.ssh/authorized_keys
dest: "{{ mastodon_home }}/.ssh/authorized_keys" dest: "{{ mastodon_home }}/.ssh/authorized_keys"
mode: 0644 mode: "0o644"
owner: mastodon owner: mastodon
group: mastodon group: mastodon

6
roles/mastodon/tasks/mastodon.yml
View File

@@ -44,14 +44,14 @@
ansible.builtin.file: ansible.builtin.file:
path: "{{ mastodon_home }}/bin" path: "{{ mastodon_home }}/bin"
state: directory state: directory
mode: '0750' mode: "0o750"
- name: Put template scripts - name: Put template scripts
remote_user: mastodon remote_user: mastodon
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}.j2" src: "{{ item }}.j2"
dest: "{{ mastodon_home }}/bin/{{ item }}" dest: "{{ mastodon_home }}/bin/{{ item }}"
mode: '0750' mode: "0o750"
loop: loop:
- remove_media.sh - remove_media.sh
- remove_preview_cards.sh - remove_preview_cards.sh
@@ -60,7 +60,7 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}.j2" src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}" dest: "/etc/systemd/system/{{ item }}"
mode: 0644 mode: "0o644"
loop: loop:
- "mastodon-sidekiq.service" - "mastodon-sidekiq.service"
- "mastodon-streaming.service" - "mastodon-streaming.service"

2
roles/mumble/tasks/main.yml
View File

@@ -9,6 +9,6 @@
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/mumble-server.ini src: ./files/mumble-server.ini
dest: /etc/mumble-server.ini dest: /etc/mumble-server.ini
mode: 0640 mode: "0o640"
notify: notify:
- Restart mumble - Restart mumble

4
roles/munin_client/tasks/garage.yml
View File

@@ -14,7 +14,7 @@
dest: /etc/munin/plugin-conf.d/garage dest: /etc/munin/plugin-conf.d/garage
owner: root owner: root
group: root group: root
mode: '0640' mode: "0o640"
notify: notify:
- Restart munin-node - Restart munin-node
@@ -24,6 +24,6 @@
dest: /etc/munin/plugins/garage_bucket dest: /etc/munin/plugins/garage_bucket
owner: root owner: root
group: root group: root
mode: '0755' mode: "0o755"
notify: notify:
- Restart munin-node - Restart munin-node

4
roles/munin_client/tasks/hypervisors.yml
View File

@@ -14,7 +14,7 @@
dest: /etc/munin/plugin-conf.d/nvme dest: /etc/munin/plugin-conf.d/nvme
owner: root owner: root
group: root group: root
mode: '0640' mode: "0o640"
notify: notify:
- Restart munin-node - Restart munin-node
@@ -24,7 +24,7 @@
dest: /etc/munin/plugins/nvme dest: /etc/munin/plugins/nvme
owner: root owner: root
group: root group: root
mode: '0755' mode: "0o755"
notify: notify:
- Restart munin-node - Restart munin-node

2
roles/munin_client/tasks/lxc.yml
View File

@@ -19,7 +19,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "files/{{ item }}" src: "files/{{ item }}"
dest: "/etc/munin/plugins/{{ item }}" dest: "/etc/munin/plugins/{{ item }}"
mode: "0755" mode: "0o755"
owner: root owner: root
group: root group: root
notify: notify:

2
roles/munin_client/tasks/main.yml
View File

@@ -26,7 +26,7 @@
ansible.builtin.template: ansible.builtin.template:
src: munin-node.conf.j2 src: munin-node.conf.j2
dest: /etc/munin/munin-node.conf dest: /etc/munin/munin-node.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart munin-node - Restart munin-node
when: munin_need_reconfigure when: munin_need_reconfigure

4
roles/munin_client/tasks/mikrotik.yml
View File

@@ -4,7 +4,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/{{ item.0 }}" src: "./files/{{ item.0 }}"
dest: "/etc/munin/plugins/{{ item.0 }}{{ item.1.name }}" dest: "/etc/munin/plugins/{{ item.0 }}{{ item.1.name }}"
mode: 0755 mode: "0o755"
loop: "{{ mikrotik_unitary_scripts | product(mikrotik_hosts) | list }}" loop: "{{ mikrotik_unitary_scripts | product(mikrotik_hosts) | list }}"
notify: notify:
- Restart munin-node - Restart munin-node
@@ -13,7 +13,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/{{ item.1 }}" src: "./files/{{ item.1 }}"
dest: "/etc/munin/plugins/{{ item.1 }}{{ item.0.0.name }}_{{ item.0.1 }}" dest: "/etc/munin/plugins/{{ item.1 }}{{ item.0.0.name }}_{{ item.0.1 }}"
mode: 0755 mode: "0o755"
loop: "{{ mikrotik_hosts | subelements('ifaces') | product(mikrotik_periface_scripts) }}" loop: "{{ mikrotik_hosts | subelements('ifaces') | product(mikrotik_periface_scripts) }}"
loop_control: loop_control:
label: "{{ item.0.1 }}" label: "{{ item.0.1 }}"

2
roles/munin_server/tasks/main.yml
View File

@@ -9,4 +9,4 @@
ansible.builtin.template: ansible.builtin.template:
src: munin.conf.j2 src: munin.conf.j2
dest: /etc/munin/munin.conf dest: /etc/munin/munin.conf
mode: 0644 mode: "0o644"

2
roles/nginx/tasks/main.yml
View File

@@ -20,7 +20,7 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0644 mode: "0o644"
notify: notify:
- Restart nginx - Restart nginx
loop: loop:

2
roles/nginx/tasks/vhosts.yml
View File

@@ -15,7 +15,7 @@
ansible.builtin.template: ansible.builtin.template:
src: "vhosts/{{ item }}.conf.j2" src: "vhosts/{{ item }}.conf.j2"
dest: "/etc/nginx/sites-available/{{ item }}.conf" dest: "/etc/nginx/sites-available/{{ item }}.conf"
mode: 0644 mode: "0o644"
notify: notify:
- Restart nginx - Restart nginx
loop: "{{ web_hostname }}" loop: "{{ web_hostname }}"

4
roles/nodejs/tasks/main.yml
View File

@@ -10,7 +10,7 @@
url: "{{ nodejs_key_url }}" url: "{{ nodejs_key_url }}"
dest: /tmp/nodesource.gpg.key dest: /tmp/nodesource.gpg.key
force: true force: true
mode: 0644 mode: "0o644"
- name: Dearmor gpg key - name: Dearmor gpg key
ansible.builtin.command: ansible.builtin.command:
@@ -21,7 +21,7 @@
ansible.builtin.copy: ansible.builtin.copy:
content: "deb [signed-by={{ nodejs_key_path }}] https://deb.nodesource.com/node_{{ nodejs_version }}.x nodistro main" content: "deb [signed-by={{ nodejs_key_path }}] https://deb.nodesource.com/node_{{ nodejs_version }}.x nodistro main"
dest: /etc/apt/sources.list.d/nodesource.list dest: /etc/apt/sources.list.d/nodesource.list
mode: 0644 mode: "0o644"
- name: Install nodejs - name: Install nodejs
ansible.builtin.apt: ansible.builtin.apt:

4
roles/nut_client/tasks/main.yml
View File

@@ -9,13 +9,13 @@
ansible.builtin.template: ansible.builtin.template:
src: upsmon.conf.j2 src: upsmon.conf.j2
dest: /etc/nut/upsmon.conf dest: /etc/nut/upsmon.conf
mode: '0640' mode: "0o640"
notify: Restart nut-client notify: Restart nut-client
- name: Put nut configuration file - name: Put nut configuration file
ansible.builtin.copy: ansible.builtin.copy:
src: files/nut.conf src: files/nut.conf
dest: /etc/nut/nut.conf dest: /etc/nut/nut.conf
mode: '0640' mode: "0o640"
when: inventory_hostname not in groups['nut_server'] when: inventory_hostname not in groups['nut_server']
notify: Restart nut-client notify: Restart nut-client

6
roles/nut_server/tasks/main.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/90-nut-ups.rules src: files/90-nut-ups.rules
dest: /etc/udev/rules.d/90-nut-ups.rules dest: /etc/udev/rules.d/90-nut-ups.rules
mode: 0644 mode: "0o644"
notify: notify:
- Reload udev - Reload udev
- Restart nut-driver - Restart nut-driver
@@ -18,7 +18,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0640 mode: "0o640"
loop: loop:
- {src: "files/nut.conf", dest: "/etc/nut/nut.conf"} - {src: "files/nut.conf", dest: "/etc/nut/nut.conf"}
- {src: "files/ups.conf", dest: "/etc/nut/ups.conf"} - {src: "files/ups.conf", dest: "/etc/nut/ups.conf"}
@@ -29,5 +29,5 @@
ansible.builtin.template: ansible.builtin.template:
src: upsd.users.j2 src: upsd.users.j2
dest: /etc/nut/upsd.users dest: /etc/nut/upsd.users
mode: '0640' mode: "0o640"
notify: Restart nut-server notify: Restart nut-server

6
roles/opendkim/tasks/main.yml
View File

@@ -12,7 +12,7 @@
ansible.builtin.template: ansible.builtin.template:
src: opendkim.conf src: opendkim.conf
dest: /etc/opendkim.conf dest: /etc/opendkim.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart opendkim - Restart opendkim
@@ -20,13 +20,13 @@
ansible.builtin.file: ansible.builtin.file:
path: /etc/dkim path: /etc/dkim
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Put secondary configuration files - name: Put secondary configuration files
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/dkim/{{ item }}" src: "./files/dkim/{{ item }}"
dest: "/etc/dkim/{{ item }}" dest: "/etc/dkim/{{ item }}"
mode: 0644 mode: "0o644"
loop: loop:
- KeyTable - KeyTable
- PeerList - PeerList

6
roles/opendmarc/tasks/main.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/opendmarc.conf src: ./files/opendmarc.conf
dest: /etc/opendmarc.conf dest: /etc/opendmarc.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart opendmarc - Restart opendmarc
@@ -17,13 +17,13 @@
ansible.builtin.file: ansible.builtin.file:
path: /etc/dmarc path: /etc/dmarc
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Put secondary configuration files - name: Put secondary configuration files
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/dmarc/{{ item }}" src: "./files/dmarc/{{ item }}"
dest: "/etc/dmarc/{{ item }}" dest: "/etc/dmarc/{{ item }}"
mode: 0644 mode: "0o644"
loop: loop:
- IgnoreHosts - IgnoreHosts
notify: notify:

10
roles/peertube/tasks/main.yml
View File

@@ -23,7 +23,7 @@
ansible.builtin.file: ansible.builtin.file:
state: directory state: directory
path: "{{ peertube_home }}/.ssh" path: "{{ peertube_home }}/.ssh"
mode: 0755 mode: "0o755"
owner: peertube owner: peertube
group: peertube group: peertube
@@ -32,7 +32,7 @@
remote_src: true remote_src: true
src: /root/.ssh/authorized_keys src: /root/.ssh/authorized_keys
dest: "{{ peertube_home }}/.ssh/authorized_keys" dest: "{{ peertube_home }}/.ssh/authorized_keys"
mode: 0644 mode: "0o644"
owner: peertube owner: peertube
group: peertube group: peertube
@@ -42,9 +42,9 @@
state: directory state: directory
owner: peertube owner: peertube
group: peertube group: peertube
mode: "{{ item.mode | default('0755') }}" mode: "{{ item.mode | default('0o755') }}"
loop: loop:
- {path: "config", mode: "0750"} - {path: "config", mode: "0o750"}
- {path: "storage"} - {path: "storage"}
- {path: "versions"} - {path: "versions"}
@@ -78,7 +78,7 @@
ansible.builtin.template: ansible.builtin.template:
src: peertube.service.j2 src: peertube.service.j2
dest: /etc/systemd/system/peertube.service dest: /etc/systemd/system/peertube.service
mode: 0644 mode: "0o644"
- name: Install default configuration - name: Install default configuration
ansible.builtin.file: ansible.builtin.file:

2
roles/php/tasks/main.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0644 mode: "0o644"
loop: loop:
- {src: "www.conf.j2", dest: "/etc/php/{{ php_version }}/fpm/pool.d/www.conf"} - {src: "www.conf.j2", dest: "/etc/php/{{ php_version }}/fpm/pool.d/www.conf"}
- {src: "php.ini.j2", dest: "/etc/php/{{ php_version }}/fpm/php.ini"} - {src: "php.ini.j2", dest: "/etc/php/{{ php_version }}/fpm/php.ini"}

6
roles/postfix/tasks/main.yml
View File

@@ -14,7 +14,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/{{ item }}" src: "./files/{{ item }}"
dest: "/etc/postfix/{{ item }}" dest: "/etc/postfix/{{ item }}"
mode: 0644 mode: "0o644"
loop: loop:
- main.cf - main.cf
- master.cf - master.cf
@@ -25,7 +25,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "./files/{{ item }}" src: "./files/{{ item }}"
dest: "/etc/postfix/{{ item }}" dest: "/etc/postfix/{{ item }}"
mode: 0644 mode: "0o644"
loop: loop:
- transport - transport
- virtual-regexp - virtual-regexp
@@ -39,4 +39,4 @@
dest: /usr/local/bin/generate_email.sh dest: /usr/local/bin/generate_email.sh
owner: root owner: root
group: root group: root
mode: '0755' mode: "0o755"

8
roles/postgres/tasks/main.yml
View File

@@ -11,7 +11,7 @@
owner: postgres owner: postgres
group: postgres group: postgres
state: directory state: directory
mode: 0700 mode: "0o700"
- name: Populate postgresql directory - name: Populate postgresql directory
ansible.builtin.command: ansible.builtin.command:
@@ -25,14 +25,14 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "files/pg_hba.conf" src: "files/pg_hba.conf"
dest: "/etc/postgresql/{{ postgres_pg_version }}/main/pg_hba.conf" dest: "/etc/postgresql/{{ postgres_pg_version }}/main/pg_hba.conf"
mode: "0640" mode: "0o640"
notify: Restart postgres notify: Restart postgres
- name: Put main configuration files - name: Put main configuration files
ansible.builtin.template: ansible.builtin.template:
src: "postgresql.conf.j2" src: "postgresql.conf.j2"
dest: "/etc/postgresql/{{ postgres_pg_version }}/main/postgresql.conf" dest: "/etc/postgresql/{{ postgres_pg_version }}/main/postgresql.conf"
mode: "0644" mode: "0o644"
- name: Create backup dir - name: Create backup dir
ansible.builtin.file: ansible.builtin.file:
@@ -40,7 +40,7 @@
owner: postgres owner: postgres
group: postgres group: postgres
state: directory state: directory
mode: 0755 mode: "0o755"
- name: Cron backup script - name: Cron backup script
ansible.builtin.cron: ansible.builtin.cron:

2
roles/postgrey/tasks/main.yml
View File

@@ -9,6 +9,6 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/postgrey src: files/postgrey
dest: /etc/default/postgrey dest: /etc/default/postgrey
mode: 0644 mode: "0o644"
notify: notify:
- Restart postgrey - Restart postgrey

4
roles/restic/tasks/install.yml
View File

@@ -4,7 +4,7 @@
ansible.builtin.get_url: ansible.builtin.get_url:
url: "{{ restic_download_url }}" url: "{{ restic_download_url }}"
dest: "/tmp" dest: "/tmp"
mode: 0644 mode: "0o644"
- name: Uncompress restic - name: Uncompress restic
ansible.builtin.shell: ansible.builtin.shell:
@@ -14,6 +14,6 @@
- name: Check restic exe - name: Check restic exe
ansible.builtin.file: ansible.builtin.file:
path: "{{ restic_path }}" path: "{{ restic_path }}"
mode: 0755 mode: "0o755"
owner: root owner: root
group: "{{ restic_exe_group }}" group: "{{ restic_exe_group }}"

2
roles/restic/tasks/main.yml
View File

@@ -9,7 +9,7 @@
dest: "{{ restic_script_path }}" dest: "{{ restic_script_path }}"
owner: root owner: root
group: "{{ restic_exe_group }}" group: "{{ restic_exe_group }}"
mode: '0750' mode: "0o750"
- name: Cron backup script - name: Cron backup script
ansible.builtin.cron: ansible.builtin.cron:

4
roles/rsyslog/tasks/main.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/sys.conf src: files/sys.conf
dest: /etc/rsyslog.d/sys.conf dest: /etc/rsyslog.d/sys.conf
mode: 0644 mode: "0o644"
notify: Restart rsyslog notify: Restart rsyslog
when: "'rsyslogservers' in group_names" when: "'rsyslogservers' in group_names"
@@ -17,7 +17,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/remote.conf src: files/remote.conf
dest: /etc/rsyslog.d/remote.conf dest: /etc/rsyslog.d/remote.conf
mode: 0644 mode: "0o644"
notify: Restart rsyslog notify: Restart rsyslog
- name: Insert hosts into /etc/hosts - name: Insert hosts into /etc/hosts

4
roles/smtprelay/tasks/main.yml
View File

@@ -20,7 +20,7 @@
ansible.builtin.template: ansible.builtin.template:
src: sasl_passwd.j2 src: sasl_passwd.j2
dest: /etc/postfix/sasl_passwd dest: /etc/postfix/sasl_passwd
mode: 0640 mode: "0o640"
notify: notify:
- Postmap sasl_passwd - Postmap sasl_passwd
- Restart postfix - Restart postfix
@@ -29,5 +29,5 @@
ansible.builtin.template: ansible.builtin.template:
src: main.cf.j2 src: main.cf.j2
dest: /etc/postfix/main.cf dest: /etc/postfix/main.cf
mode: 0644 mode: "0o644"
notify: Restart postfix notify: Restart postfix

2
roles/smtprelay/tasks/smtp_remap.yml
View File

@@ -3,7 +3,7 @@
- name: Create recipient/destination map - name: Create recipient/destination map
ansible.builtin.copy: ansible.builtin.copy:
dest: "{{ item.destination }}" dest: "{{ item.destination }}"
mode: 0644 mode: "0o644"
content: | content: |
{{ item.content }} {{ item.content }}
loop: loop:

2
roles/smtprelay/tasks/stunnel.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.template: ansible.builtin.template:
src: smtp-wrapper.conf.j2 src: smtp-wrapper.conf.j2
dest: /etc/stunnel/smtp-wrapper.conf dest: /etc/stunnel/smtp-wrapper.conf
mode: 0644 mode: "0o644"
notify: Restart stunnel4 notify: Restart stunnel4
- name: Ensure stunnel is enabled and running - name: Ensure stunnel is enabled and running

2
roles/spamassassin/tasks/main.yml
View File

@@ -14,7 +14,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0644 mode: "0o644"
loop: loop:
- {src: "./files/local.cf", dest: "/etc/spamassassin/local.cf"} - {src: "./files/local.cf", dest: "/etc/spamassassin/local.cf"}
- {src: "./files/spamassassin", dest: "/etc/default/spamassassin"} - {src: "./files/spamassassin", dest: "/etc/default/spamassassin"}

8
roles/system/tasks/main.yml
View File

@@ -64,7 +64,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/dotbashrc src: files/dotbashrc
dest: /root/.bashrc dest: /root/.bashrc
mode: 0644 mode: "0o644"
owner: root owner: root
group: root group: root
@@ -72,7 +72,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/vim/ src: files/vim/
dest: /root/.vim dest: /root/.vim
mode: 0755 mode: "0o755"
owner: root owner: root
group: root group: root
@@ -82,7 +82,7 @@
ansible.builtin.template: ansible.builtin.template:
src: sshd_config.j2 src: sshd_config.j2
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
mode: 0644 mode: "0o644"
notify: notify:
- Restart sshd - Restart sshd
@@ -102,4 +102,4 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/5-install src: files/5-install
dest: /etc/cron-apt/action.d/5-install dest: /etc/cron-apt/action.d/5-install
mode: 0644 mode: "0o644"

2
roles/usb/tasks/main.yml
View File

@@ -4,5 +4,5 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/50-usb.rules src: files/50-usb.rules
dest: /etc/udev/rules.d/50-usb.rules dest: /etc/udev/rules.d/50-usb.rules
mode: 0644 mode: "0o644"
notify: Reload udev notify: Reload udev

6
roles/webapps/tasks/oolatoocs.yml
View File

@@ -6,7 +6,7 @@
state: directory state: directory
owner: www-data owner: www-data
group: www-data group: www-data
mode: 0755 mode: "0o755"
- name: Download oolatoocs exec - name: Download oolatoocs exec
ansible.builtin.get_url: ansible.builtin.get_url:
@@ -14,7 +14,7 @@
dest: "{{ webapps_oolatoocs_local_bin_path }}" dest: "{{ webapps_oolatoocs_local_bin_path }}"
owner: root owner: root
group: root group: root
mode: 0755 mode: "0o755"
- name: Put conf file - name: Put conf file
ansible.builtin.template: ansible.builtin.template:
@@ -22,7 +22,7 @@
dest: /usr/local/etc/oolatoocs.toml dest: /usr/local/etc/oolatoocs.toml
owner: www-data owner: www-data
group: www-data group: www-data
mode: 0640 mode: "0o640"
- name: Init oolatoocs DB - name: Init oolatoocs DB
ansible.builtin.command: ansible.builtin.command:

2
roles/webapps/tasks/ttrss.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/ttrss_backend.service src: files/ttrss_backend.service
dest: /etc/systemd/system/ttrss_backend.service dest: /etc/systemd/system/ttrss_backend.service
mode: 0644 mode: "0o644"
- name: Enable and start service ttrss_backend - name: Enable and start service ttrss_backend
ansible.builtin.service: ansible.builtin.service:

2
roles/webapps/tasks/wp_dojo.yml
View File

@@ -4,7 +4,7 @@
ansible.builtin.copy: ansible.builtin.copy:
src: files/fastcgi_cache.conf src: files/fastcgi_cache.conf
dest: /etc/nginx/conf.d/fastcgi_cache.conf dest: /etc/nginx/conf.d/fastcgi_cache.conf
mode: 0644 mode: "0o644"
notify: notify:
- Restart nginx - Restart nginx

4
roles/xmpp/tasks/main.yml
View File

@@ -18,13 +18,13 @@
path: /etc/prosody/certs/dh-2048.pem path: /etc/prosody/certs/dh-2048.pem
owner: root owner: root
group: prosody group: prosody
mode: '0640' mode: "0o640"
- name: Put prosody configuration file - name: Put prosody configuration file
ansible.builtin.copy: ansible.builtin.copy:
src: ./files/prosody.cfg.lua src: ./files/prosody.cfg.lua
dest: /etc/prosody/prosody.cfg.lua dest: /etc/prosody/prosody.cfg.lua
mode: 0640 mode: "0o640"
owner: root owner: root
group: prosody group: prosody
notify: notify:

4
roles/yarn/tasks/main.yml
View File

@@ -4,7 +4,7 @@
ansible.builtin.get_url: ansible.builtin.get_url:
url: "{{ yarn_key_url }}" url: "{{ yarn_key_url }}"
dest: /tmp/yarn.gpg.key dest: /tmp/yarn.gpg.key
mode: 0644 mode: "0o644"
force: true force: true
- name: Dearmor gpg key - name: Dearmor gpg key
@@ -16,7 +16,7 @@
ansible.builtin.copy: ansible.builtin.copy:
content: "deb [signed-by={{ yarn_key_path }}] https://dl.yarnpkg.com/debian stable main" content: "deb [signed-by={{ yarn_key_path }}] https://dl.yarnpkg.com/debian stable main"
dest: /etc/apt/sources.list.d/yarn.list dest: /etc/apt/sources.list.d/yarn.list
mode: 0644 mode: "0o644"
- name: Install yarn - name: Install yarn
ansible.builtin.apt: ansible.builtin.apt: