style: linting

roles/firewall/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: reload firewall
   openwrt_init:
-      name: firewall
+    name: firewall
-      state: reloaded
+    state: reloaded

roles/firewall/tasks/main.yml

@@ -1,5 +1,7 @@
+---
+
 - name: generate firewall file
   template:
-      src: firewall.j2
+    src: firewall.j2
-      dest: /etc/config/firewall
+    dest: /etc/config/firewall
   notify: reload firewall

roles/ftp/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: restart vsftpd
   service:
     name: vsftpd

roles/ftp/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: Install vsftpd
   package:
     name: vsftpd
@@ -5,15 +7,15 @@
 
 - name: Create ftp directory
   file:
-      path: /srv/ftp
+    path: /srv/ftp
-      state: directory
+    state: directory
 
 - name: Create upload directory
   file:
-      path: /srv/ftp/upload
+    path: /srv/ftp/upload
-      owner: ftp
+    owner: ftp
-      group: root
+    group: root
-      state: directory
+    state: directory
 
 - name: Config vsftpd
   copy:

roles/haproxy/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: restart haproxy
   service:
     name: haproxy

roles/haproxy/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install haproxy package
   package:
     name: haproxy

roles/icecast2/defaults/main.yml

@@ -1,3 +1,5 @@
+---
+
 source_pass: !vault |
           $ANSIBLE_VAULT;1.1;AES256
           36383738646636353839616365316537653865666335353136666166336137636635663062626265

roles/icecast2/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart icecast2
   service:
-      name: icecast2
+    name: icecast2
-      state: restarted
+    state: restarted

roles/icecast2/tasks/main.yml

@@ -1,12 +1,13 @@
+---
+
 - name: install icecast2
   package:
-      name: icecast2
+    name: icecast2
-      state: present
+    state: present
 
 - name: configuration file
   template:
-      src: icecast.xml.j2
+    src: icecast.xml.j2
-      dest: /etc/icecast2/icecast.xml
+    dest: /etc/icecast2/icecast.xml
   notify:
-      - restart icecast2
+    - restart icecast2
-

roles/mailman/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart mailman3
   service:
-      name: mailman3
+    name: mailman3
-      state: restarted
+    state: restarted

roles/mailman/tasks/main.yml

@@ -1,7 +1,9 @@
+---
+
 - name: install mailman3 and dependencies
   package:
-      name: "{{ item }}"
+    name: "{{ item }}"
-      state: present
+    state: present
   loop:
     - mailman3-full
     - sqlite3

roles/mariadb/defaults/main.yml

@@ -1,3 +1,5 @@
+---
+
 mariadb_backup_hour: 5
 mariadb_backup_minute: 0
 mariadb_query_cache_memory: 64

roles/mariadb/handlers/main.yml

@@ -1,7 +1,9 @@
+---
+
 - name: restart mariadb
   service:
-      name: mariadb
+    name: mariadb
-      state: restarted
+    state: restarted
 
 - name: daemon-reload
   command: systemctl daemon-reload

roles/mariadb/tasks/main.yml

@@ -1,34 +1,36 @@
+---
+
 - name: install mariadb
   package:
-      name: mariadb-server
+    name: mariadb-server
-      state: present
+    state: present
 
 - name: create mysql directory
   file:
-      path: /srv/mysql
+    path: /srv/mysql
-      owner: mysql
+    owner: mysql
-      group: mysql
+    group: mysql
-      state: directory
+    state: directory
 
 - name: populate mysql directory
   command: /usr/bin/mysql_install_db --datadir=/srv/mysql
   args:
-      creates: /srv/mysql/ibdata1
+    creates: /srv/mysql/ibdata1
   notify: restart mariadb
 
 - name: replace conffile
   template:
-      src: 50-server.cnf.j2
+    src: 50-server.cnf.j2
-      dest: /etc/mysql/mariadb.conf.d/50-server.cnf
+    dest: /etc/mysql/mariadb.conf.d/50-server.cnf
   notify: restart mariadb
 
 - name: debian upgrade file conf
   template:
-      src: debian.cnf.j2
+    src: debian.cnf.j2
-      dest: /etc/mysql/debian.cnf
+    dest: /etc/mysql/debian.cnf
-      owner: root
+    owner: root
-      group: root
+    group: root
-      mode: '0600'
+    mode: '0600'
   notify: restart mariadb
 
 - name: force handlers
@@ -36,8 +38,8 @@
 
 - name: install python-mysql
   package:
-      name: python3-pymysql
+    name: python3-pymysql
-      state: present
+    state: present
 
 - name: check if .my.cnf file exists
   stat:
@@ -98,15 +100,14 @@
 
 - name: install backup script
   copy:
-      src: files/backup_mysql.sh
+    src: files/backup_mysql.sh
-      dest: /usr/local/bin/backup_mysql.sh
+    dest: /usr/local/bin/backup_mysql.sh
-      mode: '0755'
+    mode: '0755'
 
 - name: cron backup script
   cron:
-      name: "MariaDB backup"
+    name: "MariaDB backup"
-      hour: "{{ mariadb_backup_hour }}"
+    hour: "{{ mariadb_backup_hour }}"
-      minute: "{{ mariadb_backup_minute }}"
+    minute: "{{ mariadb_backup_minute }}"
-      job: "/usr/local/bin/backup_mysql.sh"
+    job: "/usr/local/bin/backup_mysql.sh"
-      state: present
+    state: present
-

roles/mumble/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: restart mumble
   service:
       name: mumble-server

roles/mumble/tasks/main.yml

@@ -1,11 +1,13 @@
+---
+
 - name: install mumble
   package:
-      name: mumble-server
+    name: mumble-server
-      state: present
+    state: present
 
 - name: configuration files
   copy:
-      src: ./files/mumble-server.ini
+    src: ./files/mumble-server.ini
-      dest: /etc/mumble-server.ini
+    dest: /etc/mumble-server.ini
   notify:
-      - restart mumble
+    - restart mumble

roles/munin-client/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart munin-node
   service:
-      name: munin-node
+    name: munin-node
-      state: restarted
+    state: restarted

roles/munin-client/tasks/hypervisors.yml

@@ -1,13 +1,15 @@
+---
+
 - name: delete squid plugins
   shell:
-      cmd: "rm -f /etc/munin/plugins/squid_*"
+    cmd: "rm -f /etc/munin/plugins/squid_*"
-      warn: False
+    warn: false
   notify:
-      - restart munin-node
+    - restart munin-node
 
 - name: delete lxc interfaces plugins
   shell:
-      cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*"
+    cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*"
-      warn: False
+    warn: false
   notify:
-      - restart munin-node
+    - restart munin-node

roles/munin-client/tasks/mikrotik.yml

@@ -1,4 +1,5 @@
-# For Munin servers
+---
+
 - name: deploy mikrotik unitary scripts
   copy:
     src: "./files/{{ item.0 }}"

roles/munin-client/tasks/physical_servers.yml

@@ -1,16 +1,16 @@
+---
 # for physical servers
 - name: install necessary packages for hypervisors
   package:
-      name: lm-sensors
+    name: lm-sensors
-      state: present
+    state: present
 
 - name: configure specific munin plugin
   file:
-      path: "/etc/munin/plugins/sensors_{{ item }}"
+    path: "/etc/munin/plugins/sensors_{{ item }}"
-      src: /usr/share/munin/plugins/sensors_
+    src: /usr/share/munin/plugins/sensors_
-      state: link
+    state: link
   notify:
-      - restart munin-node
+    - restart munin-node
   loop:
-      - temp
+    - temp
-

roles/munin-server/tasks/main.yml

@@ -1,10 +1,11 @@
+---
+
 - name: install munin packages
   package:
-      name: munin
+    name: munin
-      state: present
+    state: present
 
 - name: munin conf file
   template:
-      src: munin.conf.j2
+    src: munin.conf.j2
-      dest: /etc/munin/munin.conf
+    dest: /etc/munin/munin.conf
-

roles/nginx/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: restart nginx
   service:
     name: nginx

roles/nginx/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install nginx package
   package:
     name: nginx-full
@@ -15,26 +17,26 @@
   notify:
     - restart nginx
   loop:
-    - { src: nginx.conf.j2, dest: /etc/nginx/nginx.conf }
+    - {src: nginx.conf.j2, dest: /etc/nginx/nginx.conf}
-    - { src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf }
+    - {src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf}
-    - { src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params }
+    - {src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params}
-    - { src: proxy_params.j2, dest: /etc/nginx/proxy_params }
+    - {src: proxy_params.j2, dest: /etc/nginx/proxy_params}
-    - { src: default.j2, dest: /etc/nginx/sites-available/default }
+    - {src: default.j2, dest: /etc/nginx/sites-available/default}
 
 - name: create base dir
   file:
-      path: /srv/http
+    path: /srv/http
-      owner: root
+    owner: root
-      group: www-data
+    group: www-data
-      mode: 'u+rwx,g+rs,o-rwx'
+    mode: 'u+rwx,g+rs,o-rwx'
-      state: directory
+    state: directory
 
 - name: create letsencrypt dir
   file:
-      path: /srv/http/common/letsencrypt
+    path: /srv/http/common/letsencrypt
-      owner: root
+    owner: root
-      group: www-data
+    group: www-data
-      mode: 'u+rwx,g+rs,o-rwx'
+    mode: 'u+rwx,g+rs,o-rwx'
-      state: directory
+    state: directory
 
 - include_tasks: vhosts.yml

roles/nginx/tasks/vhosts.yml

@@ -1,12 +1,14 @@
+---
+
 - name: symlink vhosts
   file:
     src: "/etc/nginx/sites-available/{{ item }}.conf"
     dest: "/etc/nginx/sites-enabled/{{ item }}.conf"
-    force: True
+    force: true
-    follow: False
+    follow: false
     state: link
   notify:
-      - restart nginx
+    - restart nginx
   loop: "{{ web_hostname }}"
 
 - name: install vhosts

roles/nut-client/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart nut-client
   service:
-      name: nut-client
+    name: nut-client
-      state: restarted
+    state: restarted

roles/nut-client/tasks/main.yml

@@ -1,19 +1,21 @@
+---
+
 - name: install nut client
   package:
-      name: nut-client
+    name: nut-client
-      state: present
+    state: present
 
 - name: upsmon.conf file
   template:
-      src: upsmon.conf.j2
+    src: upsmon.conf.j2
-      dest: /etc/nut/upsmon.conf
+    dest: /etc/nut/upsmon.conf
-      mode: '0640'
+    mode: '0640'
   notify: restart nut-client
 
 - name: nut.conf file
   copy:
-      src: files/nut.conf
+    src: files/nut.conf
-      dest: /etc/nut/nut.conf
+    dest: /etc/nut/nut.conf
-      mode: '0640'
+    mode: '0640'
   when: inventory_hostname not in groups['nut_server']
   notify: restart nut-client

roles/nut-server/handlers/main.yml

@@ -1,12 +1,14 @@
+---
+
 - name: restart nut-server
   service:
-      name: nut-server
+    name: nut-server
-      state: restarted
+    state: restarted
 
 - name: udev
   command: "udevadm control --reload-rules && udevadm trigger"
 
 - name: restart nut-driver
   service:
-      name: nut-driver
+    name: nut-driver
-      state: restarted
+    state: restarted

roles/nut-server/tasks/main.yml

@@ -1,40 +1,42 @@
+---
+
 - name: install nut server
   package:
-      name: nut-server
+    name: nut-server
-      state: present
+    state: present
 
 - name: udev conf file for nut
   copy:
-      src: files/90-nut-ups.rules
+    src: files/90-nut-ups.rules
-      dest: /etc/udev/rules.d/90-nut-ups.rules
+    dest: /etc/udev/rules.d/90-nut-ups.rules
   notify:
-      - udev
+    - udev
-      - restart nut-driver
+    - restart nut-driver
 
 - name: nut.conf file
   copy:
-      src: files/nut.conf
+    src: files/nut.conf
-      dest: /etc/nut/nut.conf
+    dest: /etc/nut/nut.conf
-      mode: '0640'
+    mode: '0640'
   notify: restart nut-server
 
 - name: ups.conf file
   copy:
-      src: files/ups.conf
+    src: files/ups.conf
-      dest: /etc/nut/ups.conf
+    dest: /etc/nut/ups.conf
-      mode: '0640'
+    mode: '0640'
   notify: restart nut-server
 
 - name: upsd.conf file
   copy:
-      src: files/upsd.conf
+    src: files/upsd.conf
-      dest: /etc/nut/upsd.conf
+    dest: /etc/nut/upsd.conf
-      mode: '0640'
+    mode: '0640'
   notify: restart nut-server
 
 - name: upsd.users file
   template:
-      src: upsd.users.j2
+    src: upsd.users.j2
-      dest: /etc/nut/upsd.users
+    dest: /etc/nut/upsd.users
-      mode: '0640'
+    mode: '0640'
   notify: restart nut-server

roles/opendkim/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart opendkim
   service:
-      name: opendkim
+    name: opendkim
-      state: restarted
+    state: restarted

roles/opendkim/tasks/main.yml

@@ -1,32 +1,33 @@
+---
+
 - name: install opendkim
   package:
-      name: "{{ item }}"
+    name: "{{ item }}"
-      state: present
+    state: present
   loop:
-      - opendkim
+    - opendkim
-      - opendkim-tools
+    - opendkim-tools
 
 - name: main configuration files
   template:
-      src: opendkim.conf
+    src: opendkim.conf
-      dest: /etc/opendkim.conf
+    dest: /etc/opendkim.conf
   notify:
-      - restart opendkim
+    - restart opendkim
 
 - name: dkim directory
   file:
-      path: /etc/dkim
+    path: /etc/dkim
-      state: directory
+    state: directory
 
 - name: secondary configuration files
   copy:
-      src: "./files/dkim/{{ item }}"
+    src: "./files/dkim/{{ item }}"
-      dest: "/etc/dkim/{{ item }}"
+    dest: "/etc/dkim/{{ item }}"
   loop:
-      - KeyTable
+    - KeyTable
-      - PeerList
+    - PeerList
-      - SigningTable
+    - SigningTable
-      - TrustedHosts
+    - TrustedHosts
   notify:
-      - restart opendkim
+    - restart opendkim
-

roles/opendmarc/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart opendmarc
   service:
-      name: opendmarc
+    name: opendmarc
-      state: restarted
+    state: restarted

roles/opendmarc/tasks/main.yml

@@ -1,26 +1,27 @@
+---
+
 - name: install opendmarc
   package:
-      name: opendmarc
+    name: opendmarc
-      state: present
+    state: present
 
 - name: opendmarc config file
   copy:
-      src: ./files/opendmarc.conf
+    src: ./files/opendmarc.conf
-      dest: /etc/opendmarc.conf
+    dest: /etc/opendmarc.conf
   notify:
-      - restart opendmarc
+    - restart opendmarc
 
 - name: dmarc directory
   file:
-      path: /etc/dmarc
+    path: /etc/dmarc
-      state: directory
+    state: directory
 
 - name: secondary configuration files
   copy:
-      src: "./files/dmarc/{{ item }}"
+    src: "./files/dmarc/{{ item }}"
-      dest: "/etc/dmarc/{{ item }}"
+    dest: "/etc/dmarc/{{ item }}"
   loop:
-      - IgnoreHosts
+    - IgnoreHosts
   notify:
-      - restart opendmarc
+    - restart opendmarc
-

roles/php/defaults/main.yml

@@ -1 +1,3 @@
+---
+
 php_modules: "['opcache', 'mysql', 'mbstring', 'gd']"

roles/php/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart php-fpm
   service:
-      name: "php{{ php_version }}-fpm"
+    name: "php{{ php_version }}-fpm"
-      state: restarted
+    state: restarted

roles/php/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install php-fpm
   package:
     name: php-fpm
@@ -5,17 +7,17 @@
 
 - name: configure php-fpm
   template:
-      src: www.conf.j2
+    src: www.conf.j2
-      dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
+    dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
   notify:
-      - restart php-fpm
+    - restart php-fpm
 
 - name: configure php
   copy:
-      src: ./files/php.ini
+    src: ./files/php.ini
-      dest: /etc/php/{{ php_version }}/fpm/php.ini
+    dest: /etc/php/{{ php_version }}/fpm/php.ini
   notify:
-      - restart php-fpm
+    - restart php-fpm
 
 - name: install lib for php
   package:
@@ -23,5 +25,4 @@
     state: present
   loop: "{{ php_modules }}"
   notify:
-      - restart php-fpm
+    - restart php-fpm
-

roles/postfix/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: postmap virtual-regexp
   command: postmap /etc/postfix/virtual-regexp
   listen: "postmap files"
@@ -8,7 +10,5 @@
 
 - name: restart postfix
   service:
-      name: postfix
+    name: postfix
-      state: restarted
+    state: restarted
-
-

roles/postfix/tasks/main.yml

@@ -1,39 +1,40 @@
+---
+
 - name: install postfix
   package:
-      name: postfix
+    name: postfix
-      state: present
+    state: present
 
 - name: install mailutils
   package:
-      name: mailutils
+    name: mailutils
-      state: present
+    state: present
 
 - name: main configuration files
   copy:
-      src: "./files/{{ item }}"
+    src: "./files/{{ item }}"
-      dest: "/etc/postfix/{{ item }}"
+    dest: "/etc/postfix/{{ item }}"
   loop:
-      - main.cf
+    - main.cf
-      - master.cf
+    - master.cf
   notify:
-      - restart postfix
+    - restart postfix
 
 - name: map files
   copy:
-      src: "./files/{{ item }}"
+    src: "./files/{{ item }}"
-      dest: "/etc/postfix/{{ item }}"
+    dest: "/etc/postfix/{{ item }}"
   loop:
-      - transport
+    - transport
-      - virtual-regexp
+    - virtual-regexp
   notify:
-      - postmap files
+    - postmap files
-      - restart postfix
+    - restart postfix
 
 - name: mail generation script
   copy:
-      src: ./files/generate_email.sh
+    src: ./files/generate_email.sh
-      dest: /usr/local/bin/generate_email.sh
+    dest: /usr/local/bin/generate_email.sh
-      owner: root
+    owner: root
-      group: root
+    group: root
-      mode: '0755'
+    mode: '0755'
-

roles/postgres/defaults/main.yml

@@ -1 +1,3 @@
+---
+
 pg_version: "{% if ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '9' %}9.6{% elif ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '10' %}11{% elif ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '11' %}13{% endif %}"

roles/postgres/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart postgres
   service:
-      name: "postgresql@{{ pg_version }}-main"
+    name: "postgresql@{{ pg_version }}-main"
-      state: restarted
+    state: restarted

roles/postgres/tasks/main.yml

@@ -1,7 +1,9 @@
+---
+
 - name: install postgresql
   package:
-      name: postgresql
+    name: postgresql
-      state: present
+    state: present
 
 - name: create pgsql directory
   file:
@@ -12,35 +14,35 @@
 
 - name: populate postgresql directory
   command: "/usr/lib/postgresql/{{ pg_version }}/bin/initdb -E UTF-8 /srv/postgresql/"
-  become: yes
+  become: true
   become_user: postgres
   args:
-      creates: /srv/postgresql/PG_VERSION
+    creates: /srv/postgresql/PG_VERSION
   notify: restart postgres
 
 - name: replace main conffile
   copy:
-      src: files/postgresql.conf
+    src: files/postgresql.conf
-      dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf"
+    dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf"
   notify: restart postgres
 
 - name: replace pg_hba file
   copy:
-      src: files/pg_hba.conf
+    src: files/pg_hba.conf
-      dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf"
+    dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf"
   notify: restart postgres
 
 - name: create backup dir
   file:
-      path: /srv/backup/pgsql
+    path: /srv/backup/pgsql
-      owner: postgres
+    owner: postgres
-      group: postgres
+    group: postgres
-      state: directory
+    state: directory
 
 - name: backup pg databases
   cron:
-      user: postgres
+    user: postgres
-      minute: "0"
+    minute: "0"
-      hour: "4"
+    hour: "4"
-      name: PG Backup
+    name: PG Backup
-      job: "/usr/bin/pg_dumpall | gzip -c > /srv/backup/pgsql/all.dbs.gz"
+    job: "/usr/bin/pg_dumpall | gzip -c > /srv/backup/pgsql/all.dbs.gz"

roles/rsyslog/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart rsyslog
   service:
-      name: rsyslog
+    name: rsyslog
-      state: restarted
+    state: restarted

roles/rsyslog/tasks/main.yml

@@ -1,19 +1,21 @@
+---
+
 - name: install rsyslog
   package:
-      name: rsyslog
+    name: rsyslog
-      state: present
+    state: present
 
 - name: put log concentration file
   copy:
-      src: files/sys.conf
+    src: files/sys.conf
-      dest: /etc/rsyslog.d/sys.conf
+    dest: /etc/rsyslog.d/sys.conf
   notify: restart rsyslog
   when: "'rsyslogservers' in group_names"
 
 - name: put rsyslog config file
   copy:
-      src: files/remote.conf
+    src: files/remote.conf
-      dest: /etc/rsyslog.d/remote.conf
+    dest: /etc/rsyslog.d/remote.conf
   notify: restart rsyslog
 
 - name: insert hosts into /etc/hosts

roles/rsyslog/vars/main.yml

@@ -1,3 +1,5 @@
+---
+
 pretty_named_hosts:
   - name: enbarr
     address: 10.233.212.50

roles/smtprelay/handlers/main.yml

@@ -1,8 +1,9 @@
+---
+
 - name: restart postfix
   service:
-      name: postfix
+    name: postfix
-      state: restarted
+    state: restarted
 
 - name: postmap sasl_passwd
   command: postmap /etc/postfix/sasl_passwd
-

roles/smtprelay/tasks/main.yml

@@ -1,25 +1,27 @@
+---
+
 - name: install postfix smtp server
   package:
-      name: postfix
+    name: postfix
-      state: present
+    state: present
 
 - name: install libsasl2
   package:
-      name: libsasl2-modules
+    name: libsasl2-modules
-      state: present
+    state: present
 
 - name: install sasl_passwd file
   template:
-      src: sasl_passwd.j2
+    src: sasl_passwd.j2
-      dest: /etc/postfix/sasl_passwd
+    dest: /etc/postfix/sasl_passwd
-      mode: 0640
+    mode: 0640
   notify:
-      - postmap sasl_passwd
+    - postmap sasl_passwd
-      - restart postfix
+    - restart postfix
 
 - name: install default postfix main.cf
   template:
-      src: main.cf.j2
+    src: main.cf.j2
-      dest: /etc/postfix/main.cf
+    dest: /etc/postfix/main.cf
-      mode: 0644
+    mode: 0644
   notify: restart postfix

roles/system/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: restart sshd
   service:
     name: sshd

roles/system/tasks/apt-transport-https.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install https transport for apt
   package:
     name: apt-transport-https

roles/system/tasks/aptitude.yml

@@ -1,5 +1,7 @@
+---
+
 - name: install aptitude
   package:
-      name: aptitude
+    name: aptitude
-      state: present
+    state: present
   when: ansible_facts['os_family'] == 'Debian'

roles/system/tasks/bashrc.yml

@@ -1,6 +1,8 @@
+---
+
 - name: copy basic bashrc files
   copy:
-      src: files/dotbashrc
+    src: files/dotbashrc
-      dest: /root/.bashrc
+    dest: /root/.bashrc
-      owner: root
+    owner: root
-      group: root
+    group: root

roles/system/tasks/cron-apt.yml

@@ -1,10 +1,11 @@
+---
+
 - name: install cron-apt
   package:
-      name: cron-apt
+    name: cron-apt
-      state: present
+    state: present
 
 - name: default configuration file
   copy:
-      src: files/5-install
+    src: files/5-install
-      dest: /etc/cron-apt/action.d/5-install
+    dest: /etc/cron-apt/action.d/5-install
-

roles/system/tasks/cron.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install cron
   package:
     name: cron

roles/system/tasks/curl.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install curl
   package:
     name: curl

roles/system/tasks/gpg.yml

@@ -1,4 +1,6 @@
+---
+
 - name: install gpg package
   package:
-      name: gpg
+    name: gpg
-      state: present
+    state: present

roles/system/tasks/htop.yml

@@ -1,4 +1,6 @@
+---
+
 - name: install htop
   package:
-      name: htop
+    name: htop
-      state: present
+    state: present

roles/system/tasks/locales.yml

@@ -1,3 +1,5 @@
+---
+
 - name: Set default locale to fr_FR.UTF-8
   debconf:
     name: locales
@@ -13,8 +15,8 @@
     vtype: multiselect
 - name: delete original locale.gen
   file:
-      path: /etc/locale.gen
+    path: /etc/locale.gen
-      state: absent
+    state: absent
   when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8'
 
 - name: update original locale.gen

roles/system/tasks/localtime.yml

@@ -1,3 +1,5 @@
+---
+
 - file:
     src: /usr/share/zoneinfo/Europe/Paris
     dest: /etc/localtime

roles/system/tasks/ping.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install ping utility
   package:
     name: iputils-ping

roles/system/tasks/sshd.yml

@@ -1,3 +1,5 @@
+---
+
 - name: ssh configuration file
   template:
     src: sshd_config.j2
@@ -7,15 +9,15 @@
 
 - name: ssh keys home
   authorized_key:
-      user: root
+    user: root
-      state: present
+    state: present
-      key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}"
+    key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}"
 
 - name: ssh keys work
   authorized_key:
-      user: root
+    user: root
-      state: present
+    state: present
-      key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}"
+    key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}"
 
 - name: remove old work key
   authorized_key:

roles/system/tasks/telnet.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install telnet
   package:
     name: telnet

roles/system/tasks/vimrc.yml

@@ -1,7 +1,9 @@
+---
+
 - name: install vim package
   package:
-      name: vim
+    name: vim
-      state: present
+    state: present
 
 - name: copy vimrc config file
   copy:

roles/system/tasks/wget.yml

@@ -1,3 +1,5 @@
+---
+
 - name: install wget package
   package:
     name: wget

roles/unifi/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: Add APT Key for Unifi
   get_url:
     url: https://dl.ui.com/unifi/unifi-repo.gpg

roles/usb/handlers/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: reload udev
   command: "{{ item }}"
   loop:

roles/usb/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: USB Udev rules
   copy:
     src: files/50-usb.rules

roles/webapps/handlers/main.yml

@@ -1,9 +1,11 @@
+---
+
 - name: restart nginx
   service:
-      name: nginx
+    name: nginx
-      state: restarted
+    state: restarted
 
 - name: restart php-fpm
   service:
-      name: "php{{ php_version }}-fpm"
+    name: "php{{ php_version }}-fpm"
-      state: restarted
+    state: restarted

roles/webapps/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - name: include ttrss for web1
   include_tasks: ttrss.yml
   when: inventory_hostname == 'web1.dmz.mateu.be'

roles/webapps/tasks/matomo.yml

@@ -1,6 +1,8 @@
+---
+
 - name: crontab for matomo
   cron:
-      name: Matomo reports
+    name: Matomo reports
-      user: www-data
+    user: www-data
-      minute: "5"
+    minute: "5"
-      job: "/usr/bin/php /srv/http/analyse.nintendojo.fr/console core:archive > /dev/null"
+    job: "/usr/bin/php /srv/http/analyse.nintendojo.fr/console core:archive > /dev/null"

roles/webapps/tasks/nextcloud.yml

@@ -1,6 +1,8 @@
+---
+
 - name: php-fpm nextcloud specific configuration
   copy:
-      src: files/oc.conf
+    src: files/oc.conf
-      dest: "/etc/php/{{ php_version }}/fpm/pool.d/oc.conf"
+    dest: "/etc/php/{{ php_version }}/fpm/pool.d/oc.conf"
   notify:
-      - restart php-fpm
+    - restart php-fpm

roles/webapps/tasks/scootaloo.yml

@@ -1,10 +1,12 @@
+---
+
 - name: install scootaloo
   copy:
-      src: files/bin/scootaloo
+    src: files/bin/scootaloo
-      dest: "{{ scootaloo_bin_path }}"
+    dest: "{{ scootaloo_bin_path }}"
-      owner: root
+    owner: root
-      group: www-data
+    group: www-data
-      mode: 0750
+    mode: 0750
 
 - name: put configuration file
   template:
@@ -31,8 +33,7 @@
 
 - name: cron for scootaloo
   cron:
-      name: Scootaloo Dojo
+    name: Scootaloo Dojo
-      user: www-data
+    user: www-data
-      minute: "*/5"
+    minute: "*/5"
-      job: "{{ scootaloo_bin_path }} > /dev/null"
+    job: "{{ scootaloo_bin_path }} > /dev/null"
-

roles/webapps/tasks/tootctl.yml

@@ -1,7 +1,9 @@
+---
+
 - name: cron for tootctl
   cron:
-      name: Mastodon tootctl
+    name: Mastodon tootctl
-      minute: "0"
+    minute: "0"
-      hour: "19"
+    hour: "19"
-      weekday: "5"
+    weekday: "5"
-      job: "COMPOSE_HTTP_TIMEOUT=360 docker-compose -f /srv/docker/m.nintendojo.fr/docker-compose.yml run --rm web bin/tootctl media remove"
+    job: "COMPOSE_HTTP_TIMEOUT=360 docker-compose -f /srv/docker/m.nintendojo.fr/docker-compose.yml run --rm web bin/tootctl media remove"

roles/webapps/tasks/ttrss.yml

@@ -1,16 +1,17 @@
+---
+
 - name: systemd file for backend
   copy:
-      src: files/ttrss_backend.service
+    src: files/ttrss_backend.service
-      dest: /etc/systemd/system/ttrss_backend.service
+    dest: /etc/systemd/system/ttrss_backend.service
 
 - name: enable and start service ttrss_backend
   service:
-      name: ttrss_backend
+    name: ttrss_backend
-      enabled: true
+    enabled: true
-      state: started
+    state: started
 
 - name: install git
   package:
-      name: git
+    name: git
-      state: present
+    state: present
-

roles/webapps/tasks/wp_dojo.yml

@@ -1,13 +1,15 @@
+---
+
 - name: nginx cache
   copy:
-      src: files/fastcgi_cache.conf
+    src: files/fastcgi_cache.conf
-      dest: /etc/nginx/conf.d/fastcgi_cache.conf
+    dest: /etc/nginx/conf.d/fastcgi_cache.conf
   notify:
-      - restart nginx
+    - restart nginx
 
 - name: wordpress cron
   cron:
-      name: "WP Twitter refresh"
+    name: "WP Twitter refresh"
-      user: www-data
+    user: www-data
-      minute: "*/2"
+    minute: "*/2"
-      job: "/usr/bin/wget -q -O - https://www.nintendojo.fr/wp-cron.php &> /dev/null"
+    job: "/usr/bin/wget -q -O - https://www.nintendojo.fr/wp-cron.php &> /dev/null"

roles/webapps/tasks/z-push.yml

@@ -1,30 +1,32 @@
+---
+
 - name: install z-push repokey
   apt_key:
-      url: https://download.kopano.io/zhub/z-push%3A/final/Debian_10/Release.key
+    url: https://download.kopano.io/zhub/z-push%3A/final/Debian_10/Release.key
-      state: present
+    state: present
 
 - name: install z-push repo
   apt_repository:
-      repo: deb https://download.kopano.io/zhub/z-push:/final/Debian_10/ /
+    repo: deb https://download.kopano.io/zhub/z-push:/final/Debian_10/ /
-      state: present
+    state: present
 
 - name: install z-push packages
   package:
-      name: "{{ item }}"
+    name: "{{ item }}"
-      state: present
+    state: present
   loop:
-      - z-push-autodiscover
+    - z-push-autodiscover
-      - z-push-backend-caldav
+    - z-push-backend-caldav
-      - z-push-backend-carddav
+    - z-push-backend-carddav
-      - z-push-backend-combined
+    - z-push-backend-combined
-      - z-push-backend-imap
+    - z-push-backend-imap
-      - z-push-common
+    - z-push-common
-      - z-push-ipc-sharedmemory
+    - z-push-ipc-sharedmemory
-      - z-push-state-sql
+    - z-push-state-sql
 
 - name: log directory
   file:
-      path: /var/log/z-push/
+    path: /var/log/z-push/
-      owner: www-data
+    owner: www-data
-      group: www-data
+    group: www-data
-      state: directory
+    state: directory

roles/x509/tasks/main.yml

@@ -1,5 +1,6 @@
+---
+
 - name: install acme.sh
   shell: curl https://get.acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh
   args:
     creates: /etc/x509
-

roles/xmpp/handlers/main.yml

@@ -1,4 +1,6 @@
+---
+
 - name: restart prosody
   service:
-      name: prosody
+    name: prosody
-      state: restarted
+    state: restarted

roles/xmpp/tasks/main.yml

@@ -1,10 +1,12 @@
+---
+
 - name: install prosody
   package:
-      name: "{{ item }}"
+    name: "{{ item }}"
-      state: present
+    state: present
   loop:
-      - prosody
+    - prosody
-      - prosody-modules
+    - prosody-modules
 
 - name: create dhparam
   shell: /usr/bin/openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048
@@ -13,15 +15,14 @@
 
 - name: right management for dh params
   file:
-      path: /etc/prosody/certs/dh-2048.pem
+    path: /etc/prosody/certs/dh-2048.pem
-      owner: root
+    owner: root
-      group: prosody
+    group: prosody
-      mode: '0640'
+    mode: '0640'
 
 - name: prosody configuration files
   copy:
-      src: ./files/prosody.cfg.lua
+    src: ./files/prosody.cfg.lua
-      dest: /etc/prosody/prosody.cfg.lua
+    dest: /etc/prosody/prosody.cfg.lua
   notify:
-      - restart prosody
+    - restart prosody
-