From 4f57cd79ee536376aa4e26b6a200fea07d69d912 Mon Sep 17 00:00:00 2001 From: VC Date: Fri, 5 Jul 2024 11:53:33 +0200 Subject: [PATCH] style: make ansible-lint happier --- roles/mariadb/handlers/main.yml | 9 ++- roles/mariadb/tasks/main.yml | 79 ++++++++++--------- roles/mastodon/tasks/main.yml | 38 ++++----- roles/mastodon/tasks/mastodon.yml | 47 +++++------ roles/mastodon/tasks/nodejs.yml | 20 +++-- roles/mastodon/tasks/rbenv.yml | 21 ++--- roles/mastodon/tasks/redis.yml | 8 +- roles/mastodon/tasks/yarn.yml | 20 +++-- roles/mumble/handlers/main.yml | 4 +- roles/mumble/tasks/main.yml | 11 +-- roles/munin_client/handlers/main.yml | 4 +- roles/munin_client/tasks/hypervisors.yml | 16 ++-- roles/munin_client/tasks/main.yml | 76 +++++++++--------- roles/munin_client/tasks/mikrotik.yml | 16 ++-- roles/munin_client/tasks/physical_servers.yml | 10 +-- roles/munin_server/tasks/main.yml | 9 ++- 16 files changed, 208 insertions(+), 180 deletions(-) diff --git a/roles/mariadb/handlers/main.yml b/roles/mariadb/handlers/main.yml index 4b62cab..aa38652 100644 --- a/roles/mariadb/handlers/main.yml +++ b/roles/mariadb/handlers/main.yml @@ -1,9 +1,10 @@ --- -- name: restart mariadb - service: +- name: Restart mariadb + ansible.builtin.service: name: mariadb state: restarted -- name: daemon-reload - command: systemctl daemon-reload +- name: Daemon-reload + ansible.builtin.systemd: + daemon_reload: true diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml index a8633c9..3c0f70b 100644 --- a/roles/mariadb/tasks/main.yml +++ b/roles/mariadb/tasks/main.yml @@ -1,67 +1,69 @@ --- -- name: install mariadb - package: +- name: Install mariadb + ansible.builtin.package: name: mariadb-server state: present -- name: create mysql directory - file: +- name: Create mysql directory + ansible.builtin.file: path: /srv/mysql owner: mysql group: mysql state: directory + mode: 0755 -- name: populate mysql directory - command: /usr/bin/mysql_install_db --datadir=/srv/mysql - args: +- name: Populate mysql directory + ansible.builtin.command: + cmd: /usr/bin/mysql_install_db --datadir=/srv/mysql creates: /srv/mysql/ibdata1 - notify: restart mariadb + notify: Restart mariadb -- name: replace conffile - template: +- name: Replace conffile + ansible.builtin.template: src: 50-server.cnf.j2 dest: /etc/mysql/mariadb.conf.d/50-server.cnf - notify: restart mariadb + mode: 0644 + notify: Restart mariadb -- name: debian upgrade file conf - template: +- name: Debian upgrade file conf + ansible.builtin.template: src: debian.cnf.j2 dest: /etc/mysql/debian.cnf owner: root group: root mode: '0600' - notify: restart mariadb + notify: Restart mariadb -- name: force handlers - meta: flush_handlers +- name: Force handlers + ansible.builtin.meta: flush_handlers -- name: install python-mysql - package: +- name: Install python-mysql + ansible.builtin.package: name: python3-pymysql state: present -- name: check if .my.cnf file exists - stat: +- name: Check if .my.cnf file exists + ansible.builtin.stat: path: /root/.my.cnf register: dot_my_cnf -- name: root password - mysql_user: +- name: Root password + community.mysql.mysql_user: login_unix_socket: "/var/run/mysqld/mysqld.sock" host: localhost name: root password: "{{ mariadb_root_pass }}" - when: dot_my_cnf.stat.exists == False + when: not dot_my_cnf.stat.exists -- name: put .my.cnf file - template: +- name: Put .my.cnf file + ansible.builtin.template: src: dot.my.cnf.j2 dest: ~/.my.cnf mode: '0600' -- name: root password (follow-up) - mysql_user: +- name: Root password (follow-up) + community.mysql.mysql_user: login_user: root host: "{{ item }}" name: root @@ -71,9 +73,9 @@ - "127.0.0.1" - "::1" -- name: scripted version of mysql_secure_installation - shell: "{{ item }}" - args: +- name: Scripted version of mysql_secure_installation + ansible.builtin.command: + cmd: "{{ item }}" creates: ~/mysql_secure_installation loop: - "mysql -e \"DELETE FROM mysql.user WHERE User='';\"" @@ -84,27 +86,28 @@ - touch ~/mysql_secure_installation - name: Create MariaDB service dir - file: + ansible.builtin.file: path: /etc/systemd/system/mariadb.service.d/ state: directory mode: 0755 - name: Create MariaDB service override - copy: + ansible.builtin.copy: src: files/override.conf dest: /etc/systemd/system/mariadb.service.d/override.conf + mode: 0644 notify: - - restart mariadb - - daemon-reload + - Restart mariadb + - Daemon-reload -- name: install backup script - copy: +- name: Install backup script + ansible.builtin.copy: src: files/backup_mysql.sh dest: /usr/local/bin/backup_mysql.sh mode: '0755' -- name: cron backup script - cron: +- name: Cron backup script + ansible.builtin.cron: name: "MariaDB backup" hour: "{{ mariadb_backup_hour }}" minute: "{{ mariadb_backup_minute }}" diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml index 05e6376..d83e108 100644 --- a/roles/mastodon/tasks/main.yml +++ b/roles/mastodon/tasks/main.yml @@ -1,39 +1,41 @@ --- -- name: install nodejs - include_tasks: nodejs.yml +- name: Install nodejs + ansible.builtin.include_tasks: nodejs.yml -- name: install yarn - include_tasks: yarn.yml +- name: Install yarn + ansible.builtin.include_tasks: yarn.yml -- name: install redis - include_tasks: redis.yml +- name: Install redis + ansible.builtin.include_tasks: redis.yml -- name: mastodon user - user: +- name: Mastodon user + ansible.builtin.user: name: mastodon comment: "John Mastodon" password: '!' shell: /bin/bash home: "{{ mastodon_home }}" -- name: mastodon .ssh dir - file: +- name: Mastodon .ssh dir + ansible.builtin.file: state: directory path: "{{ mastodon_home }}/.ssh" + mode: 0755 owner: mastodon group: mastodon -- name: ssh for mastodon user - copy: +- name: Ssh for mastodon user + ansible.builtin.copy: remote_src: true src: /root/.ssh/authorized_keys dest: "{{ mastodon_home }}/.ssh/authorized_keys" + mode: 0644 owner: mastodon group: mastodon -- name: install prereq - apt: +- name: Install prereq + ansible.builtin.apt: name: "{{ item }}" state: present loop: @@ -64,8 +66,8 @@ - libicu-dev - libjemalloc-dev -- name: install rbenv - include_tasks: rbenv.yml +- name: Install rbenv + ansible.builtin.include_tasks: rbenv.yml -- name: install mastodon - include_tasks: mastodon.yml +- name: Install mastodon + ansible.builtin.include_tasks: mastodon.yml diff --git a/roles/mastodon/tasks/mastodon.yml b/roles/mastodon/tasks/mastodon.yml index 55c57ba..54a417d 100644 --- a/roles/mastodon/tasks/mastodon.yml +++ b/roles/mastodon/tasks/mastodon.yml @@ -1,44 +1,46 @@ --- -- name: git mastodon +- name: Git mastodon remote_user: mastodon - git: + ansible.builtin.git: repo: "https://github.com/mastodon/mastodon.git" dest: "{{ mastodon_home }}/live" version: "v{{ mastodon_version }}" -- name: bundle config command +- name: Bundle config command remote_user: mastodon - shell: | - bash -lic "bundle config deployment 'true' && bundle config without 'development test'" - args: + ansible.builtin.command: + cmd: | + bash -lic "bundle config deployment 'true' && bundle config without 'development test'" creates: "{{ mastodon_home }}/.bundle/config" chdir: "{{ mastodon_home }}/live" -- name: bundle install +- name: Bundle install remote_user: mastodon - shell: | - bash -lic "bundle install -j$(getconf _NPROCESSORS_ONLN)" - args: + ansible.builtin.command: + cmd: | + bash -lic "bundle install -j$(getconf _NPROCESSORS_ONLN)" chdir: "{{ mastodon_home }}/live" + changed_when: true -- name: yarn install +- name: Yarn install remote_user: mastodon - shell: | - bash -lic "yarn install --pure-lockfile" - args: + ansible.builtin.command: + cmd: | + bash -lic "yarn install --pure-lockfile" chdir: "{{ mastodon_home }}/live" + changed_when: true -- name: create bin dir +- name: Create bin dir remote_user: mastodon - file: + ansible.builtin.file: path: "{{ mastodon_home }}/bin" state: directory mode: '0750' -- name: template scripts +- name: Template scripts remote_user: mastodon - template: + ansible.builtin.template: src: "{{ item }}.j2" dest: "{{ mastodon_home }}/bin/{{ item }}" mode: '0750' @@ -46,17 +48,18 @@ - remove_media.sh - remove_preview_cards.sh -- name: install services - template: +- name: Install services + ansible.builtin.template: src: "{{ item }}.j2" dest: "/etc/systemd/system/{{ item }}" + mode: 0644 loop: &mastodon_services - "mastodon-sidekiq.service" - "mastodon-streaming.service" - "mastodon-web.service" -- name: run services - systemd: +- name: Run services + ansible.builtin.systemd: name: "{{ item }}" daemon_reload: true state: started diff --git a/roles/mastodon/tasks/nodejs.yml b/roles/mastodon/tasks/nodejs.yml index 6a5f331..1da1896 100644 --- a/roles/mastodon/tasks/nodejs.yml +++ b/roles/mastodon/tasks/nodejs.yml @@ -1,21 +1,25 @@ --- -- name: get node source gpg url - get_url: +- name: Get node source gpg url + ansible.builtin.get_url: url: "{{ mastodon_nodejs_key_url }}" dest: /tmp/nodesource.gpg.key force: true + mode: 0644 -- name: gpg dearmor key - shell: "gpg --dearmor --yes -o {{ mastodon_nodejs_key_path }} /tmp/nodesource.gpg.key" +- name: Gpg dearmor key + ansible.builtin.command: + cmd: "gpg --dearmor --yes -o {{ mastodon_nodejs_key_path }} /tmp/nodesource.gpg.key" + changed_when: true -- name: node source repo - copy: +- name: Node source repo + ansible.builtin.copy: content: "deb [signed-by={{ mastodon_nodejs_key_path }}] https://deb.nodesource.com/node_16.x {{ ansible_facts['distribution_release'] }} main" dest: /etc/apt/sources.list.d/nodesource.list + mode: 0644 -- name: install nodejs - apt: +- name: Install nodejs + ansible.builtin.apt: name: nodejs state: present update_cache: true diff --git a/roles/mastodon/tasks/rbenv.yml b/roles/mastodon/tasks/rbenv.yml index 20e70c7..609bfcc 100644 --- a/roles/mastodon/tasks/rbenv.yml +++ b/roles/mastodon/tasks/rbenv.yml @@ -1,38 +1,39 @@ --- -- name: git rbenv +- name: Git rbenv remote_user: mastodon - git: + ansible.builtin.git: repo: "https://github.com/rbenv/rbenv.git" dest: "{{ mastodon_home }}/.rbenv" single_branch: true version: master -- name: git ruby-build +- name: Git ruby-build remote_user: mastodon - git: + ansible.builtin.git: repo: https://github.com/rbenv/ruby-build.git dest: "{{ mastodon_home }}/.rbenv/plugins/ruby-build" single_branch: true version: master -- name: append env to mastodon bashrc +- name: Append env to mastodon bashrc remote_user: mastodon - lineinfile: + ansible.builtin.lineinfile: path: "{{ mastodon_home }}/.bashrc" line: "eval \"$({{ mastodon_home }}/.rbenv/bin/rbenv init - bash)\"" -- name: install ruby version +- name: Install ruby version remote_user: mastodon - shell: "bash -lic 'rbenv install {{ mastodon_ruby_version }}'" + ansible.builtin.shell: "bash -lic 'rbenv install {{ mastodon_ruby_version }}'" args: executable: /bin/bash creates: "~/.rbenv/versions/{{ mastodon_ruby_version }}/bin/ruby" environment: RUBY_CONFIGURE_OPTS: "--with-jemalloc" -- name: install bundler for ruby +- name: Install bundler for ruby remote_user: mastodon - shell: "bash -lic 'rbenv global {{ mastodon_ruby_version }} && ruby --version && gem install bundler --no-document'" + ansible.builtin.shell: "bash -lic 'rbenv global {{ mastodon_ruby_version }} && ruby --version && gem install bundler --no-document'" + changed_when: true args: executable: /bin/bash diff --git a/roles/mastodon/tasks/redis.yml b/roles/mastodon/tasks/redis.yml index e9aefd4..551e6c6 100644 --- a/roles/mastodon/tasks/redis.yml +++ b/roles/mastodon/tasks/redis.yml @@ -1,12 +1,12 @@ --- -- name: install redis - apt: +- name: Install redis + ansible.builtin.apt: name: redis state: present update_cache: true -- name: start redis service - service: +- name: Start redis service + ansible.builtin.service: name: redis state: started diff --git a/roles/mastodon/tasks/yarn.yml b/roles/mastodon/tasks/yarn.yml index a1d3d7b..acea614 100644 --- a/roles/mastodon/tasks/yarn.yml +++ b/roles/mastodon/tasks/yarn.yml @@ -1,21 +1,25 @@ --- -- name: get yarn gpg url - get_url: +- name: Get yarn gpg url + ansible.builtin.get_url: url: "{{ mastodon_yarn_key_url }}" dest: /tmp/yarn.gpg.key + mode: 0644 force: true -- name: gpg dearmor key - shell: "gpg --dearmor --yes -o {{ mastodon_yarn_key_path }} /tmp/yarn.gpg.key" +- name: Gpg dearmor key + ansible.builtin.command: + cmd: "gpg --dearmor --yes -o {{ mastodon_yarn_key_path }} /tmp/yarn.gpg.key" + changed_when: true -- name: yarn source repo - copy: +- name: Yarn source repo + ansible.builtin.copy: content: "deb [signed-by={{ mastodon_yarn_key_path }}] https://dl.yarnpkg.com/debian stable main" dest: /etc/apt/sources.list.d/yarn.list + mode: 0644 -- name: install yarn - apt: +- name: Install yarn + ansible.builtin.apt: name: yarn state: present update_cache: true diff --git a/roles/mumble/handlers/main.yml b/roles/mumble/handlers/main.yml index b4484db..6997254 100644 --- a/roles/mumble/handlers/main.yml +++ b/roles/mumble/handlers/main.yml @@ -1,6 +1,6 @@ --- -- name: restart mumble - service: +- name: Restart mumble + ansible.builtin.service: name: mumble-server state: restarted diff --git a/roles/mumble/tasks/main.yml b/roles/mumble/tasks/main.yml index aa46c46..9d67642 100644 --- a/roles/mumble/tasks/main.yml +++ b/roles/mumble/tasks/main.yml @@ -1,13 +1,14 @@ --- -- name: install mumble - package: +- name: Install mumble + ansible.builtin.package: name: mumble-server state: present -- name: configuration files - copy: +- name: Configuration files + ansible.builtin.copy: src: ./files/mumble-server.ini dest: /etc/mumble-server.ini + mode: 0644 notify: - - restart mumble + - Restart mumble diff --git a/roles/munin_client/handlers/main.yml b/roles/munin_client/handlers/main.yml index 6a2d23d..17090d7 100644 --- a/roles/munin_client/handlers/main.yml +++ b/roles/munin_client/handlers/main.yml @@ -1,6 +1,6 @@ --- -- name: restart munin-node - service: +- name: Restart munin-node + ansible.builtin.service: name: munin-node state: restarted diff --git a/roles/munin_client/tasks/hypervisors.yml b/roles/munin_client/tasks/hypervisors.yml index 46f7231..4651a52 100644 --- a/roles/munin_client/tasks/hypervisors.yml +++ b/roles/munin_client/tasks/hypervisors.yml @@ -1,11 +1,15 @@ --- -- name: delete squid plugins - shell: "rm -f /etc/munin/plugins/squid_*" +- name: Delete squid plugins + ansible.builtin.command: + cmd: "rm -f /etc/munin/plugins/squid_*" + changed_when: true notify: - - restart munin-node + - Restart munin-node -- name: delete lxc interfaces plugins - shell: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*" +- name: Delete lxc interfaces plugins + ansible.builtin.command: + cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*" + changed_when: true notify: - - restart munin-node + - Restart munin-node diff --git a/roles/munin_client/tasks/main.yml b/roles/munin_client/tasks/main.yml index eddc2f8..235351e 100644 --- a/roles/munin_client/tasks/main.yml +++ b/roles/munin_client/tasks/main.yml @@ -1,12 +1,14 @@ --- -- set_fact: +- name: Set package fact + ansible.builtin.set_fact: muninpkgs: - muninlite munin_need_reconfigure: false when: ansible_facts['distribution'] == "LEDE" or ansible_facts['distribution'] == "OpenWRT" or ansible_facts['distribution'] == "OpenWrt" -- set_fact: +- name: Set other packages fact + ansible.builtin.set_fact: muninpkgs: - munin-node - munin-plugins-core @@ -14,91 +16,93 @@ munin_need_reconfigure: true when: ansible_facts['distribution'] == "Debian" -- name: install munin node packages - package: +- name: Install munin node packages + ansible.builtin.package: name: "{{ item }}" state: present loop: "{{ muninpkgs }}" -- name: munin-node conf file - template: +- name: Munin-node conf file + ansible.builtin.template: src: munin-node.conf.j2 dest: /etc/munin/munin-node.conf + mode: 0644 notify: - - restart munin-node + - Restart munin-node when: munin_need_reconfigure ## Adding modules for specific functions # for NginX webservers -- name: install LWP::UserAgent - package: +- name: Install LWP::UserAgent + ansible.builtin.package: name: libwww-perl state: present notify: - - restart munin-node + - Restart munin-node when: "'webservers' in group_names or 'loadbalancers' in group_names" # for HAProxy servers -- name: add HAProxy backend module - file: +- name: Add HAProxy backend module + ansible.builtin.file: src: /usr/share/munin/plugins/haproxy_ dest: /etc/munin/plugins/haproxy_current state: link notify: - - restart munin-node + - Restart munin-node when: "'loadbalancers' in group_names" # For MariaDB servers -- name: install Cache::Cache - package: +- name: Install Cache::Cache + ansible.builtin.package: name: libcache-cache-perl state: present notify: - - restart munin-node + - Restart munin-node when: "'mariadbservers' in group_names" # For PGSQL servers -- name: install DBD::Pg - package: +- name: Install DBD::Pg + ansible.builtin.package: name: libdbd-pg-perl state: present notify: - - restart munin-node + - Restart munin-node when: "'pgsqlservers' in group_names" # For Munin servers -- name: execute specific tasks for munin servers - include_tasks: mikrotik.yml +- name: Execute specific tasks for munin servers + ansible.builtin.include_tasks: mikrotik.yml when: "'muninservers' in group_names" # for NUT (UPS) servers -- name: "add specific nut value for UPS" - file: +- name: Add specific nut value for UPS + ansible.builtin.file: path: "/etc/munin/plugins/nutups_eaton3s_{{ item }}" src: /usr/share/munin/plugins/nutups_ state: link notify: - - restart munin-node + - Restart munin-node when: "'nut_server' in group_names" loop: - charge - voltages # for physical servers -- name: execute specific tasks for physical servers - include_tasks: physical_servers.yml +- name: Execute specific tasks for physical servers + ansible.builtin.include_tasks: physical_servers.yml when: "'hypervisors' in group_names" -- name: reconfigure munin-node - shell: +- name: Reconfigure munin-node + ansible.builtin.command: cmd: munin-node-configure --shell | sh + changed_when: true notify: - - restart munin-node + - Restart munin-node when: munin_need_reconfigure ## Useless junks for everyone -- name: delete useless junks for everyone - file: +- name: Delete useless junks for everyone + ansible.builtin.file: path: "/etc/munin/plugins/{{ item }}" state: absent when: munin_need_reconfigure @@ -106,12 +110,12 @@ - users ## Useless junks for LXC -- name: "delete junks from LXC machines" - file: +- name: "Delete junks from LXC machines" + ansible.builtin.file: path: "/etc/munin/plugins/{{ item }}" state: absent notify: - - restart munin-node + - Restart munin-node when: ansible_facts['virtualization_type'] == "lxc" loop: - acpi @@ -121,6 +125,6 @@ - irqstats ## Useless junks for hypervisors -- name: execute delete states for hypervisors - include_tasks: hypervisors.yml +- name: Execute delete states for hypervisors + ansible.builtin.include_tasks: hypervisors.yml when: "'hypervisors' in group_names" diff --git a/roles/munin_client/tasks/mikrotik.yml b/roles/munin_client/tasks/mikrotik.yml index 66ddbe6..62d358c 100644 --- a/roles/munin_client/tasks/mikrotik.yml +++ b/roles/munin_client/tasks/mikrotik.yml @@ -1,21 +1,21 @@ --- -- name: deploy mikrotik unitary scripts - copy: +- name: Deploy mikrotik unitary scripts + ansible.builtin.copy: src: "./files/{{ item.0 }}" dest: "/etc/munin/plugins/{{ item.0 }}{{ item.1.name }}" mode: 0755 - loop: "{{ mikrotik_unitary_scripts|product(mikrotik_hosts)|list }}" + loop: "{{ mikrotik_unitary_scripts | product(mikrotik_hosts) | list }}" notify: - - restart munin-node + - Restart munin-node -- name: deploy mikrotik per iface scripts - copy: +- name: Deploy mikrotik per iface scripts + ansible.builtin.copy: src: "./files/{{ item.1 }}" dest: "/etc/munin/plugins/{{ item.1 }}{{ item.0.0.name }}_{{ item.0.1 }}" mode: 0755 - loop: "{{ mikrotik_hosts|subelements('ifaces')|product(mikrotik_periface_scripts) }}" + loop: "{{ mikrotik_hosts | subelements('ifaces') | product(mikrotik_periface_scripts) }}" loop_control: label: "{{ item.0.1 }}" notify: - - restart munin-node + - Restart munin-node diff --git a/roles/munin_client/tasks/physical_servers.yml b/roles/munin_client/tasks/physical_servers.yml index 24aeee7..b4190fe 100644 --- a/roles/munin_client/tasks/physical_servers.yml +++ b/roles/munin_client/tasks/physical_servers.yml @@ -1,16 +1,16 @@ --- # for physical servers -- name: install necessary packages for hypervisors - package: +- name: Install necessary packages for hypervisors + ansible.builtin.package: name: lm-sensors state: present -- name: configure specific munin plugin - file: +- name: Configure specific munin plugin + ansible.builtin.file: path: "/etc/munin/plugins/sensors_{{ item }}" src: /usr/share/munin/plugins/sensors_ state: link notify: - - restart munin-node + - Restart munin-node loop: - temp diff --git a/roles/munin_server/tasks/main.yml b/roles/munin_server/tasks/main.yml index ba3db94..16d8257 100644 --- a/roles/munin_server/tasks/main.yml +++ b/roles/munin_server/tasks/main.yml @@ -1,11 +1,12 @@ --- -- name: install munin packages - package: +- name: Install munin packages + ansible.builtin.package: name: munin state: present -- name: munin conf file - template: +- name: Munin conf file + ansible.builtin.template: src: munin.conf.j2 dest: /etc/munin/munin.conf + mode: 0644