style: make ansible-lint happier

roles/mariadb/handlers/main.yml

@@ -1,9 +1,10 @@
 ---
 
-- name: restart mariadb
-  service:
+- name: Restart mariadb
+  ansible.builtin.service:
     name: mariadb
     state: restarted
 
-- name: daemon-reload
-  command: systemctl daemon-reload
+- name: Daemon-reload
+  ansible.builtin.systemd:
+    daemon_reload: true

roles/mariadb/tasks/main.yml

@@ -1,67 +1,69 @@
 ---
 
-- name: install mariadb
-  package:
+- name: Install mariadb
+  ansible.builtin.package:
     name: mariadb-server
     state: present
 
-- name: create mysql directory
-  file:
+- name: Create mysql directory
+  ansible.builtin.file:
     path: /srv/mysql
     owner: mysql
     group: mysql
     state: directory
+    mode: 0755
 
-- name: populate mysql directory
-  command: /usr/bin/mysql_install_db --datadir=/srv/mysql
-  args:
+- name: Populate mysql directory
+  ansible.builtin.command:
+    cmd: /usr/bin/mysql_install_db --datadir=/srv/mysql
     creates: /srv/mysql/ibdata1
-  notify: restart mariadb
+  notify: Restart mariadb
 
-- name: replace conffile
-  template:
+- name: Replace conffile
+  ansible.builtin.template:
     src: 50-server.cnf.j2
     dest: /etc/mysql/mariadb.conf.d/50-server.cnf
-  notify: restart mariadb
+    mode: 0644
+  notify: Restart mariadb
 
-- name: debian upgrade file conf
-  template:
+- name: Debian upgrade file conf
+  ansible.builtin.template:
     src: debian.cnf.j2
     dest: /etc/mysql/debian.cnf
     owner: root
     group: root
     mode: '0600'
-  notify: restart mariadb
+  notify: Restart mariadb
 
-- name: force handlers
-  meta: flush_handlers
+- name: Force handlers
+  ansible.builtin.meta: flush_handlers
 
-- name: install python-mysql
-  package:
+- name: Install python-mysql
+  ansible.builtin.package:
     name: python3-pymysql
     state: present
 
-- name: check if .my.cnf file exists
-  stat:
+- name: Check if .my.cnf file exists
+  ansible.builtin.stat:
     path: /root/.my.cnf
   register: dot_my_cnf
 
-- name: root password
-  mysql_user:
+- name: Root password
+  community.mysql.mysql_user:
     login_unix_socket: "/var/run/mysqld/mysqld.sock"
     host: localhost
     name: root
     password: "{{ mariadb_root_pass }}"
-  when: dot_my_cnf.stat.exists == False
+  when: not dot_my_cnf.stat.exists
 
-- name: put .my.cnf file
-  template:
+- name: Put .my.cnf file
+  ansible.builtin.template:
     src: dot.my.cnf.j2
     dest: ~/.my.cnf
     mode: '0600'
 
-- name: root password (follow-up)
-  mysql_user:
+- name: Root password (follow-up)
+  community.mysql.mysql_user:
     login_user: root
     host: "{{ item }}"
     name: root
@@ -71,9 +73,9 @@
     - "127.0.0.1"
     - "::1"
 
-- name: scripted version of mysql_secure_installation
-  shell: "{{ item }}"
-  args:
+- name: Scripted version of mysql_secure_installation
+  ansible.builtin.command:
+    cmd: "{{ item }}"
     creates: ~/mysql_secure_installation
   loop:
     - "mysql -e \"DELETE FROM mysql.user WHERE User='';\""
@@ -84,27 +86,28 @@
     - touch ~/mysql_secure_installation
 
 - name: Create MariaDB service dir
-  file:
+  ansible.builtin.file:
     path: /etc/systemd/system/mariadb.service.d/
     state: directory
     mode: 0755
 
 - name: Create MariaDB service override
-  copy:
+  ansible.builtin.copy:
     src: files/override.conf
     dest: /etc/systemd/system/mariadb.service.d/override.conf
+    mode: 0644
   notify:
-    - restart mariadb
-    - daemon-reload
+    - Restart mariadb
+    - Daemon-reload
 
-- name: install backup script
-  copy:
+- name: Install backup script
+  ansible.builtin.copy:
     src: files/backup_mysql.sh
     dest: /usr/local/bin/backup_mysql.sh
     mode: '0755'
 
-- name: cron backup script
-  cron:
+- name: Cron backup script
+  ansible.builtin.cron:
     name: "MariaDB backup"
     hour: "{{ mariadb_backup_hour }}"
     minute: "{{ mariadb_backup_minute }}"

roles/mastodon/tasks/main.yml

@@ -1,39 +1,41 @@
 ---
 
-- name: install nodejs
-  include_tasks: nodejs.yml
+- name: Install nodejs
+  ansible.builtin.include_tasks: nodejs.yml
 
-- name: install yarn
-  include_tasks: yarn.yml
+- name: Install yarn
+  ansible.builtin.include_tasks: yarn.yml
 
-- name: install redis
-  include_tasks: redis.yml
+- name: Install redis
+  ansible.builtin.include_tasks: redis.yml
 
-- name: mastodon user
-  user:
+- name: Mastodon user
+  ansible.builtin.user:
     name: mastodon
     comment: "John Mastodon"
     password: '!'
     shell: /bin/bash
     home: "{{ mastodon_home }}"
 
-- name: mastodon .ssh dir
-  file:
+- name: Mastodon .ssh dir
+  ansible.builtin.file:
     state: directory
     path: "{{ mastodon_home }}/.ssh"
+    mode: 0755
     owner: mastodon
     group: mastodon
 
-- name: ssh for mastodon user
-  copy:
+- name: Ssh for mastodon user
+  ansible.builtin.copy:
     remote_src: true
     src: /root/.ssh/authorized_keys
     dest: "{{ mastodon_home }}/.ssh/authorized_keys"
+    mode: 0644
     owner: mastodon
     group: mastodon
 
-- name: install prereq
-  apt:
+- name: Install prereq
+  ansible.builtin.apt:
     name: "{{ item }}"
     state: present
   loop:
@@ -64,8 +66,8 @@
     - libicu-dev
     - libjemalloc-dev
 
-- name: install rbenv
-  include_tasks: rbenv.yml
+- name: Install rbenv
+  ansible.builtin.include_tasks: rbenv.yml
 
-- name: install mastodon
-  include_tasks: mastodon.yml
+- name: Install mastodon
+  ansible.builtin.include_tasks: mastodon.yml

roles/mastodon/tasks/mastodon.yml

@@ -1,44 +1,46 @@
 ---
 
-- name: git mastodon
+- name: Git mastodon
   remote_user: mastodon
-  git:
+  ansible.builtin.git:
     repo: "https://github.com/mastodon/mastodon.git"
     dest: "{{ mastodon_home }}/live"
     version: "v{{ mastodon_version }}"
 
-- name: bundle config command
+- name: Bundle config command
   remote_user: mastodon
-  shell: |
-    bash -lic "bundle config deployment 'true' && bundle config without 'development test'"
-  args:
+  ansible.builtin.command:
+    cmd: |
+      bash -lic "bundle config deployment 'true' && bundle config without 'development test'"
     creates: "{{ mastodon_home }}/.bundle/config"
     chdir: "{{ mastodon_home }}/live"
 
-- name: bundle install
+- name: Bundle install
   remote_user: mastodon
-  shell: |
-    bash -lic "bundle install -j$(getconf _NPROCESSORS_ONLN)"
-  args:
+  ansible.builtin.command:
+    cmd: |
+      bash -lic "bundle install -j$(getconf _NPROCESSORS_ONLN)"
     chdir: "{{ mastodon_home }}/live"
+  changed_when: true
 
-- name: yarn install
+- name: Yarn install
   remote_user: mastodon
-  shell: |
-    bash -lic "yarn install --pure-lockfile"
-  args:
+  ansible.builtin.command:
+    cmd: |
+      bash -lic "yarn install --pure-lockfile"
     chdir: "{{ mastodon_home }}/live"
+  changed_when: true
 
-- name: create bin dir
+- name: Create bin dir
   remote_user: mastodon
-  file:
+  ansible.builtin.file:
     path: "{{ mastodon_home }}/bin"
     state: directory
     mode: '0750'
 
-- name: template scripts
+- name: Template scripts
   remote_user: mastodon
-  template:
+  ansible.builtin.template:
     src: "{{ item }}.j2"
     dest: "{{ mastodon_home }}/bin/{{ item }}"
     mode: '0750'
@@ -46,17 +48,18 @@
     - remove_media.sh
     - remove_preview_cards.sh
 
-- name: install services
-  template:
+- name: Install services
+  ansible.builtin.template:
     src: "{{ item }}.j2"
     dest: "/etc/systemd/system/{{ item }}"
+    mode: 0644
   loop: &mastodon_services
     - "mastodon-sidekiq.service"
     - "mastodon-streaming.service"
     - "mastodon-web.service"
 
-- name: run services
-  systemd:
+- name: Run services
+  ansible.builtin.systemd:
     name: "{{ item }}"
     daemon_reload: true
     state: started

roles/mastodon/tasks/nodejs.yml

@@ -1,21 +1,25 @@
 ---
 
-- name: get node source gpg url
-  get_url:
+- name: Get node source gpg url
+  ansible.builtin.get_url:
     url: "{{ mastodon_nodejs_key_url }}"
     dest: /tmp/nodesource.gpg.key
     force: true
+    mode: 0644
 
-- name: gpg dearmor key
-  shell: "gpg --dearmor --yes -o {{ mastodon_nodejs_key_path }} /tmp/nodesource.gpg.key"
+- name: Gpg dearmor key
+  ansible.builtin.command:
+    cmd: "gpg --dearmor --yes -o {{ mastodon_nodejs_key_path }} /tmp/nodesource.gpg.key"
+  changed_when: true
 
-- name: node source repo
-  copy:
+- name: Node source repo
+  ansible.builtin.copy:
     content: "deb [signed-by={{ mastodon_nodejs_key_path }}] https://deb.nodesource.com/node_16.x {{ ansible_facts['distribution_release'] }} main"
     dest: /etc/apt/sources.list.d/nodesource.list
+    mode: 0644
 
-- name: install nodejs
-  apt:
+- name: Install nodejs
+  ansible.builtin.apt:
     name: nodejs
     state: present
     update_cache: true

roles/mastodon/tasks/rbenv.yml

@@ -1,38 +1,39 @@
 ---
 
-- name: git rbenv
+- name: Git rbenv
   remote_user: mastodon
-  git:
+  ansible.builtin.git:
     repo: "https://github.com/rbenv/rbenv.git"
     dest: "{{ mastodon_home }}/.rbenv"
     single_branch: true
     version: master
 
-- name: git ruby-build
+- name: Git ruby-build
   remote_user: mastodon
-  git:
+  ansible.builtin.git:
     repo: https://github.com/rbenv/ruby-build.git
     dest: "{{ mastodon_home }}/.rbenv/plugins/ruby-build"
     single_branch: true
     version: master
 
-- name: append env to mastodon bashrc
+- name: Append env to mastodon bashrc
   remote_user: mastodon
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ mastodon_home }}/.bashrc"
     line: "eval \"$({{ mastodon_home }}/.rbenv/bin/rbenv init - bash)\""
 
-- name: install ruby version
+- name: Install ruby version
   remote_user: mastodon
-  shell: "bash -lic 'rbenv install {{ mastodon_ruby_version }}'"
+  ansible.builtin.shell: "bash -lic 'rbenv install {{ mastodon_ruby_version }}'"
   args:
     executable: /bin/bash
     creates: "~/.rbenv/versions/{{ mastodon_ruby_version }}/bin/ruby"
   environment:
     RUBY_CONFIGURE_OPTS: "--with-jemalloc"
 
-- name: install bundler for ruby
+- name: Install bundler for ruby
   remote_user: mastodon
-  shell: "bash -lic 'rbenv global {{ mastodon_ruby_version }} && ruby --version && gem install bundler --no-document'"
+  ansible.builtin.shell: "bash -lic 'rbenv global {{ mastodon_ruby_version }} && ruby --version && gem install bundler --no-document'"
+  changed_when: true
   args:
     executable: /bin/bash

roles/mastodon/tasks/redis.yml

@@ -1,12 +1,12 @@
 ---
 
-- name: install redis
-  apt:
+- name: Install redis
+  ansible.builtin.apt:
     name: redis
     state: present
     update_cache: true
 
-- name: start redis service
-  service:
+- name: Start redis service
+  ansible.builtin.service:
     name: redis
     state: started

roles/mastodon/tasks/yarn.yml

@@ -1,21 +1,25 @@
 ---
 
-- name: get yarn gpg url
-  get_url:
+- name: Get yarn gpg url
+  ansible.builtin.get_url:
     url: "{{ mastodon_yarn_key_url }}"
     dest: /tmp/yarn.gpg.key
+    mode: 0644
     force: true
 
-- name: gpg dearmor key
-  shell: "gpg --dearmor --yes -o {{ mastodon_yarn_key_path }} /tmp/yarn.gpg.key"
+- name: Gpg dearmor key
+  ansible.builtin.command:
+    cmd: "gpg --dearmor --yes -o {{ mastodon_yarn_key_path }} /tmp/yarn.gpg.key"
+  changed_when: true
 
-- name: yarn source repo
-  copy:
+- name: Yarn source repo
+  ansible.builtin.copy:
     content: "deb [signed-by={{ mastodon_yarn_key_path }}] https://dl.yarnpkg.com/debian stable main"
     dest: /etc/apt/sources.list.d/yarn.list
+    mode: 0644
 
-- name: install yarn
-  apt:
+- name: Install yarn
+  ansible.builtin.apt:
     name: yarn
     state: present
     update_cache: true

roles/mumble/handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 
-- name: restart mumble
-  service:
+- name: Restart mumble
+  ansible.builtin.service:
       name: mumble-server
       state: restarted

roles/mumble/tasks/main.yml

@@ -1,13 +1,14 @@
 ---
 
-- name: install mumble
-  package:
+- name: Install mumble
+  ansible.builtin.package:
     name: mumble-server
     state: present
 
-- name: configuration files
-  copy:
+- name: Configuration files
+  ansible.builtin.copy:
     src: ./files/mumble-server.ini
     dest: /etc/mumble-server.ini
+    mode: 0644
   notify:
-    - restart mumble
+    - Restart mumble

roles/munin_client/handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 
-- name: restart munin-node
-  service:
+- name: Restart munin-node
+  ansible.builtin.service:
     name: munin-node
     state: restarted

roles/munin_client/tasks/hypervisors.yml

@@ -1,11 +1,15 @@
 ---
 
-- name: delete squid plugins
-  shell: "rm -f /etc/munin/plugins/squid_*"
+- name: Delete squid plugins
+  ansible.builtin.command:
+    cmd: "rm -f /etc/munin/plugins/squid_*"
+  changed_when: true
   notify:
-    - restart munin-node
+    - Restart munin-node
 
-- name: delete lxc interfaces plugins
-  shell: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*"
+- name: Delete lxc interfaces plugins
+  ansible.builtin.command:
+    cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*"
+  changed_when: true
   notify:
-    - restart munin-node
+    - Restart munin-node

roles/munin_client/tasks/main.yml

@@ -1,12 +1,14 @@
 ---
 
-- set_fact:
+- name: Set package fact
+  ansible.builtin.set_fact:
     muninpkgs:
       - muninlite
     munin_need_reconfigure: false
   when: ansible_facts['distribution'] == "LEDE" or ansible_facts['distribution'] == "OpenWRT" or ansible_facts['distribution'] == "OpenWrt"
 
-- set_fact:
+- name: Set other packages fact
+  ansible.builtin.set_fact:
     muninpkgs:
       - munin-node
       - munin-plugins-core
@@ -14,91 +16,93 @@
     munin_need_reconfigure: true
   when: ansible_facts['distribution'] == "Debian"
 
-- name: install munin node packages
-  package:
+- name: Install munin node packages
+  ansible.builtin.package:
     name: "{{ item }}"
     state: present
   loop: "{{ muninpkgs }}"
 
-- name: munin-node conf file
-  template:
+- name: Munin-node conf file
+  ansible.builtin.template:
     src: munin-node.conf.j2
     dest: /etc/munin/munin-node.conf
+    mode: 0644
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: munin_need_reconfigure
 
 ## Adding modules for specific functions
 # for NginX webservers
-- name: install LWP::UserAgent
-  package:
+- name: Install LWP::UserAgent
+  ansible.builtin.package:
     name: libwww-perl
     state: present
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: "'webservers' in group_names or 'loadbalancers' in group_names"
 
 # for HAProxy servers
-- name: add HAProxy backend module
-  file:
+- name: Add HAProxy backend module
+  ansible.builtin.file:
     src: /usr/share/munin/plugins/haproxy_
     dest: /etc/munin/plugins/haproxy_current
     state: link
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: "'loadbalancers' in group_names"
 
 # For MariaDB servers
-- name: install Cache::Cache
-  package:
+- name: Install Cache::Cache
+  ansible.builtin.package:
     name: libcache-cache-perl
     state: present
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: "'mariadbservers' in group_names"
 
 # For PGSQL servers
-- name: install DBD::Pg
-  package:
+- name: Install DBD::Pg
+  ansible.builtin.package:
     name: libdbd-pg-perl
     state: present
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: "'pgsqlservers' in group_names"
 
 # For Munin servers
-- name: execute specific tasks for munin servers
-  include_tasks: mikrotik.yml
+- name: Execute specific tasks for munin servers
+  ansible.builtin.include_tasks: mikrotik.yml
   when: "'muninservers' in group_names"
 
 # for NUT (UPS) servers
-- name: "add specific nut value for UPS"
-  file:
+- name: Add specific nut value for UPS
+  ansible.builtin.file:
     path: "/etc/munin/plugins/nutups_eaton3s_{{ item }}"
     src: /usr/share/munin/plugins/nutups_
     state: link
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: "'nut_server' in group_names"
   loop:
     - charge
     - voltages
 
 # for physical servers
-- name: execute specific tasks for physical servers
-  include_tasks: physical_servers.yml
+- name: Execute specific tasks for physical servers
+  ansible.builtin.include_tasks: physical_servers.yml
   when: "'hypervisors' in group_names"
 
-- name: reconfigure munin-node
-  shell:
+- name: Reconfigure munin-node
+  ansible.builtin.command:
     cmd: munin-node-configure --shell | sh
+  changed_when: true
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: munin_need_reconfigure
 
 ## Useless junks for everyone
-- name: delete useless junks for everyone
-  file:
+- name: Delete useless junks for everyone
+  ansible.builtin.file:
     path: "/etc/munin/plugins/{{ item }}"
     state: absent
   when: munin_need_reconfigure
@@ -106,12 +110,12 @@
     - users
 
 ## Useless junks for LXC
-- name: "delete junks from LXC machines"
-  file:
+- name: "Delete junks from LXC machines"
+  ansible.builtin.file:
     path: "/etc/munin/plugins/{{ item }}"
     state: absent
   notify:
-    - restart munin-node
+    - Restart munin-node
   when: ansible_facts['virtualization_type'] == "lxc"
   loop:
     - acpi
@@ -121,6 +125,6 @@
     - irqstats
 
 ## Useless junks for hypervisors
-- name: execute delete states for hypervisors
-  include_tasks: hypervisors.yml
+- name: Execute delete states for hypervisors
+  ansible.builtin.include_tasks: hypervisors.yml
   when: "'hypervisors' in group_names"

roles/munin_client/tasks/mikrotik.yml

@@ -1,21 +1,21 @@
 ---
 
-- name: deploy mikrotik unitary scripts
-  copy:
+- name: Deploy mikrotik unitary scripts
+  ansible.builtin.copy:
     src: "./files/{{ item.0 }}"
     dest: "/etc/munin/plugins/{{ item.0 }}{{ item.1.name }}"
     mode: 0755
-  loop: "{{ mikrotik_unitary_scripts|product(mikrotik_hosts)|list }}"
+  loop: "{{ mikrotik_unitary_scripts | product(mikrotik_hosts) | list }}"
   notify:
-    - restart munin-node
+    - Restart munin-node
 
-- name: deploy mikrotik per iface scripts
-  copy:
+- name: Deploy mikrotik per iface scripts
+  ansible.builtin.copy:
     src: "./files/{{ item.1 }}"
     dest: "/etc/munin/plugins/{{ item.1 }}{{ item.0.0.name }}_{{ item.0.1 }}"
     mode: 0755
-  loop: "{{ mikrotik_hosts|subelements('ifaces')|product(mikrotik_periface_scripts) }}"
+  loop: "{{ mikrotik_hosts | subelements('ifaces') | product(mikrotik_periface_scripts) }}"
   loop_control:
     label: "{{ item.0.1 }}"
   notify:
-    - restart munin-node
+    - Restart munin-node

roles/munin_client/tasks/physical_servers.yml

@@ -1,16 +1,16 @@
 ---
 # for physical servers
-- name: install necessary packages for hypervisors
-  package:
+- name: Install necessary packages for hypervisors
+  ansible.builtin.package:
     name: lm-sensors
     state: present
 
-- name: configure specific munin plugin
-  file:
+- name: Configure specific munin plugin
+  ansible.builtin.file:
     path: "/etc/munin/plugins/sensors_{{ item }}"
     src: /usr/share/munin/plugins/sensors_
     state: link
   notify:
-    - restart munin-node
+    - Restart munin-node
   loop:
     - temp

roles/munin_server/tasks/main.yml

@@ -1,11 +1,12 @@
 ---
 
-- name: install munin packages
-  package:
+- name: Install munin packages
+  ansible.builtin.package:
     name: munin
     state: present
 
-- name: munin conf file
-  template:
+- name: Munin conf file
+  ansible.builtin.template:
     src: munin.conf.j2
     dest: /etc/munin/munin.conf
+    mode: 0644