diff --git a/Makefile b/Makefile index 5044259..34c9f5e 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,10 @@ verify: ansible-playbook playbooks/verify-homelab.yml venv: - source ./venv/bin/activate + # activate venv if it exists + if [ -d "./venv" ]; then \ + source venv/bin/activate; \ + fi deps: venv pip install --upgrade pip diff --git a/group_vars/docker.yml b/group_vars/docker.yml index 7904b7d..0572809 100644 --- a/group_vars/docker.yml +++ b/group_vars/docker.yml @@ -1,7 +1,6 @@ ---- pip_install_packages: - - name: docker +- name: docker docker_users: - - cianhatton - - ansible +- cianhatton +- ansible diff --git a/group_vars/linodes.yml b/group_vars/linodes.yml index f48ada5..64eb34d 100644 --- a/group_vars/linodes.yml +++ b/group_vars/linodes.yml @@ -2,17 +2,17 @@ vault_file: vault_vars/linode-vault.yml # any linode specific variables go here services: - - name: gitea - - name: mealie - - name: linkding - - name: overseerr - - name: nextcloud - - name: nginx-proxy-manager - - name: uptime-kuma - - name: mariadb - - name: photoprism - - name: olivetin +- name: gitea +- name: mealie +- name: linkding +- name: overseerr +- name: nextcloud +- name: nginx-proxy-manager +- name: uptime-kuma +- name: mariadb +- name: photoprism +- name: olivetin # any additional docker networks that should be created docker_networks: - - mariadb_net +- mariadb_net diff --git a/group_vars/servers.yml b/group_vars/servers.yml index 68d9ba2..f59a854 100644 --- a/group_vars/servers.yml +++ b/group_vars/servers.yml @@ -8,9 +8,9 @@ homelab_user: &main_user cianhatton samba_group: smbgroup samba_user: smbuser users: - - name: *main_user - group: *main_user - passwordless_sudo: true +- name: *main_user + group: *main_user + passwordless_sudo: true directories: # path on qnap where downloads go @@ -31,9 +31,9 @@ directories: documents_dir: /mnt/mergerfs/documents desired_docker_images: - - ubuntu:latest +- ubuntu:latest portainer_endpoint: -1 -portainer_base_url: "http://qnap:9000" +portainer_base_url: http://qnap:9000 external_docker_networks: [] portainer_required_files: [] diff --git a/host_vars/qnap.yml b/host_vars/qnap.yml index f80497e..5371e09 100644 --- a/host_vars/qnap.yml +++ b/host_vars/qnap.yml @@ -2,121 +2,121 @@ vault_file: vault_vars/qnap-vault.yml # any qnap specific variables go here mounts: - - path: /mnt/mergerfs - state: mounted - branches: - - /mnt/data/device0 - - /mnt/data/device1 - - /mnt/data/device2 - options: allow_other,use_ino +- path: /mnt/mergerfs + state: mounted + branches: + - /mnt/data/device0 + - /mnt/data/device1 + - /mnt/data/device2 + options: allow_other,use_ino # these directories will be backed up to s3. backup_directories: - - path: /mnt/mergerfs/photoprism/originals - s3_name: photoprism_photos - - path: /mnt/mergerfs/photoprism/import - s3_name: photoprism_import - - path: /mnt/mergerfs/photoprism/storage - s3_name: photoprism_storage - - path: /mnt/mergerfs/documents/media/documents/originals - s3_name: paperless-docs +- path: /mnt/mergerfs/photoprism/originals + s3_name: photoprism_photos +- path: /mnt/mergerfs/photoprism/import + s3_name: photoprism_import +- path: /mnt/mergerfs/photoprism/storage + s3_name: photoprism_storage +- path: /mnt/mergerfs/documents/media/documents/originals + s3_name: paperless-docs -cron_hour: "5" -docker_backup_host_backup_directory: "/tmp" +cron_hour: '5' +docker_backup_host_backup_directory: /tmp devices: - - uuid: a54c1bde-1400-4975-bf24-08c603ca3a11 # /dev/sdc1 - path: /mnt/data/device0 - - uuid: 727dddaa-f7a1-439a-995f-5f4d35322e08 # /dev/sdd1 - path: /mnt/data/device1 - - uuid: f3cff115-9adc-4761-b1e9-e81055f3e0af # /dev/sda1 - path: /mnt/data/device2 +- uuid: a54c1bde-1400-4975-bf24-08c603ca3a11 # /dev/sdc1 + path: /mnt/data/device0 +- uuid: 727dddaa-f7a1-439a-995f-5f4d35322e08 # /dev/sdd1 + path: /mnt/data/device1 +- uuid: f3cff115-9adc-4761-b1e9-e81055f3e0af # /dev/sda1 + path: /mnt/data/device2 # SSD for downloads / transcoding - - uuid: c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec # /dev/sdf - path: /mnt/ssd0/ +- uuid: c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec # /dev/sdf + path: /mnt/ssd0/ # docker networks to be created before portainer stacks are created. external_docker_networks: - - mariadb_net +- mariadb_net ansible_pull_path: /home/{{ homelab_user }}/.local/bin/ansible-pull portainer_required_files: - - source_file: dashboards/dashy-config.yml - dest_file_name: dashy-config.yml - dest_directory: /etc/config/dashy - handler: restart-dashy - - source_file: olivetin/config.yml - dest_file_name: config.yml - dest_directory: /etc/config/OliveTin - handler: restart-olivetin +- source_file: dashboards/dashy-config.yml + dest_file_name: dashy-config.yml + dest_directory: /etc/config/dashy + handler: restart-dashy +- source_file: olivetin/config.yml + dest_file_name: config.yml + dest_directory: /etc/config/OliveTin + handler: restart-olivetin portainer_required_templates: - - source_file: diun-config.j2 - dest_file_name: diun-config.yml - dest_directory: /etc/config/diun - handler: restart-diun +- source_file: diun-config.j2 + dest_file_name: diun-config.yml + dest_directory: /etc/config/diun + handler: restart-diun portainer_endpoint: 2 services: - - name: vpn-stack - template_vars: - vpn: protonwire # protonwire or surfshark - qbittorrent: - enabled: true - image: lscr.io/linuxserver/qbittorrent - tag: 4.5.3 - radarr: - enabled: true - image: lscr.io/linuxserver/radarr - tag: 4.5.2 - sonarr: - enabled: true - image: lscr.io/linuxserver/sonarr - tag: 3.0.10 - jackett: - enabled: true - image: lscr.io/linuxserver/jackett - tag: 0.21.235 - - name: gitea - template_vars: - image: gitea/gitea - tag: 1.19.0 - - name: mealie - - name: overseerr - - name: nextcloud - template_vars: - default_network: mariadb_net - image: nextcloud - tag: 27.0 - - name: dashboards - template_vars: - dashy: true - dashdot: true - glances: true - - name: nginx-proxy-manager - - name: plex - template_vars: - plex_image: lscr.io/linuxserver/plex - plex_tag: 1.32.4 - - name: uptime-kuma - - name: mariadb - template_vars: - image: mariadb - tag: 10.8.3 - default_network: mariadb_net - - name: photoprism - template_vars: - default_network: mariadb_net - image: photoprism/photoprism - tag: 230615 - - name: olivetin - - name: pihole - - name: paperless - - name: gotify - - name: diun - - name: ghost +- name: vpn-stack + template_vars: + vpn: protonwire # protonwire or surfshark + qbittorrent: + enabled: true + image: lscr.io/linuxserver/qbittorrent + tag: 4.5.3 + radarr: + enabled: true + image: lscr.io/linuxserver/radarr + tag: 4.5.2 + sonarr: + enabled: true + image: lscr.io/linuxserver/sonarr + tag: 3.0.10 + jackett: + enabled: true + image: lscr.io/linuxserver/jackett + tag: 0.21.235 +- name: gitea + template_vars: + image: gitea/gitea + tag: 1.19.0 +- name: mealie +- name: overseerr +- name: nextcloud + template_vars: + default_network: mariadb_net + image: nextcloud + tag: 27.0 +- name: dashboards + template_vars: + dashy: true + dashdot: true + glances: true +- name: nginx-proxy-manager +- name: plex + template_vars: + plex_image: lscr.io/linuxserver/plex + plex_tag: 1.32.4 +- name: uptime-kuma +- name: mariadb + template_vars: + image: mariadb + tag: 10.8.3 + default_network: mariadb_net +- name: photoprism + template_vars: + default_network: mariadb_net + image: photoprism/photoprism + tag: 230615 +- name: olivetin +- name: pihole +- name: paperless +- name: gotify +- name: diun +- name: ghost # - name: minio # template_vars: # image: minio/minio diff --git a/host_vars/snunmu.yml b/host_vars/snunmu.yml index a4e714c..4b9cec8 100644 --- a/host_vars/snunmu.yml +++ b/host_vars/snunmu.yml @@ -1,33 +1,32 @@ ---- vault_file: vault_vars/qnap-vault.yml portainer_required_templates: - - source_file: diun-config.j2 - dest_file_name: diun-config.yml - dest_directory: /etc/config/diun - handler: restart-diun +- source_file: diun-config.j2 + dest_file_name: diun-config.yml + dest_directory: /etc/config/diun + handler: restart-diun portainer_endpoint: 23 services: - - name: linkding - - name: pihole - - name: hasteypaste - - name: dashboards - template_vars: - dashy: false - dashdot: true - glances: true - - name: diun +- name: linkding +- name: pihole +- name: hasteypaste +- name: dashboards + template_vars: + dashy: false + dashdot: true + glances: true +- name: diun ansible_pull_path: /usr/local/bin/ansible-pull backup_directories: [] -cron_hour: "4" +cron_hour: '4' # docker options docker_daemon_options: hosts: - - "tcp://0.0.0.0:2375" - - "unix:///var/run/docker.sock" + - tcp://0.0.0.0:2375 + - unix:///var/run/docker.sock -docker_backup_host_backup_directory: "/tmp" +docker_backup_host_backup_directory: /tmp diff --git a/playbooks/backup-directories.yml b/playbooks/backup-directories.yml index 45b7977..649f6bd 100644 --- a/playbooks/backup-directories.yml +++ b/playbooks/backup-directories.yml @@ -1,17 +1,16 @@ ---- - name: Backup Directories. hosts: servers become: true pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: '../{{ vault_file }}' - tags: [always] + - name: Include vault variables. + ansible.builtin.include_vars: ../{{ vault_file }} + tags: [always] tasks: - - name: Backup Directories. - ansible.builtin.include_role: - name: backup_directory - with_items: "{{ backup_directories }}" - loop_control: - loop_var: backup + - name: Backup Directories. + ansible.builtin.include_role: + name: backup_directory + with_items: '{{ backup_directories }}' + loop_control: + loop_var: backup diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml index b36a63d..817e528 100644 --- a/playbooks/bootstrap.yml +++ b/playbooks/bootstrap.yml @@ -7,14 +7,14 @@ hosts: localhost connection: local tasks: - - name: Generate an OpenSSH rsa keypair for ansible - community.crypto.openssh_keypair: - path: ~/.ssh/ansible - passphrase: '' + - name: Generate an OpenSSH rsa keypair for ansible + community.crypto.openssh_keypair: + path: ~/.ssh/ansible + passphrase: '' - name: Bootstrap Ansible hosts. hosts: all become: true become_method: su roles: - - role: bootstrap + - role: bootstrap diff --git a/playbooks/restore-docker-volumes.yml b/playbooks/restore-docker-volumes.yml index 3b4adc4..155d6e5 100644 --- a/playbooks/restore-docker-volumes.yml +++ b/playbooks/restore-docker-volumes.yml @@ -1,20 +1,19 @@ ---- - name: Restore a docker volume. hosts: servers become: true pre_tasks: - name: Include vault variables. - ansible.builtin.include_vars: '../{{ vault_file }}' + ansible.builtin.include_vars: ../{{ vault_file }} tags: [always] vars: - volume_name: "" - s3_key: "" + volume_name: '' + s3_key: '' roles: - - role: chatton.docker_backup.docker_s3_volume_restore - vars: - docker_backup_restore_force: true - docker_backup_restore_latest_s3_key: "{{ volume_name != '' | bool }}" - docker_backup_fail_on_no_s3_backups: true - docker_backup_s3_volume: - name: "{{ volume_name }}" - s3_key: "{{ s3_key }}" + - role: chatton.docker_backup.docker_s3_volume_restore + vars: + docker_backup_restore_force: true + docker_backup_restore_latest_s3_key: "{{ volume_name != '' | bool }}" + docker_backup_fail_on_no_s3_backups: true + docker_backup_s3_volume: + name: '{{ volume_name }}' + s3_key: '{{ s3_key }}' diff --git a/playbooks/setup-homelab.yml b/playbooks/setup-homelab.yml index c788421..66669b6 100644 --- a/playbooks/setup-homelab.yml +++ b/playbooks/setup-homelab.yml @@ -1,58 +1,57 @@ ---- - name: Update packages and ensure users on all hosts. hosts: all become: true pre_tasks: - - name: Update Packages - ansible.builtin.apt: - upgrade: dist - update_cache: true + - name: Update Packages + ansible.builtin.apt: + upgrade: dist + update_cache: true roles: - - role: setup_users + - role: setup_users - name: Configure mergerfs pools. hosts: mergerfs become: true roles: - - role: setup_mergerfs - tags: [mergerfs] + - role: setup_mergerfs + tags: [mergerfs] - name: Configure samba shares. hosts: all become: true roles: - - role: geerlingguy.samba - tags: [samba] + - role: geerlingguy.samba + tags: [samba] - name: Install Docker on Docker hosts. hosts: docker become: true roles: - - geerlingguy.pip - - geerlingguy.docker + - geerlingguy.pip + - geerlingguy.docker - name: Install Portainer on Portainer hosts. hosts: portainer become: true pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: '../{{ vault_file }}' - tags: [always] + - name: Include vault variables. + ansible.builtin.include_vars: ../{{ vault_file }} + tags: [always] roles: - - role: setup_portainer - tags: [services, portainer] - vars: - portainer_version: "2.18.3" + - role: setup_portainer + tags: [services, portainer] + vars: + portainer_version: 2.18.3 - name: Setup and deploy services. hosts: servers become: true pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: '../{{ vault_file }}' - tags: [always] + - name: Include vault variables. + ansible.builtin.include_vars: ../{{ vault_file }} + tags: [always] roles: - - role: setup_hosted_services - tags: [services] + - role: setup_hosted_services + tags: [services] diff --git a/playbooks/setup-linode.yml b/playbooks/setup-linode.yml index 11d8760..3522bc6 100644 --- a/playbooks/setup-linode.yml +++ b/playbooks/setup-linode.yml @@ -1,8 +1,7 @@ ---- - name: Setup linode instance. hosts: localhost become: true roles: - - role: roles/setup_linode - vars: - state: present + - role: roles/setup_linode + vars: + state: present diff --git a/playbooks/verify-homelab.yml b/playbooks/verify-homelab.yml index 0cafda7..aeb8fc1 100644 --- a/playbooks/verify-homelab.yml +++ b/playbooks/verify-homelab.yml @@ -1,48 +1,49 @@ ---- - name: Verify HomeLab has been correctly set up. hosts: all become: true pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: ../{{ vault_file }} - tags: - - always + - name: Include vault variables. + ansible.builtin.include_vars: ../{{ vault_file }} + tags: + - always tasks: - - name: Docker Compose Files Exist - ansible.builtin.command: stat {{ directories.docker_compose_directory }}/{{ item.name }}/docker-compose.yml - with_items: '{{ services }}' - changed_when: false - register: docker_compose_stat + - name: Docker Compose Files Exist + ansible.builtin.command: stat {{ directories.docker_compose_directory }}/{{ item.name + }}/docker-compose.yml + with_items: '{{ services }}' + changed_when: false + register: docker_compose_stat - - name: Assert all Docker Compose files were created - ansible.builtin.assert: - that: item.rc == 0 - with_items: '{{ docker_compose_stat.results }}' + - name: Assert all Docker Compose files were created + ansible.builtin.assert: + that: item.rc == 0 + with_items: '{{ docker_compose_stat.results }}' - - name: Populate service facts - ansible.builtin.service_facts: {} + - name: Populate service facts + ansible.builtin.service_facts: {} - - name: Assert docker is installed and started - ansible.builtin.assert: - that: - - ansible_facts.services.docker.state == "running" - - ansible_facts.services['docker.service'].status == "enabled" - - name: Inspect all images - docker_image_info: {} - register: image_details - - name: Assert desired images exist - ansible.builtin.assert: - that: "{{ item in image_details.images | map(attribute='RepoTags') | flatten }}" - with_items: '{{ desired_docker_images }}' + - name: Assert docker is installed and started + ansible.builtin.assert: + that: + - ansible_facts.services.docker.state == "running" + - ansible_facts.services['docker.service'].status == "enabled" + - name: Inspect all images + docker_image_info: {} + register: image_details + - name: Assert desired images exist + ansible.builtin.assert: + that: "{{ item in image_details.images | map(attribute='RepoTags') | flatten\ + \ }}" + with_items: '{{ desired_docker_images }}' - - name: Fetch Sudoers Files - ansible.builtin.command: stat /etc/sudoers.d/{{ item.name }} - changed_when: false - register: sudoers_stat - with_items: '{{ users }}' - when: item.passwordless_sudo + - name: Fetch Sudoers Files + ansible.builtin.command: stat /etc/sudoers.d/{{ item.name }} + changed_when: false + register: sudoers_stat + with_items: '{{ users }}' + when: item.passwordless_sudo - - name: Assert sudoers files are created - ansible.builtin.assert: - that: item.rc == 0 - with_items: '{{ sudoers_stat.results }}' + - name: Assert sudoers files are created + ansible.builtin.assert: + that: item.rc == 0 + with_items: '{{ sudoers_stat.results }}' diff --git a/roles/backup_directory/meta/main.yml b/roles/backup_directory/meta/main.yml index c95a36e..c6b27fb 100644 --- a/roles/backup_directory/meta/main.yml +++ b/roles/backup_directory/meta/main.yml @@ -1,13 +1,12 @@ ---- galaxy_info: author: Cian Hatton namespace: chatton description: Backup directories license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' galaxy_tags: [] platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all dependencies: [] diff --git a/roles/backup_directory/tasks/main.yml b/roles/backup_directory/tasks/main.yml index 5f7d540..1d4e8eb 100644 --- a/roles/backup_directory/tasks/main.yml +++ b/roles/backup_directory/tasks/main.yml @@ -1,24 +1,23 @@ ---- - name: Determine backup timestamp. ansible.builtin.set_fact: backup_time="{{ ansible_date_time.iso8601 }}" - name: Compress Directory community.general.archive: - path: "{{ backup.path }}" + path: '{{ backup.path }}' dest: /tmp/backup.tar.gz - mode: "0755" + mode: '0755' - name: Upload backups to S3 amazon.aws.aws_s3: - s3_url: "{{ docker_backup_aws_s3_url }}" - bucket: "{{ docker_backup_aws_s3_bucket }}" - object: "{{ backup.s3_name }}-{{ backup_time }}.tar.gz" + s3_url: '{{ docker_backup_aws_s3_url }}' + bucket: '{{ docker_backup_aws_s3_bucket }}' + object: '{{ backup.s3_name }}-{{ backup_time }}.tar.gz' src: /tmp/backup.tar.gz - aws_access_key: "{{ docker_backup_aws_s3_aws_access_key }}" - aws_secret_key: "{{ docker_backup_aws_s3_aws_secret_key }}" - region: "{{ docker_backup_aws_s3_region }}" + aws_access_key: '{{ docker_backup_aws_s3_aws_access_key }}' + aws_secret_key: '{{ docker_backup_aws_s3_aws_secret_key }}' + region: '{{ docker_backup_aws_s3_region }}' mode: put - permission: "{{ docker_backup_aws_s3_permissions }}" + permission: '{{ docker_backup_aws_s3_permissions }}' - name: Remove local backup. ansible.builtin.file: diff --git a/roles/bootstrap/meta/main.yml b/roles/bootstrap/meta/main.yml index 2d1cdf6..0969425 100644 --- a/roles/bootstrap/meta/main.yml +++ b/roles/bootstrap/meta/main.yml @@ -3,10 +3,10 @@ galaxy_info: namespace: chatton description: Bootstrap ansible license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' galaxy_tags: [] platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all dependencies: [] diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml index 48ce1da..cb0314d 100644 --- a/roles/bootstrap/tasks/main.yml +++ b/roles/bootstrap/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: Add sources list ansible.builtin.copy: src: sources_list @@ -27,10 +26,10 @@ - name: Add sudoers files ansible.builtin.template: src: sudoer_file - dest: "/etc/sudoers.d/{{ item }}" + dest: /etc/sudoers.d/{{ item }} owner: root group: root mode: 0440 with_items: - - ansible - - cianhatton + - ansible + - cianhatton diff --git a/roles/deploy_portainer_stack/defaults/main.yml b/roles/deploy_portainer_stack/defaults/main.yml index cc8377b..0393990 100644 --- a/roles/deploy_portainer_stack/defaults/main.yml +++ b/roles/deploy_portainer_stack/defaults/main.yml @@ -1,7 +1,6 @@ ---- # defaults file for chatton.deploy_portainer_stack -portainer_stack_name: "" +portainer_stack_name: '' # required directories for this stack portainer_stack_directories: [] diff --git a/roles/deploy_portainer_stack/meta/main.yml b/roles/deploy_portainer_stack/meta/main.yml index 616666d..6555f99 100644 --- a/roles/deploy_portainer_stack/meta/main.yml +++ b/roles/deploy_portainer_stack/meta/main.yml @@ -3,10 +3,10 @@ galaxy_info: namespace: chatton description: Deploy a single portainer stack. license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' galaxy_tags: [] platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all dependencies: [] diff --git a/roles/deploy_portainer_stack/tasks/main.yml b/roles/deploy_portainer_stack/tasks/main.yml index 5917635..40cd3a2 100644 --- a/roles/deploy_portainer_stack/tasks/main.yml +++ b/roles/deploy_portainer_stack/tasks/main.yml @@ -1,11 +1,10 @@ ---- -- name: "Stack {{ portainer_stack_name }} | Create a directory if it does not exist" +- name: Stack {{ portainer_stack_name }} | Create a directory if it does not exist ansible.builtin.file: path: '{{ directories.docker_compose_directory }}/{{ portainer_stack_name }}' state: directory mode: '0755' -- name: "Stack {{ portainer_stack_name }} | Template Docker Compose File" +- name: Stack {{ portainer_stack_name }} | Template Docker Compose File ansible.builtin.template: src: '{{ portainer_stack_name }}.j2' dest: '{{ directories.docker_compose_directory }}/{{ portainer_stack_name }}/docker-compose.yml' @@ -13,24 +12,25 @@ group: root mode: 0440 vars: - template_vars: "{{ portainer_stack_template_vars }}" + template_vars: '{{ portainer_stack_template_vars }}' -- name: "Stack {{ portainer_stack_name }} | Ensure required directories" +- name: Stack {{ portainer_stack_name }} | Ensure required directories ansible.builtin.file: path: '{{ item }}' state: directory mode: '0755' - with_items: "{{ portainer_stack_directories }}" + with_items: '{{ portainer_stack_directories }}' -- name: "Stack {{ portainer_stack_name }} | Find docker volumes" - ansible.builtin.shell: docker volume ls -f name={{ portainer_stack_name }} --format '{{ '{{' }} .Name {{ '}}' }}' +- name: Stack {{ portainer_stack_name }} | Find docker volumes + ansible.builtin.shell: docker volume ls -f name={{ portainer_stack_name }} --format + '{{ '{{' }} .Name {{ '}}' }}' register: find_volumes changed_when: false -- name: "Stack {{ portainer_stack_name }} | Find docker volumes that need to be restored" +- name: Stack {{ portainer_stack_name }} | Find docker volumes that need to be restored ansible.builtin.script: scripts/find-volumes-to-restore.py environment: - EXISTING_VOLUMES: "{{ find_volumes.stdout_lines }}" + EXISTING_VOLUMES: '{{ find_volumes.stdout_lines }}' STACK_NAME: '{{ portainer_stack_name }}' DOCKER_COMPOSE_DIR: '{{ directories.docker_compose_directory }}' args: @@ -38,12 +38,12 @@ register: python_output changed_when: false -- name: "Stack {{ portainer_stack_name }} | Build list of volumes to restore." +- name: Stack {{ portainer_stack_name }} | Build list of volumes to restore. ansible.builtin.set_fact: restore_volumes: "{{ restore_volumes | default([]) + [{'name':item}] }}" - with_items: "{{ python_output.stdout_lines | list }}" + with_items: '{{ python_output.stdout_lines | list }}' -- name: "Stack {{ portainer_stack_name }} | Restore any missing volumes from S3" +- name: Stack {{ portainer_stack_name }} | Restore any missing volumes from S3 ansible.builtin.include_role: name: chatton.docker_backup.docker_s3_volume_restore when: restore_volumes is defined @@ -51,17 +51,18 @@ docker_backup_restore_force: false docker_backup_restore_latest_s3_key: true docker_backup_fail_on_no_s3_backups: false - docker_backup_s3_volume: "{{ volume }}" - with_items: "{{ restore_volumes }}" + docker_backup_s3_volume: '{{ volume }}' + with_items: '{{ restore_volumes }}' loop_control: loop_var: volume -- name: "Stack {{ portainer_stack_name }} | Update Portainer." +- name: Stack {{ portainer_stack_name }} | Update Portainer. chatton.portainer.portainer_stack: username: admin password: '{{ portainer.password }}' base_url: '{{ portainer_base_url }}' - docker_compose_file_path: '{{ directories.docker_compose_directory }}/{{ portainer_stack_name }}/docker-compose.yml' + docker_compose_file_path: '{{ directories.docker_compose_directory }}/{{ portainer_stack_name + }}/docker-compose.yml' stack_name: '{{ portainer_stack_name }}' endpoint_id: '{{ portainer_stack_endpoint_id }}' state: present diff --git a/roles/docker_restore_container/defaults/main.yml b/roles/docker_restore_container/defaults/main.yml index 7377d0b..6d800ee 100644 --- a/roles/docker_restore_container/defaults/main.yml +++ b/roles/docker_restore_container/defaults/main.yml @@ -1,2 +1,2 @@ ---- -# defaults file for chatton.docker_restore +null +... diff --git a/roles/docker_restore_container/handlers/main.yml b/roles/docker_restore_container/handlers/main.yml index d7dd3db..6d800ee 100644 --- a/roles/docker_restore_container/handlers/main.yml +++ b/roles/docker_restore_container/handlers/main.yml @@ -1,2 +1,2 @@ ---- -# handlers file for chatton.docker_restore +null +... diff --git a/roles/docker_restore_container/tasks/main.yml b/roles/docker_restore_container/tasks/main.yml index ec79022..0fff447 100644 --- a/roles/docker_restore_container/tasks/main.yml +++ b/roles/docker_restore_container/tasks/main.yml @@ -1,121 +1,124 @@ ---- # tasks file for chatton.docker_backup # https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_module.html#ansible-collections-community-docker-docker-container-module # https://docs.docker.com/storage/volumes/#backup-restore-or-migrate-data-volumes - name: Get container details docker_container_info: - name: "{{ container_restore }}" + name: '{{ container_restore }}' register: result - name: Fail if container is not present fail: - msg: Cannot restore volumes for a container when it does not exist. Ensure the container exists and try again. + msg: Cannot restore volumes for a container when it does not exist. Ensure the + container exists and try again. when: result.exists == false - debug: msg="{{ result }}" - name: Extract only the volume mounts (not bind mounts) - set_fact: volume_mounts="{{ result.container.Mounts | selectattr("Type", "equalto", "volume")}}" + set_fact: volume_mounts="{{ result.container.Mounts | selectattr("Type", "equalto", + "volume")}}" - debug: msg="{{ volume_mounts }}" - name: Find relevant volume(s) in S3 amazon.aws.aws_s3: - bucket: "{{ aws_s3.bucket }}" + bucket: '{{ aws_s3.bucket }}' mode: list - region: "{{ aws_s3.region }}" - s3_url: "https://{{ aws_s3.s3_url }}" - prefix: "{{ item.Name }}/{{ item.Name }}" - aws_access_key: "{{ aws_s3.aws_access_key }}" - aws_secret_key: "{{ aws_s3.aws_secret_key }}" + region: '{{ aws_s3.region }}' + s3_url: https://{{ aws_s3.s3_url }} + prefix: '{{ item.Name }}/{{ item.Name }}' + aws_access_key: '{{ aws_s3.aws_access_key }}' + aws_secret_key: '{{ aws_s3.aws_secret_key }}' register: s3_list_output - with_items: "{{ volume_mounts }}" + with_items: '{{ volume_mounts }}' - debug: msg="{{ s3_list_output }}" - name: Extract s3 keys for container - set_fact: container_s3_keys="{{ container_s3_keys | default([]) + [item.s3_keys | last] }}" - with_items: "{{ s3_list_output.results }}" + set_fact: container_s3_keys="{{ container_s3_keys | default([]) + [item.s3_keys + | last] }}" + with_items: '{{ s3_list_output.results }}' - debug: msg="{{ container_s3_keys }}" - name: Create a directory for temporary backups if they do not exist ansible.builtin.file: - path: "/tmp/{{ item.Name }}" + path: /tmp/{{ item.Name }} state: directory mode: '0755' - with_items: "{{ volume_mounts }}" + with_items: '{{ volume_mounts }}' - name: Download archives from S3 amazon.aws.aws_s3: - bucket: "{{ aws_s3.bucket }}" - object: "{{ item }}" - aws_access_key: "{{ aws_s3.aws_access_key }}" - aws_secret_key: "{{ aws_s3.aws_secret_key }}" - region: "{{ aws_s3.region }}" - s3_url: "https://{{ aws_s3.s3_url }}" + bucket: '{{ aws_s3.bucket }}' + object: '{{ item }}' + aws_access_key: '{{ aws_s3.aws_access_key }}' + aws_secret_key: '{{ aws_s3.aws_secret_key }}' + region: '{{ aws_s3.region }}' + s3_url: https://{{ aws_s3.s3_url }} mode: get - dest: "/tmp/{{ item }}" - with_items: "{{ container_s3_keys }}" + dest: /tmp/{{ item }} + with_items: '{{ container_s3_keys }}' register: get_out - debug: msg="{{ get_out }}" - set_fact: - volume_details: "{{ volume_details | default([]) + [ {'mount': item.0, 's3_key': item.1} ] }}" + volume_details: "{{ volume_details | default([]) + [ {'mount': item.0, 's3_key':\ + \ item.1} ] }}" with_together: - - "{{ volume_mounts }}" - - "{{ container_s3_keys }}" + - '{{ volume_mounts }}' + - '{{ container_s3_keys }}' - debug: msg="{{ volume_details }}" - name: Stop a container community.docker.docker_container: - name: "{{ container_restore }}" + name: '{{ container_restore }}' state: stopped - name: Ensure Volume docker_volume: - name: "{{ item.mount.Name }}" + name: '{{ item.mount.Name }}' state: present - with_items: "{{ volume_details }}" + with_items: '{{ volume_details }}' - name: Remove contents of volumes community.docker.docker_container: - name: "restore-container-{{ item.mount.Name }}-{{ 10 | random }}" + name: restore-container-{{ item.mount.Name }}-{{ 10 | random }} image: ubuntu - command: "rm -rf ./* " + command: 'rm -rf ./* ' auto_remove: true detach: false # block until this container exists. state: started # start inside the directory we want to wipe - working_dir: "{{ item.mount.Destination }}" + working_dir: '{{ item.mount.Destination }}' volumes: - - /tmp:/tmp + - /tmp:/tmp volumes_from: - - "{{ container_restore }}" - with_items: "{{ volume_details }}" + - '{{ container_restore }}' + with_items: '{{ volume_details }}' - name: Restore contents of volumes community.docker.docker_container: - name: "restore-container-{{ item.mount.Name }}-{{ 10 | random }}" + name: restore-container-{{ item.mount.Name }}-{{ 10 | random }} image: ubuntu # extract the tar into the volume. - command: "tar xvf /tmp/{{ item.s3_key }}" + command: tar xvf /tmp/{{ item.s3_key }} auto_remove: true detach: false # block until this container exists. state: started # the compressed volume contains the directories, so we start from the root - working_dir: "/" + working_dir: / volumes: - - /tmp:/tmp + - /tmp:/tmp volumes_from: - - "{{ container_restore }}" - with_items: "{{ volume_details }}" + - '{{ container_restore }}' + with_items: '{{ volume_details }}' - name: Start a container community.docker.docker_container: - name: "{{ container_restore }}" + name: '{{ container_restore }}' state: started diff --git a/roles/docker_restore_container/vars/main.yml b/roles/docker_restore_container/vars/main.yml index 2be0913..6d800ee 100644 --- a/roles/docker_restore_container/vars/main.yml +++ b/roles/docker_restore_container/vars/main.yml @@ -1,2 +1,2 @@ ---- -# vars file for chatton.docker_restore +null +... diff --git a/roles/geerlingguy.docker/.github/FUNDING.yml b/roles/geerlingguy.docker/.github/FUNDING.yml index 96b4938..bc43524 100644 --- a/roles/geerlingguy.docker/.github/FUNDING.yml +++ b/roles/geerlingguy.docker/.github/FUNDING.yml @@ -1,4 +1,2 @@ -# These are supported funding model platforms ---- github: geerlingguy patreon: geerlingguy diff --git a/roles/geerlingguy.docker/.github/stale.yml b/roles/geerlingguy.docker/.github/stale.yml index 3e8d931..7f8e2f0 100644 --- a/roles/geerlingguy.docker/.github/stale.yml +++ b/roles/geerlingguy.docker/.github/stale.yml @@ -1,5 +1,3 @@ -# Configuration for probot-stale - https://github.com/probot/stale ---- # Number of days of inactivity before an Issue or Pull Request becomes stale daysUntilStale: 90 @@ -12,10 +10,10 @@ onlyLabels: [] # Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable exemptLabels: - - bug - - pinned - - security - - planned +- bug +- pinned +- security +- planned # Set to true to ignore issues in a project (defaults to false) exemptProjects: false @@ -42,7 +40,8 @@ pulls: This pull request is no longer marked for closure. closeComment: >- - This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details. + This pull request has been closed due to inactivity. If you feel this is in error, + please reopen the pull request or file a new PR with the relevant details. issues: markComment: |- @@ -54,4 +53,5 @@ issues: This issue is no longer marked for closure. closeComment: >- - This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. + This issue has been closed due to inactivity. If you feel this is in error, please + reopen the issue or file a new issue with the relevant details. diff --git a/roles/geerlingguy.docker/.github/workflows/ci.yml b/roles/geerlingguy.docker/.github/workflows/ci.yml index e3cd228..e2461ab 100644 --- a/roles/geerlingguy.docker/.github/workflows/ci.yml +++ b/roles/geerlingguy.docker/.github/workflows/ci.yml @@ -1,16 +1,15 @@ ---- name: CI -'on': +on: pull_request: push: branches: - - master + - master schedule: - - cron: "0 7 * * 0" + - cron: 0 7 * * 0 defaults: run: - working-directory: 'geerlingguy.docker' + working-directory: geerlingguy.docker jobs: @@ -18,22 +17,22 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.docker' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.docker - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install yamllint + - name: Install test dependencies. + run: pip3 install yamllint - - name: Lint code. - run: | - yamllint . + - name: Lint code. + run: | + yamllint . molecule: name: Molecule @@ -41,32 +40,32 @@ jobs: strategy: matrix: distro: - - rockylinux8 - - centos7 - - ubuntu2204 - - ubuntu2004 - - ubuntu1804 - - debian11 - - debian10 - - fedora34 + - rockylinux8 + - centos7 + - ubuntu2204 + - ubuntu2004 + - ubuntu1804 + - debian11 + - debian10 + - fedora34 steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.docker' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.docker - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install ansible molecule[docker] docker + - name: Install test dependencies. + run: pip3 install ansible molecule[docker] docker - - name: Run Molecule tests. - run: molecule test - env: - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - MOLECULE_DISTRO: ${{ matrix.distro }} + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/roles/geerlingguy.docker/.github/workflows/release.yml b/roles/geerlingguy.docker/.github/workflows/release.yml index 0b04d24..f602a9a 100644 --- a/roles/geerlingguy.docker/.github/workflows/release.yml +++ b/roles/geerlingguy.docker/.github/workflows/release.yml @@ -1,4 +1,3 @@ ---- # This workflow requires a GALAXY_API_KEY secret present in the GitHub # repository or organization. # @@ -6,14 +5,14 @@ # See: https://github.com/ansible/galaxy/issues/46 name: Release -'on': +on: push: tags: - - '*' + - '*' defaults: run: - working-directory: 'geerlingguy.docker' + working-directory: geerlingguy.docker jobs: @@ -21,20 +20,21 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.docker' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.docker - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install Ansible. - run: pip3 install ansible-core + - name: Install Ansible. + run: pip3 install ansible-core - - name: Trigger a new import on Galaxy. - run: >- - ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} - $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) + - name: Trigger a new import on Galaxy. + run: >- + ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} + $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository + }} | cut -d/ -f2) diff --git a/roles/geerlingguy.docker/defaults/main.yml b/roles/geerlingguy.docker/defaults/main.yml index 7e4e73b..b657c82 100644 --- a/roles/geerlingguy.docker/defaults/main.yml +++ b/roles/geerlingguy.docker/defaults/main.yml @@ -1,11 +1,10 @@ ---- # Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition). -docker_edition: 'ce' +docker_edition: ce docker_packages: - - "docker-{{ docker_edition }}" - - "docker-{{ docker_edition }}-cli" - - "docker-{{ docker_edition }}-rootless-extras" - - "containerd.io" +- docker-{{ docker_edition }} +- docker-{{ docker_edition }}-cli +- docker-{{ docker_edition }}-rootless-extras +- containerd.io docker_packages_state: present # Service options. @@ -21,9 +20,10 @@ docker_compose_package_state: present # Docker Compose options. docker_install_compose: true -docker_compose_version: "v2.4.1" +docker_compose_version: v2.4.1 docker_compose_arch: x86_64 -docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}" +docker_compose_url: https://github.com/docker/compose/releases/download/{{ docker_compose_version + }}/docker-compose-linux-{{ docker_compose_arch }} docker_compose_path: /usr/local/bin/docker-compose # Docker repo URL. @@ -32,15 +32,17 @@ docker_repo_url: https://download.docker.com/linux # Used only for Debian/Ubuntu. Switch 'stable' to 'nightly' if needed. docker_apt_release_channel: stable docker_apt_arch: amd64 -docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_apt_repository: deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution + | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }} docker_apt_ignore_key_error: true -docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg" +docker_apt_gpg_key: '{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg' # Used only for RedHat/CentOS/Fedora. -docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo" +docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora')\ + \ | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo" docker_yum_repo_enable_nightly: '0' docker_yum_repo_enable_test: '0' -docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg" +docker_yum_gpg_key: '{{ docker_repo_url }}/centos/gpg' # A list of users who will be added to the docker group. docker_users: [] diff --git a/roles/geerlingguy.docker/handlers/main.yml b/roles/geerlingguy.docker/handlers/main.yml index 72594c8..0eac5a3 100644 --- a/roles/geerlingguy.docker/handlers/main.yml +++ b/roles/geerlingguy.docker/handlers/main.yml @@ -1,7 +1,6 @@ ---- - name: restart docker service: name: docker - state: "{{ docker_restart_handler_state }}" - ignore_errors: "{{ ansible_check_mode }}" + state: '{{ docker_restart_handler_state }}' + ignore_errors: '{{ ansible_check_mode }}' when: docker_service_manage | bool diff --git a/roles/geerlingguy.docker/meta/main.yml b/roles/geerlingguy.docker/meta/main.yml index 466d07f..d7b70c8 100644 --- a/roles/geerlingguy.docker/meta/main.yml +++ b/roles/geerlingguy.docker/meta/main.yml @@ -1,41 +1,40 @@ ---- dependencies: [] galaxy_info: role_name: docker author: geerlingguy description: Docker for Linux. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" + company: Midwestern Mac, LLC + license: license (BSD, MIT) min_ansible_version: 2.4 platforms: - - name: EL - versions: - - 7 - - 8 - - name: Fedora - versions: - - all - - name: Debian - versions: - - buster - - bullseye - - name: Ubuntu - versions: - - bionic - - focal - - jammy - - name: Alpine - version: - - all - - name: Arch - versions: - - all + - name: EL + versions: + - 7 + - 8 + - name: Fedora + versions: + - all + - name: Debian + versions: + - buster + - bullseye + - name: Ubuntu + versions: + - bionic + - focal + - jammy + - name: Alpine + version: + - all + - name: Arch + versions: + - all galaxy_tags: - - web - - system - - containers - - docker - - orchestration - - compose - - server + - web + - system + - containers + - docker + - orchestration + - compose + - server diff --git a/roles/geerlingguy.docker/molecule/default/converge.yml b/roles/geerlingguy.docker/molecule/default/converge.yml index 629095b..0f2994e 100644 --- a/roles/geerlingguy.docker/molecule/default/converge.yml +++ b/roles/geerlingguy.docker/molecule/default/converge.yml @@ -1,24 +1,23 @@ ---- - name: Converge hosts: all become: true pre_tasks: - - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' + - name: Update apt cache. + apt: update_cache=yes cache_valid_time=600 + when: ansible_os_family == 'Debian' - - name: Wait for systemd to complete initialization. # noqa 303 - command: systemctl is-system-running - register: systemctl_status - until: > - 'running' in systemctl_status.stdout or - 'degraded' in systemctl_status.stdout - retries: 30 - delay: 5 - when: ansible_service_mgr == 'systemd' - changed_when: false - failed_when: systemctl_status.rc > 1 + - name: Wait for systemd to complete initialization. # noqa 303 + command: systemctl is-system-running + register: systemctl_status + until: > + 'running' in systemctl_status.stdout or + 'degraded' in systemctl_status.stdout + retries: 30 + delay: 5 + when: ansible_service_mgr == 'systemd' + changed_when: false + failed_when: systemctl_status.rc > 1 roles: - - role: geerlingguy.docker + - role: geerlingguy.docker diff --git a/roles/geerlingguy.docker/molecule/default/molecule.yml b/roles/geerlingguy.docker/molecule/default/molecule.yml index 44ed195..cfdb7ab 100644 --- a/roles/geerlingguy.docker/molecule/default/molecule.yml +++ b/roles/geerlingguy.docker/molecule/default/molecule.yml @@ -1,17 +1,16 @@ ---- role_name_check: 1 dependency: name: galaxy driver: name: docker platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true +- name: instance + image: geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true provisioner: name: ansible playbooks: diff --git a/roles/geerlingguy.docker/tasks/docker-compose.yml b/roles/geerlingguy.docker/tasks/docker-compose.yml index 42f89cb..d9502ca 100644 --- a/roles/geerlingguy.docker/tasks/docker-compose.yml +++ b/roles/geerlingguy.docker/tasks/docker-compose.yml @@ -1,18 +1,18 @@ ---- - name: Check current docker-compose version. - command: "{{ docker_compose_path }} --version" + command: '{{ docker_compose_path }} --version' register: docker_compose_vsn check_mode: false changed_when: false failed_when: false - set_fact: - docker_compose_current_version: "{{ docker_compose_vsn.stdout | regex_search('(\\d+(\\.\\d+)+)') }}" + docker_compose_current_version: "{{ docker_compose_vsn.stdout | regex_search('(\\\ + d+(\\.\\d+)+)') }}" when: docker_compose_vsn.stdout is defined - name: Delete existing docker-compose version if it's different. file: - path: "{{ docker_compose_path }}" + path: '{{ docker_compose_path }}' state: absent when: > docker_compose_current_version is defined @@ -20,10 +20,11 @@ - name: Install Docker Compose (if configured). get_url: - url: "{{ docker_compose_url }}" - dest: "{{ docker_compose_path }}" + url: '{{ docker_compose_url }}' + dest: '{{ docker_compose_path }}' mode: 0755 when: > (docker_compose_current_version is not defined) or (docker_compose_current_version|length == 0) - or (docker_compose_current_version is version((docker_compose_version | regex_replace('v', '')), '<')) + or (docker_compose_current_version is version((docker_compose_version | regex_replace('v', + '')), '<')) diff --git a/roles/geerlingguy.docker/tasks/docker-users.yml b/roles/geerlingguy.docker/tasks/docker-users.yml index 6e387e6..32e4fbe 100644 --- a/roles/geerlingguy.docker/tasks/docker-users.yml +++ b/roles/geerlingguy.docker/tasks/docker-users.yml @@ -1,10 +1,9 @@ ---- - name: Ensure docker users are added to the docker group. user: - name: "{{ item }}" + name: '{{ item }}' groups: docker append: true - with_items: "{{ docker_users }}" + with_items: '{{ docker_users }}' - name: Reset ssh connection to apply user changes. meta: reset_connection diff --git a/roles/geerlingguy.docker/tasks/main.yml b/roles/geerlingguy.docker/tasks/main.yml index dcd47de..5dcd22e 100644 --- a/roles/geerlingguy.docker/tasks/main.yml +++ b/roles/geerlingguy.docker/tasks/main.yml @@ -1,14 +1,13 @@ ---- - name: Load OS-specific vars. include_vars: "{{ lookup('first_found', params) }}" vars: params: files: - - '{{ansible_distribution}}.yml' - - '{{ansible_os_family}}.yml' - - main.yml + - '{{ansible_distribution}}.yml' + - '{{ansible_os_family}}.yml' + - main.yml paths: - - 'vars' + - vars - include_tasks: setup-RedHat.yml when: ansible_os_family == 'RedHat' @@ -18,37 +17,41 @@ - name: Install Docker packages. package: - name: "{{ docker_packages }}" - state: "{{ docker_packages_state }}" + name: '{{ docker_packages }}' + state: '{{ docker_packages_state }}' notify: restart docker - ignore_errors: "{{ ansible_check_mode }}" - when: "ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']" + ignore_errors: '{{ ansible_check_mode }}' + when: ansible_version.full is version_compare('2.12', '<') or ansible_os_family + not in ['RedHat', 'Debian'] - name: Install Docker packages (with downgrade option). package: - name: "{{ docker_packages }}" - state: "{{ docker_packages_state }}" + name: '{{ docker_packages }}' + state: '{{ docker_packages_state }}' allow_downgrade: true notify: restart docker - ignore_errors: "{{ ansible_check_mode }}" - when: "ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']" + ignore_errors: '{{ ansible_check_mode }}' + when: ansible_version.full is version_compare('2.12', '>=') and ansible_os_family + in ['RedHat', 'Debian'] - name: Install docker-compose plugin. package: - name: "{{ docker_compose_package }}" - state: "{{ docker_compose_package_state }}" + name: '{{ docker_compose_package }}' + state: '{{ docker_compose_package_state }}' notify: restart docker - ignore_errors: "{{ ansible_check_mode }}" - when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])" + ignore_errors: '{{ ansible_check_mode }}' + when: docker_install_compose_plugin | bool == true and (ansible_version.full is + version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']) - name: Install docker-compose-plugin (with downgrade option). package: - name: "{{ docker_compose_package }}" - state: "{{ docker_compose_package_state }}" + name: '{{ docker_compose_package }}' + state: '{{ docker_compose_package_state }}' allow_downgrade: true notify: restart docker - ignore_errors: "{{ ansible_check_mode }}" - when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']" + ignore_errors: '{{ ansible_check_mode }}' + when: docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', + '>=') and ansible_os_family in ['RedHat', 'Debian'] - name: Ensure /etc/docker/ directory exists. file: @@ -59,7 +62,7 @@ - name: Configure Docker daemon options. copy: - content: "{{ docker_daemon_options | to_nice_json }}" + content: '{{ docker_daemon_options | to_nice_json }}' dest: /etc/docker/daemon.json mode: 0644 when: docker_daemon_options.keys() | length > 0 @@ -68,9 +71,9 @@ - name: Ensure Docker is started and enabled at boot. service: name: docker - state: "{{ docker_service_state }}" - enabled: "{{ docker_service_enabled }}" - ignore_errors: "{{ ansible_check_mode }}" + state: '{{ docker_service_state }}' + enabled: '{{ docker_service_enabled }}' + ignore_errors: '{{ ansible_check_mode }}' when: docker_service_manage | bool - name: Ensure handlers are notified now to avoid firewall conflicts. @@ -90,9 +93,9 @@ set_fact: at_least_one_user_to_modify: true when: - - docker_users | length > 0 - - item not in ansible_facts.getent_group["docker"][2] - with_items: "{{ docker_users }}" + - docker_users | length > 0 + - item not in ansible_facts.getent_group["docker"][2] + with_items: '{{ docker_users }}' - include_tasks: docker-users.yml when: at_least_one_user_to_modify is defined diff --git a/roles/geerlingguy.docker/tasks/setup-Debian.yml b/roles/geerlingguy.docker/tasks/setup-Debian.yml index e0d7037..30db63d 100644 --- a/roles/geerlingguy.docker/tasks/setup-Debian.yml +++ b/roles/geerlingguy.docker/tasks/setup-Debian.yml @@ -1,37 +1,39 @@ ---- - name: Ensure old versions of Docker are not installed. package: name: - - docker - - docker-engine + - docker + - docker-engine state: absent - name: Ensure dependencies are installed. apt: name: - - apt-transport-https - - ca-certificates + - apt-transport-https + - ca-certificates state: present -- name: Ensure additional dependencies are installed (on Ubuntu < 20.04 and any other systems). +- name: Ensure additional dependencies are installed (on Ubuntu < 20.04 and any other + systems). apt: name: gnupg2 state: present - when: ansible_distribution != 'Ubuntu' or ansible_distribution_version is version('20.04', '<') + when: ansible_distribution != 'Ubuntu' or ansible_distribution_version is version('20.04', + '<') - name: Ensure additional dependencies are installed (on Ubuntu >= 20.04). apt: name: gnupg state: present - when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '>=') + when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', + '>=') - name: Add Docker apt key. apt_key: - url: "{{ docker_apt_gpg_key }}" + url: '{{ docker_apt_gpg_key }}' id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 state: present register: add_repository_key - ignore_errors: "{{ docker_apt_ignore_key_error }}" + ignore_errors: '{{ docker_apt_ignore_key_error }}' - name: Ensure curl is present (on older systems without SNI). package: name=curl state=present @@ -46,6 +48,6 @@ - name: Add Docker repository. apt_repository: - repo: "{{ docker_apt_repository }}" + repo: '{{ docker_apt_repository }}' state: present update_cache: true diff --git a/roles/geerlingguy.docker/tasks/setup-RedHat.yml b/roles/geerlingguy.docker/tasks/setup-RedHat.yml index 676c9e5..e18e352 100644 --- a/roles/geerlingguy.docker/tasks/setup-RedHat.yml +++ b/roles/geerlingguy.docker/tasks/setup-RedHat.yml @@ -1,29 +1,28 @@ ---- - name: Ensure old versions of Docker are not installed. package: name: - - docker - - docker-common - - docker-engine + - docker + - docker-common + - docker-engine state: absent - name: Add Docker GPG key. rpm_key: - key: "{{ docker_yum_gpg_key }}" + key: '{{ docker_yum_gpg_key }}' state: present - name: Add Docker repository. get_url: - url: "{{ docker_yum_repo_url }}" - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' + url: '{{ docker_yum_repo_url }}' + dest: /etc/yum.repos.d/docker-{{ docker_edition }}.repo owner: root group: root mode: 0644 - name: Configure Docker Nightly repo. ini_file: - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' - section: 'docker-{{ docker_edition }}-nightly' + dest: /etc/yum.repos.d/docker-{{ docker_edition }}.repo + section: docker-{{ docker_edition }}-nightly option: enabled value: '{{ docker_yum_repo_enable_nightly }}' mode: 0644 @@ -31,8 +30,8 @@ - name: Configure Docker Test repo. ini_file: - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' - section: 'docker-{{ docker_edition }}-test' + dest: /etc/yum.repos.d/docker-{{ docker_edition }}.repo + section: docker-{{ docker_edition }}-test option: enabled value: '{{ docker_yum_repo_enable_test }}' mode: 0644 @@ -40,13 +39,13 @@ - name: Configure containerd on RHEL 8. block: - - name: Ensure container-selinux is installed. - package: - name: container-selinux - state: present + - name: Ensure container-selinux is installed. + package: + name: container-selinux + state: present - - name: Ensure containerd.io is installed. - package: - name: containerd.io - state: present + - name: Ensure containerd.io is installed. + package: + name: containerd.io + state: present when: ansible_distribution_major_version | int == 8 diff --git a/roles/geerlingguy.docker/vars/Alpine.yml b/roles/geerlingguy.docker/vars/Alpine.yml index 0cb91f6..dbedf5d 100755 --- a/roles/geerlingguy.docker/vars/Alpine.yml +++ b/roles/geerlingguy.docker/vars/Alpine.yml @@ -1,2 +1 @@ ---- -docker_package: "docker" +docker_package: docker diff --git a/roles/geerlingguy.docker/vars/main.yml b/roles/geerlingguy.docker/vars/main.yml index 805232b..6d800ee 100755 --- a/roles/geerlingguy.docker/vars/main.yml +++ b/roles/geerlingguy.docker/vars/main.yml @@ -1,2 +1,2 @@ ---- -# Empty file +null +... diff --git a/roles/geerlingguy.pip/.github/FUNDING.yml b/roles/geerlingguy.pip/.github/FUNDING.yml index 96b4938..bc43524 100644 --- a/roles/geerlingguy.pip/.github/FUNDING.yml +++ b/roles/geerlingguy.pip/.github/FUNDING.yml @@ -1,4 +1,2 @@ -# These are supported funding model platforms ---- github: geerlingguy patreon: geerlingguy diff --git a/roles/geerlingguy.pip/.github/stale.yml b/roles/geerlingguy.pip/.github/stale.yml index 3cc6ec3..457e199 100644 --- a/roles/geerlingguy.pip/.github/stale.yml +++ b/roles/geerlingguy.pip/.github/stale.yml @@ -12,10 +12,10 @@ onlyLabels: [] # Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable exemptLabels: - - bug - - pinned - - security - - planned +- bug +- pinned +- security +- planned # Set to true to ignore issues in a project (defaults to false) exemptProjects: false @@ -42,7 +42,8 @@ pulls: This pull request is no longer marked for closure. closeComment: >- - This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details. + This pull request has been closed due to inactivity. If you feel this is in error, + please reopen the pull request or file a new PR with the relevant details. issues: markComment: |- @@ -54,4 +55,5 @@ issues: This issue is no longer marked for closure. closeComment: >- - This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. + This issue has been closed due to inactivity. If you feel this is in error, please + reopen the issue or file a new issue with the relevant details. diff --git a/roles/geerlingguy.pip/.github/workflows/ci.yml b/roles/geerlingguy.pip/.github/workflows/ci.yml index 742244a..2e1196f 100644 --- a/roles/geerlingguy.pip/.github/workflows/ci.yml +++ b/roles/geerlingguy.pip/.github/workflows/ci.yml @@ -1,16 +1,15 @@ ---- name: CI -'on': +on: pull_request: push: branches: - - master + - master schedule: - - cron: "0 4 * * 5" + - cron: 0 4 * * 5 defaults: run: - working-directory: 'geerlingguy.pip' + working-directory: geerlingguy.pip jobs: @@ -18,22 +17,22 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.pip' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.pip - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install yamllint + - name: Install test dependencies. + run: pip3 install yamllint - - name: Lint code. - run: | - yamllint . + - name: Lint code. + run: | + yamllint . molecule: name: Molecule @@ -41,29 +40,29 @@ jobs: strategy: matrix: distro: - - rockylinux8 - - fedora34 - - ubuntu2004 - - ubuntu1804 - - debian10 + - rockylinux8 + - fedora34 + - ubuntu2004 + - ubuntu1804 + - debian10 steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.pip' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.pip - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install ansible molecule[docker] docker + - name: Install test dependencies. + run: pip3 install ansible molecule[docker] docker - - name: Run Molecule tests. - run: molecule test - env: - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - MOLECULE_DISTRO: ${{ matrix.distro }} + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/roles/geerlingguy.pip/.github/workflows/release.yml b/roles/geerlingguy.pip/.github/workflows/release.yml index 54af011..04d361a 100644 --- a/roles/geerlingguy.pip/.github/workflows/release.yml +++ b/roles/geerlingguy.pip/.github/workflows/release.yml @@ -1,4 +1,3 @@ ---- # This workflow requires a GALAXY_API_KEY secret present in the GitHub # repository or organization. # @@ -6,14 +5,14 @@ # See: https://github.com/ansible/galaxy/issues/46 name: Release -'on': +on: push: tags: - - '*' + - '*' defaults: run: - working-directory: 'geerlingguy.pip' + working-directory: geerlingguy.pip jobs: @@ -21,20 +20,21 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.pip' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.pip - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install Ansible. - run: pip3 install ansible-core + - name: Install Ansible. + run: pip3 install ansible-core - - name: Trigger a new import on Galaxy. - run: >- - ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} - $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) + - name: Trigger a new import on Galaxy. + run: >- + ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} + $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository + }} | cut -d/ -f2) diff --git a/roles/geerlingguy.pip/defaults/main.yml b/roles/geerlingguy.pip/defaults/main.yml index e51000b..0fc6582 100644 --- a/roles/geerlingguy.pip/defaults/main.yml +++ b/roles/geerlingguy.pip/defaults/main.yml @@ -1,4 +1,3 @@ ---- # For Python 3, use python3-pip. pip_package: python3-pip pip_executable: "{{ 'pip3' if pip_package.startswith('python3') else 'pip' }}" diff --git a/roles/geerlingguy.pip/meta/main.yml b/roles/geerlingguy.pip/meta/main.yml index 908669d..24c237d 100644 --- a/roles/geerlingguy.pip/meta/main.yml +++ b/roles/geerlingguy.pip/meta/main.yml @@ -1,4 +1,3 @@ ---- dependencies: [] galaxy_info: @@ -6,26 +5,26 @@ galaxy_info: author: geerlingguy description: Pip (Python package manager) for Linux. issue_tracker_url: https://github.com/geerlingguy/ansible-role-pip/issues - company: "Midwestern Mac, LLC" - license: "MIT" + company: Midwestern Mac, LLC + license: MIT min_ansible_version: 2.4 platforms: - - name: EL - versions: - - all - - name: Fedora - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all + - name: EL + versions: + - all + - name: Fedora + versions: + - all + - name: Debian + versions: + - all + - name: Ubuntu + versions: + - all galaxy_tags: - - system - - server - - packaging - - python - - pip - - tools + - system + - server + - packaging + - python + - pip + - tools diff --git a/roles/geerlingguy.pip/molecule/default/converge.yml b/roles/geerlingguy.pip/molecule/default/converge.yml index e0151a5..7032160 100644 --- a/roles/geerlingguy.pip/molecule/default/converge.yml +++ b/roles/geerlingguy.pip/molecule/default/converge.yml @@ -1,4 +1,3 @@ ---- - name: Converge hosts: all become: true @@ -6,23 +5,26 @@ vars: pip_install_packages: # Test installing a specific version of a package. - - name: ipaddress - version: "1.0.18" + - name: ipaddress + version: 1.0.18 # Test installing a package by name. - - colorama + - colorama pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' - - name: Set package name for older OSes. - set_fact: - pip_package: python-pip - when: > - (ansible_os_family == 'RedHat') and (ansible_distribution_major_version | int < 8) - or (ansible_distribution == 'Debian') and (ansible_distribution_major_version | int < 10) - or (ansible_distribution == 'Ubuntu') and (ansible_distribution_major_version | int < 18) + - name: Set package name for older OSes. + set_fact: + pip_package: python-pip + when: > + (ansible_os_family == 'RedHat') and (ansible_distribution_major_version | int + < 8) + or (ansible_distribution == 'Debian') and (ansible_distribution_major_version + | int < 10) + or (ansible_distribution == 'Ubuntu') and (ansible_distribution_major_version + | int < 18) roles: - - role: geerlingguy.pip + - role: geerlingguy.pip diff --git a/roles/geerlingguy.pip/molecule/default/molecule.yml b/roles/geerlingguy.pip/molecule/default/molecule.yml index 44ed195..cfdb7ab 100644 --- a/roles/geerlingguy.pip/molecule/default/molecule.yml +++ b/roles/geerlingguy.pip/molecule/default/molecule.yml @@ -1,17 +1,16 @@ ---- role_name_check: 1 dependency: name: galaxy driver: name: docker platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true +- name: instance + image: geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true provisioner: name: ansible playbooks: diff --git a/roles/geerlingguy.pip/tasks/main.yml b/roles/geerlingguy.pip/tasks/main.yml index e2e8aa1..3112e82 100644 --- a/roles/geerlingguy.pip/tasks/main.yml +++ b/roles/geerlingguy.pip/tasks/main.yml @@ -1,15 +1,14 @@ ---- - name: Ensure Pip is installed. package: - name: "{{ pip_package }}" + name: '{{ pip_package }}' state: present - name: Ensure pip_install_packages are installed. pip: - name: "{{ item.name | default(item) }}" - version: "{{ item.version | default(omit) }}" - virtualenv: "{{ item.virtualenv | default(omit) }}" - state: "{{ item.state | default(omit) }}" - extra_args: "{{ item.extra_args | default(omit) }}" - executable: "{{ pip_executable }}" - loop: "{{ pip_install_packages }}" + name: '{{ item.name | default(item) }}' + version: '{{ item.version | default(omit) }}' + virtualenv: '{{ item.virtualenv | default(omit) }}' + state: '{{ item.state | default(omit) }}' + extra_args: '{{ item.extra_args | default(omit) }}' + executable: '{{ pip_executable }}' + loop: '{{ pip_install_packages }}' diff --git a/roles/geerlingguy.samba/.github/FUNDING.yml b/roles/geerlingguy.samba/.github/FUNDING.yml index 96b4938..bc43524 100644 --- a/roles/geerlingguy.samba/.github/FUNDING.yml +++ b/roles/geerlingguy.samba/.github/FUNDING.yml @@ -1,4 +1,2 @@ -# These are supported funding model platforms ---- github: geerlingguy patreon: geerlingguy diff --git a/roles/geerlingguy.samba/.github/stale.yml b/roles/geerlingguy.samba/.github/stale.yml index c7ff127..fd48184 100644 --- a/roles/geerlingguy.samba/.github/stale.yml +++ b/roles/geerlingguy.samba/.github/stale.yml @@ -12,9 +12,9 @@ onlyLabels: [] # Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable exemptLabels: - - pinned - - security - - planned +- pinned +- security +- planned # Set to true to ignore issues in a project (defaults to false) exemptProjects: false @@ -41,7 +41,8 @@ pulls: This pull request is no longer marked for closure. closeComment: >- - This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details. + This pull request has been closed due to inactivity. If you feel this is in error, + please reopen the pull request or file a new PR with the relevant details. issues: markComment: |- @@ -53,4 +54,5 @@ issues: This issue is no longer marked for closure. closeComment: >- - This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. + This issue has been closed due to inactivity. If you feel this is in error, please + reopen the issue or file a new issue with the relevant details. diff --git a/roles/geerlingguy.samba/.github/workflows/ci.yml b/roles/geerlingguy.samba/.github/workflows/ci.yml index 6c60852..5f80e6a 100644 --- a/roles/geerlingguy.samba/.github/workflows/ci.yml +++ b/roles/geerlingguy.samba/.github/workflows/ci.yml @@ -1,16 +1,15 @@ ---- name: CI -'on': +on: pull_request: push: branches: - - master + - master schedule: - - cron: "0 3 * * 4" + - cron: 0 3 * * 4 defaults: run: - working-directory: 'geerlingguy.samba' + working-directory: geerlingguy.samba jobs: @@ -18,23 +17,23 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.samba' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.samba - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install yamllint ansible-lint + - name: Install test dependencies. + run: pip3 install yamllint ansible-lint - - name: Lint code. - run: | - yamllint . - ansible-lint + - name: Lint code. + run: | + yamllint . + ansible-lint molecule: name: Molecule @@ -42,26 +41,26 @@ jobs: strategy: matrix: distro: - - centos7 - - ubuntu2004 + - centos7 + - ubuntu2004 steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.samba' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.samba - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install test dependencies. - run: pip3 install ansible molecule[docker] docker + - name: Install test dependencies. + run: pip3 install ansible molecule[docker] docker - - name: Run Molecule tests. - run: molecule test - env: - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - MOLECULE_DISTRO: ${{ matrix.distro }} + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/roles/geerlingguy.samba/.github/workflows/release.yml b/roles/geerlingguy.samba/.github/workflows/release.yml index 9813895..775baa7 100644 --- a/roles/geerlingguy.samba/.github/workflows/release.yml +++ b/roles/geerlingguy.samba/.github/workflows/release.yml @@ -1,4 +1,3 @@ ---- # This workflow requires a GALAXY_API_KEY secret present in the GitHub # repository or organization. # @@ -6,14 +5,14 @@ # See: https://github.com/ansible/galaxy/issues/46 name: Release -'on': +on: push: tags: - - '*' + - '*' defaults: run: - working-directory: 'geerlingguy.samba' + working-directory: geerlingguy.samba jobs: @@ -21,18 +20,20 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - name: Check out the codebase. - uses: actions/checkout@v2 - with: - path: 'geerlingguy.samba' + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: geerlingguy.samba - - name: Set up Python 3. - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install Ansible. - run: pip3 install ansible-base + - name: Install Ansible. + run: pip3 install ansible-base - - name: Trigger a new import on Galaxy. - run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) + - name: Trigger a new import on Galaxy. + run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo + ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | + cut -d/ -f2) diff --git a/roles/geerlingguy.samba/handlers/main.yml b/roles/geerlingguy.samba/handlers/main.yml index 85f0949..9a820dd 100644 --- a/roles/geerlingguy.samba/handlers/main.yml +++ b/roles/geerlingguy.samba/handlers/main.yml @@ -1,3 +1,2 @@ ---- - name: restart smb - service: "name={{ samba_daemon }} state=restarted" + service: name={{ samba_daemon }} state=restarted diff --git a/roles/geerlingguy.samba/meta/main.yml b/roles/geerlingguy.samba/meta/main.yml index 5f0def7..bbfd64b 100644 --- a/roles/geerlingguy.samba/meta/main.yml +++ b/roles/geerlingguy.samba/meta/main.yml @@ -1,33 +1,32 @@ ---- dependencies: [] galaxy_info: role_name: samba author: geerlingguy - description: "Samba for RHEL/CentOS." - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" + description: Samba for RHEL/CentOS. + company: Midwestern Mac, LLC + license: license (BSD, MIT) min_ansible_version: 2.0 platforms: - - name: EL - versions: - - 7 - - 8 - - name: Fedora - versions: - - all - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all + - name: EL + versions: + - 7 + - 8 + - name: Fedora + versions: + - all + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all galaxy_tags: - - networking - - system - - samba - - windows - - filesystem - - fileshare - - sharing - - files + - networking + - system + - samba + - windows + - filesystem + - fileshare + - sharing + - files diff --git a/roles/geerlingguy.samba/molecule/default/converge.yml b/roles/geerlingguy.samba/molecule/default/converge.yml index a39d4cf..275d9c1 100644 --- a/roles/geerlingguy.samba/molecule/default/converge.yml +++ b/roles/geerlingguy.samba/molecule/default/converge.yml @@ -1,12 +1,11 @@ ---- - name: Converge hosts: all become: true pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' + - name: Update apt cache. + apt: update_cache=true cache_valid_time=600 + when: ansible_os_family == 'Debian' roles: - - role: geerlingguy.samba + - role: geerlingguy.samba diff --git a/roles/geerlingguy.samba/molecule/default/molecule.yml b/roles/geerlingguy.samba/molecule/default/molecule.yml index 7490710..c3c4939 100644 --- a/roles/geerlingguy.samba/molecule/default/molecule.yml +++ b/roles/geerlingguy.samba/molecule/default/molecule.yml @@ -1,16 +1,15 @@ ---- dependency: name: galaxy driver: name: docker platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true +- name: instance + image: geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true provisioner: name: ansible playbooks: diff --git a/roles/geerlingguy.samba/tasks/main.yml b/roles/geerlingguy.samba/tasks/main.yml index 69ce3e8..c53d5d1 100644 --- a/roles/geerlingguy.samba/tasks/main.yml +++ b/roles/geerlingguy.samba/tasks/main.yml @@ -1,27 +1,26 @@ ---- - name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" + include_vars: '{{ ansible_os_family }}.yml' - name: Ensure Samba-related packages are installed (RedHat). package: name: - - samba - - samba-client - - samba-common - - cifs-utils + - samba + - samba-client + - samba-common + - cifs-utils state: present when: ansible_os_family == 'RedHat' - name: Ensure Samba-related packages are installed (Debian). apt: name: - - samba - - samba-common + - samba + - samba-common state: present when: ansible_os_family == 'Debian' - name: Ensure Samba is running and set to start on boot. service: - name: "{{ samba_daemon }}" + name: '{{ samba_daemon }}' state: started enabled: true diff --git a/roles/geerlingguy.samba/vars/Debian.yml b/roles/geerlingguy.samba/vars/Debian.yml index 352aad7..7f6594a 100644 --- a/roles/geerlingguy.samba/vars/Debian.yml +++ b/roles/geerlingguy.samba/vars/Debian.yml @@ -1,2 +1 @@ ---- samba_daemon: smbd diff --git a/roles/geerlingguy.samba/vars/RedHat.yml b/roles/geerlingguy.samba/vars/RedHat.yml index 9f01c5d..e5b49c1 100644 --- a/roles/geerlingguy.samba/vars/RedHat.yml +++ b/roles/geerlingguy.samba/vars/RedHat.yml @@ -1,2 +1 @@ ---- samba_daemon: smb diff --git a/roles/setup_hosted_services/defaults/main.yml b/roles/setup_hosted_services/defaults/main.yml index ed97d53..6d800ee 100644 --- a/roles/setup_hosted_services/defaults/main.yml +++ b/roles/setup_hosted_services/defaults/main.yml @@ -1 +1,2 @@ ---- +null +... diff --git a/roles/setup_hosted_services/files/dashboards/dashy-config.yml b/roles/setup_hosted_services/files/dashboards/dashy-config.yml index b1dcc9c..f2af8ef 100644 --- a/roles/setup_hosted_services/files/dashboards/dashy-config.yml +++ b/roles/setup_hosted_services/files/dashboards/dashy-config.yml @@ -1,129 +1,129 @@ pageInfo: title: Home Lab sections: - - name: Tools - items: - - title: Hastey Paste - description: Paste bin service. - icon: hl-hastey-paste - url: http://snunmu:8000 - - title: Photoprism - description: Manager photos - icon: hl-photoprism - url: http://qnap:2342 - - title: Olivetin - description: Run pre-defined shell commands - icon: hl-olivetin - url: http://qnap:1337 - - title: Linkding - description: Manager photos - icon: hl-linkding - url: http://snunmu:9090 - - title: Nextcloud - icon: hl-nextcloud - url: https://cloud.cianhatton.ie - - title: Mealie - icon: hl-mealie - url: https://mealie.cianhatton.ie - - title: Gitea - icon: hl-gitea - url: https://git.cianhatton.ie - - title: Paperless - icon: hl-paperless - url: http://qnap:8001 - - name: Docker Admin - items: - - title: Portainer - description: Manage docker apps using Portainer - icon: hl-portainer - url: http://qnap:9000 +- name: Tools + items: + - title: Hastey Paste + description: Paste bin service. + icon: hl-hastey-paste + url: http://snunmu:8000 + - title: Photoprism + description: Manager photos + icon: hl-photoprism + url: http://qnap:2342 + - title: Olivetin + description: Run pre-defined shell commands + icon: hl-olivetin + url: http://qnap:1337 + - title: Linkding + description: Manager photos + icon: hl-linkding + url: http://snunmu:9090 + - title: Nextcloud + icon: hl-nextcloud + url: https://cloud.cianhatton.ie + - title: Mealie + icon: hl-mealie + url: https://mealie.cianhatton.ie + - title: Gitea + icon: hl-gitea + url: https://git.cianhatton.ie + - title: Paperless + icon: hl-paperless + url: http://qnap:8001 +- name: Docker Admin + items: + - title: Portainer + description: Manage docker apps using Portainer + icon: hl-portainer + url: http://qnap:9000 - - name: System Admin - items: - - title: Webmin - icon: hl-webmin - url: http://qnap:10000 - - title: Adminer - description: Manage MariaDB - icon: hl-adminer - url: http://qnap:3307 - - title: Nginx Proxy Manager - description: Manage reverse proxies - icon: hl-nginx - url: http://qnap:8181 +- name: System Admin + items: + - title: Webmin + icon: hl-webmin + url: http://qnap:10000 + - title: Adminer + description: Manage MariaDB + icon: hl-adminer + url: http://qnap:3307 + - title: Nginx Proxy Manager + description: Manage reverse proxies + icon: hl-nginx + url: http://qnap:8181 - - name: QNAP Dashboards - items: - - title: Dash Dot - icon: hl-dashdot - url: http://qnap:3010 - - title: Uptime Kuma - icon: hl-uptime-kuma - url: http://qnap:3001 - - title: Tautulli - icon: hl-tautulli - url: http://qnap:8182 - - title: Glances - icon: hl-glances - url: http://qnap:8083 - - title: Pihole - icon: hl-pihole - url: http://qnap:85/admin - - name: Snunmu Dashboards - items: - - title: Dash Dot - icon: hl-dashdot - url: http://snunmu:3010 - - title: Glances - icon: hl-glances - url: http://snunmu:8083 - - title: Pihole - icon: hl-pihole - url: http://snunmu:85/admin +- name: QNAP Dashboards + items: + - title: Dash Dot + icon: hl-dashdot + url: http://qnap:3010 + - title: Uptime Kuma + icon: hl-uptime-kuma + url: http://qnap:3001 + - title: Tautulli + icon: hl-tautulli + url: http://qnap:8182 + - title: Glances + icon: hl-glances + url: http://qnap:8083 + - title: Pihole + icon: hl-pihole + url: http://qnap:85/admin +- name: Snunmu Dashboards + items: + - title: Dash Dot + icon: hl-dashdot + url: http://snunmu:3010 + - title: Glances + icon: hl-glances + url: http://snunmu:8083 + - title: Pihole + icon: hl-pihole + url: http://snunmu:85/admin - - name: Media Stack - items: - - title: Plex - icon: hl-plex - url: http://qnap:32400 - statusCheck: false - - title: Sonarr - icon: hl-sonarr - url: http://qnap:8989 - - title: Radarr - icon: hl-radarr - url: http://qnap:7878 - - title: Overseerr - icon: hl-overseerr - url: https://overseerr.cianhatton.ie - - title: Jackett - icon: hl-jackett - url: http://qnap:9117 - statusCheckUrl: http://qnap:9117/health - - title: Qbittorrent - icon: hl-qbittorrent - url: http://qnap:15000 - - name: QNAP - widgets: - - type: gl-disk-space - options: - hostname: http://qnap:8083 - - type: crypto-watch-list - options: - currency: USD - sortBy: marketCap - assets: - - bitcoin - - ethereum - - cosmos - - evmos - - osmosis +- name: Media Stack + items: + - title: Plex + icon: hl-plex + url: http://qnap:32400 + statusCheck: false + - title: Sonarr + icon: hl-sonarr + url: http://qnap:8989 + - title: Radarr + icon: hl-radarr + url: http://qnap:7878 + - title: Overseerr + icon: hl-overseerr + url: https://overseerr.cianhatton.ie + - title: Jackett + icon: hl-jackett + url: http://qnap:9117 + statusCheckUrl: http://qnap:9117/health + - title: Qbittorrent + icon: hl-qbittorrent + url: http://qnap:15000 +- name: QNAP + widgets: + - type: gl-disk-space + options: + hostname: http://qnap:8083 + - type: crypto-watch-list + options: + currency: USD + sortBy: marketCap + assets: + - bitcoin + - ethereum + - cosmos + - evmos + - osmosis - - name: Snunmu - widgets: - - type: gl-disk-space - options: - hostname: http://snunmu:8083 +- name: Snunmu + widgets: + - type: gl-disk-space + options: + hostname: http://snunmu:8083 appConfig: statusCheck: true diff --git a/roles/setup_hosted_services/files/olivetin/config.yml b/roles/setup_hosted_services/files/olivetin/config.yml index 07e5740..210ffce 100644 --- a/roles/setup_hosted_services/files/olivetin/config.yml +++ b/roles/setup_hosted_services/files/olivetin/config.yml @@ -5,14 +5,14 @@ logLevel: INFO # Actions (buttons) to show up on the WebUI: actions: # Docs: https://docs.olivetin.app/action-container-control.html - - title: Restart Plex - icon: plex - shell: docker restart plex - timeout: 30 - - title: Restart Overseerr - icon: overseerr - shell: docker restart plex - timeout: 30 - - title: Restart VPN Stack - shell: docker restart surfshark sonarr radarr jackett qbittorrent - timeout: 90 +- title: Restart Plex + icon: plex + shell: docker restart plex + timeout: 30 +- title: Restart Overseerr + icon: overseerr + shell: docker restart plex + timeout: 30 +- title: Restart VPN Stack + shell: docker restart surfshark sonarr radarr jackett qbittorrent + timeout: 90 diff --git a/roles/setup_hosted_services/meta/main.yml b/roles/setup_hosted_services/meta/main.yml index ed7baaa..bcd2d6b 100644 --- a/roles/setup_hosted_services/meta/main.yml +++ b/roles/setup_hosted_services/meta/main.yml @@ -3,10 +3,10 @@ galaxy_info: namespace: chatton description: Deploy all my hosted services license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' galaxy_tags: [] platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all dependencies: [] diff --git a/roles/setup_hosted_services/tasks/main.yml b/roles/setup_hosted_services/tasks/main.yml index 4f9c65c..5280ce8 100644 --- a/roles/setup_hosted_services/tasks/main.yml +++ b/roles/setup_hosted_services/tasks/main.yml @@ -1,57 +1,56 @@ ---- - name: Install Modules for Python ansible.builtin.pip: name: - - boto3 + - boto3 - name: Docker | Pull images docker_image: name: '{{ item }}' source: pull with_items: - - ubuntu + - ubuntu - name: Create required directories (files). ansible.builtin.file: path: '{{ file_item.dest_directory }}' state: directory mode: '0755' - with_items: "{{ portainer_required_files }}" + with_items: '{{ portainer_required_files }}' loop_control: loop_var: file_item - name: Create required files. ansible.builtin.copy: - src: "{{ file_item.source_file }}" + src: '{{ file_item.source_file }}' dest: '{{ file_item.dest_directory }}/{{ file_item.dest_file_name }}' owner: root group: root mode: 0440 - with_items: "{{ portainer_required_files }}" + with_items: '{{ portainer_required_files }}' loop_control: loop_var: file_item - notify: "{{ file_item.handler }}" + notify: '{{ file_item.handler }}' - name: Create required directories (templates). ansible.builtin.file: path: '{{ file_template.dest_directory }}' state: directory mode: '0755' - with_items: "{{ portainer_required_templates }}" + with_items: '{{ portainer_required_templates }}' loop_control: loop_var: file_template - name: Create required templates. ansible.builtin.template: - src: "{{ file_template.source_file }}" - dest: "{{ file_template.dest_directory }}/{{ file_template.dest_file_name }}" + src: '{{ file_template.source_file }}' + dest: '{{ file_template.dest_directory }}/{{ file_template.dest_file_name }}' owner: root group: root mode: 0440 - with_items: "{{ portainer_required_templates }}" + with_items: '{{ portainer_required_templates }}' loop_control: loop_var: file_template - notify: "{{ file_template.handler }}" + notify: '{{ file_template.handler }}' - name: Create external docker networks. docker_network: @@ -62,30 +61,32 @@ ansible.builtin.include_role: name: deploy_portainer_stack vars: - portainer_stack_name: "{{ portainer_stack.name }}" - portainer_stack_endpoint_id: "{{ portainer_endpoint }}" - portainer_stack_template_vars: "{{ portainer_stack.template_vars | default({}) }}" - with_items: "{{ services }}" + portainer_stack_name: '{{ portainer_stack.name }}' + portainer_stack_endpoint_id: '{{ portainer_endpoint }}' + portainer_stack_template_vars: '{{ portainer_stack.template_vars | default({}) + }}' + with_items: '{{ services }}' loop_control: loop_var: portainer_stack - name: Install Ansible pull - tags: ["cron"] + tags: [cron] ansible.builtin.pip: name: - - ansible + - ansible # TODO: need to specify ansible pull directly, it doesn't find it when it's in PATH - name: Ensure Nightly Cron Backups - tags: ["cron"] + tags: [cron] ansible.builtin.cron: name: backup docker volumes (nightly) - weekday: "*" - minute: "0" - hour: "{{ cron_hour }}" - user: "{{ homelab_user }}" + weekday: '*' + minute: '0' + hour: '{{ cron_hour }}' + user: '{{ homelab_user }}' job: > {{ ansible_pull_path }} - -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=nightly >> ~/logs/nightly.log 2>&1 + -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml + -e schedule=nightly >> ~/logs/nightly.log 2>&1 cron_file: ansible_nightly_docker_volume_backup state: present diff --git a/roles/setup_linode/defaults/main-vault.yml b/roles/setup_linode/defaults/main-vault.yml index c261bc0..63033d7 100644 --- a/roles/setup_linode/defaults/main-vault.yml +++ b/roles/setup_linode/defaults/main-vault.yml @@ -1,12 +1,7 @@ -$ANSIBLE_VAULT;1.1;AES256 -38343033383061343739363362626366376630376337376639376235316665363736376362633830 -6638383135303063363866623262303736393337386364630a353533323537376437343033666334 -32353832353466343832643238313834616662333736363738353565623063316438393635343631 -6662366132396337320a326335353333306262666561353037356539633432376439666133386463 -30326230316634346431346266333030303435313065616665656362663164313638313639313633 -63343538653230653330383336386138643636333361326139346336646665366530343537663331 -61303639313335343162613838303034616362303935653862666166656634613562376330306165 -32373832666438623638616363363931636664633337396336653237356234616438623261353134 -62373463313235323233343734363561353237613439663534393537333964323932373837356564 -32383536613332323532633534306632373762666236366664383636323264363433396437666437 -323637336362613139633237316237666365 +$ANSIBLE_VAULT;1.1;AES256 38343033383061343739363362626366376630376337376639376235316665363736376362633830 +6638383135303063363866623262303736393337386364630a353533323537376437343033666334 32353832353466343832643238313834616662333736363738353565623063316438393635343631 +6662366132396337320a326335353333306262666561353037356539633432376439666133386463 30326230316634346431346266333030303435313065616665656362663164313638313639313633 +63343538653230653330383336386138643636333361326139346336646665366530343537663331 61303639313335343162613838303034616362303935653862666166656634613562376330306165 +32373832666438623638616363363931636664633337396336653237356234616438623261353134 62373463313235323233343734363561353237613439663534393537333964323932373837356564 +32383536613332323532633534306632373762666236366664383636323264363433396437666437 323637336362613139633237316237666365 +... diff --git a/roles/setup_linode/defaults/main.yml b/roles/setup_linode/defaults/main.yml index fc6d822..2775761 100644 --- a/roles/setup_linode/defaults/main.yml +++ b/roles/setup_linode/defaults/main.yml @@ -1,11 +1,11 @@ ssh_keys: - - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" +- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" label: simple-linode # hosts that are added to the generated .ini file. linode_hosts: - - user: root - ip: '{{ my_linode.instance.ipv4[0] }}' +- user: root + ip: '{{ my_linode.instance.ipv4[0] }}' # https://www.linode.com/community/questions/17190/obtain-a-list-of-image-and-plan-types-using-linode-apicli type: g6-standard-2 diff --git a/roles/setup_linode/meta/main.yml b/roles/setup_linode/meta/main.yml index d30c169..6afcf46 100644 --- a/roles/setup_linode/meta/main.yml +++ b/roles/setup_linode/meta/main.yml @@ -4,10 +4,10 @@ galaxy_info: description: Setup Linode instance license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all galaxy_tags: [] dependencies: [] diff --git a/roles/setup_linode/tasks/main.yml b/roles/setup_linode/tasks/main.yml index 81e2cfc..bbae963 100644 --- a/roles/setup_linode/tasks/main.yml +++ b/roles/setup_linode/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: Include vault variables. ansible.builtin.include_vars: defaults/main-vault.yml @@ -18,7 +17,7 @@ - name: Wait for SSH to come up delegate_to: localhost ansible.builtin.wait_for: - host: "{{ my_linode.instance.ipv4[0] }}" + host: '{{ my_linode.instance.ipv4[0] }}' port: 22 search_regex: OpenSSH timeout: 320 diff --git a/roles/setup_mergerfs/meta/main.yml b/roles/setup_mergerfs/meta/main.yml index 853fff9..2ece9b3 100644 --- a/roles/setup_mergerfs/meta/main.yml +++ b/roles/setup_mergerfs/meta/main.yml @@ -3,9 +3,9 @@ galaxy_info: namespace: chatton description: Configures Mergerfs license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all dependencies: [] diff --git a/roles/setup_mergerfs/tasks/main.yml b/roles/setup_mergerfs/tasks/main.yml index ebca19f..0bc0fb5 100644 --- a/roles/setup_mergerfs/tasks/main.yml +++ b/roles/setup_mergerfs/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: Mount Volumes ansible.builtin.mount: path: '{{ item.path }}' @@ -11,7 +10,7 @@ - name: Display volumes. ansible.builtin.debug: - var: "{{ volume_out }}" + var: '{{ volume_out }}' verbosity: 3 # tasks file for setup_mergerfs diff --git a/roles/setup_portainer/tasks/main.yml b/roles/setup_portainer/tasks/main.yml index a52ae6b..6d636ba 100644 --- a/roles/setup_portainer/tasks/main.yml +++ b/roles/setup_portainer/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: Portainer | Pull images docker_image: name: ubuntu @@ -24,13 +23,13 @@ labels: ie.cianhatton.backup.enabled: 'true' ie.cianhatton.backup.schedule: nightly - image: "portainer/portainer-ce:{{ portainer_version }}" + image: portainer/portainer-ce:{{ portainer_version }} container_name: portainer restart: unless-stopped ports: - - 9000:9000 + - 9000:9000 volumes: - - portainer_data:/data - - /var/run/docker.sock:/var/run/docker.sock + - portainer_data:/data + - /var/run/docker.sock:/var/run/docker.sock volumes: portainer_data: diff --git a/roles/setup_samba/defaults/main.yml b/roles/setup_samba/defaults/main.yml index 3f636d6..56f3e9a 100644 --- a/roles/setup_samba/defaults/main.yml +++ b/roles/setup_samba/defaults/main.yml @@ -1,5 +1,4 @@ ---- samba_group: smbgroup samba_user: smbuser users: - - name: cianhatton +- name: cianhatton diff --git a/roles/setup_samba/meta/main.yml b/roles/setup_samba/meta/main.yml index 5cd1659..43e6de8 100644 --- a/roles/setup_samba/meta/main.yml +++ b/roles/setup_samba/meta/main.yml @@ -4,11 +4,11 @@ galaxy_info: description: Setup Samba Shares for my Home Lab. license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all galaxy_tags: [] diff --git a/roles/setup_samba/tasks/main.yml b/roles/setup_samba/tasks/main.yml index 188c10b..defb4ad 100644 --- a/roles/setup_samba/tasks/main.yml +++ b/roles/setup_samba/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: Ensure samba group exists. ansible.builtin.group: name: '{{ samba_group }}' @@ -26,11 +25,11 @@ - name: Copy smb conf files. ansible.builtin.copy: src: '{{ item }}' - dest: "/etc/samba/{{ item }}" + dest: /etc/samba/{{ item }} mode: 0644 - owner: "{{ samba_user }}" - group: "{{ samba_group }}" + owner: '{{ samba_user }}' + group: '{{ samba_group }}' with_items: - - smb.conf - - shares.conf + - smb.conf + - shares.conf notify: reload-samba diff --git a/roles/setup_users/meta/main.yml b/roles/setup_users/meta/main.yml index a12128c..69bdffc 100644 --- a/roles/setup_users/meta/main.yml +++ b/roles/setup_users/meta/main.yml @@ -4,11 +4,11 @@ galaxy_info: description: Setup users for my Home Lab license: MIT - min_ansible_version: "2.1" + min_ansible_version: '2.1' platforms: - - name: Debian - versions: - - all + - name: Debian + versions: + - all galaxy_tags: [] diff --git a/roles/setup_users/tasks/main.yml b/roles/setup_users/tasks/main.yml index d9d2b29..7a8cdb0 100644 --- a/roles/setup_users/tasks/main.yml +++ b/roles/setup_users/tasks/main.yml @@ -2,8 +2,8 @@ - name: Install Packages. ansible.builtin.apt: pkg: - - sudo - - ufw + - sudo + - ufw state: latest update_cache: true @@ -37,21 +37,21 @@ - name: Copy Bashrc. ansible.builtin.copy: src: bash_rc - dest: "/home/{{ homelab_user }}/.bash_rc" - group: "{{ homelab_user }}" - owner: "{{ homelab_user }}" + dest: /home/{{ homelab_user }}/.bash_rc + group: '{{ homelab_user }}' + owner: '{{ homelab_user }}' mode: 0644 - name: Disable password authentication for root. ansible.builtin.lineinfile: path: /etc/ssh/sshd_config state: present - regexp: '^#?PermitRootLogin' - line: 'PermitRootLogin prohibit-password' + regexp: ^#?PermitRootLogin + line: PermitRootLogin prohibit-password - name: Disable password authentication for users. ansible.builtin.lineinfile: path: /etc/ssh/sshd_config state: present - regexp: '^#?PasswordAuthentication' - line: 'PasswordAuthentication no' + regexp: ^#?PasswordAuthentication + line: PasswordAuthentication no diff --git a/roles/sprat.mergerfs/.github/workflows/ci.yml b/roles/sprat.mergerfs/.github/workflows/ci.yml index be487cf..8b06169 100644 --- a/roles/sprat.mergerfs/.github/workflows/ci.yml +++ b/roles/sprat.mergerfs/.github/workflows/ci.yml @@ -1,9 +1,8 @@ ---- name: CI on: # yamllint disable-line rule:truthy push: schedule: - - cron: "0 5 * * 1" + - cron: 0 5 * * 1 jobs: # test the role @@ -12,57 +11,57 @@ jobs: strategy: matrix: config: - - image: geerlingguy/docker-centos8-ansible - mode: github_releases - - image: geerlingguy/docker-centos7-ansible - mode: github_releases - - image: geerlingguy/docker-fedora32-ansible - mode: github_releases - - image: geerlingguy/docker-fedora31-ansible - mode: github_releases - - image: geerlingguy/docker-fedora30-ansible - mode: github_releases - - image: geerlingguy/docker-ubuntu2004-ansible - mode: github_releases - - image: geerlingguy/docker-ubuntu2004-ansible - mode: package_manager - - image: geerlingguy/docker-ubuntu1804-ansible - mode: github_releases - - image: geerlingguy/docker-ubuntu1604-ansible - mode: github_releases - - image: geerlingguy/docker-debian10-ansible - mode: package_manager - - image: geerlingguy/docker-debian10-ansible - mode: github_releases - - image: geerlingguy/docker-debian9-ansible - mode: github_releases + - image: geerlingguy/docker-centos8-ansible + mode: github_releases + - image: geerlingguy/docker-centos7-ansible + mode: github_releases + - image: geerlingguy/docker-fedora32-ansible + mode: github_releases + - image: geerlingguy/docker-fedora31-ansible + mode: github_releases + - image: geerlingguy/docker-fedora30-ansible + mode: github_releases + - image: geerlingguy/docker-ubuntu2004-ansible + mode: github_releases + - image: geerlingguy/docker-ubuntu2004-ansible + mode: package_manager + - image: geerlingguy/docker-ubuntu1804-ansible + mode: github_releases + - image: geerlingguy/docker-ubuntu1604-ansible + mode: github_releases + - image: geerlingguy/docker-debian10-ansible + mode: package_manager + - image: geerlingguy/docker-debian10-ansible + mode: github_releases + - image: geerlingguy/docker-debian9-ansible + mode: github_releases steps: - - name: Checkout - uses: actions/checkout@v2 + - name: Checkout + uses: actions/checkout@v2 - - name: Setup Python 3 - uses: actions/setup-python@v2 - with: - python-version: '3.x' + - name: Setup Python 3 + uses: actions/setup-python@v2 + with: + python-version: 3.x - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install -r requirements.in + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.in - - name: Run molecule tests - env: - IMAGE: ${{ matrix.config.image }} - INSTALL_MODE: ${{ matrix.config.mode }} - run: molecule -v test + - name: Run molecule tests + env: + IMAGE: ${{ matrix.config.image }} + INSTALL_MODE: ${{ matrix.config.mode }} + run: molecule -v test # publish the role on ansible galaxy publish: needs: test runs-on: ubuntu-latest steps: - - name: Publish - uses: robertdebock/galaxy-action@1.1.0 - with: - galaxy_api_key: ${{ secrets.GALAXY_API_KEY }} + - name: Publish + uses: robertdebock/galaxy-action@1.1.0 + with: + galaxy_api_key: ${{ secrets.GALAXY_API_KEY }} diff --git a/roles/sprat.mergerfs/.yamllint.yml b/roles/sprat.mergerfs/.yamllint.yml index e896dbe..503a2e8 100644 --- a/roles/sprat.mergerfs/.yamllint.yml +++ b/roles/sprat.mergerfs/.yamllint.yml @@ -1,4 +1,3 @@ ---- extends: default ignore: | diff --git a/roles/sprat.mergerfs/defaults/main.yml b/roles/sprat.mergerfs/defaults/main.yml index 36de9e4..d18c9f9 100644 --- a/roles/sprat.mergerfs/defaults/main.yml +++ b/roles/sprat.mergerfs/defaults/main.yml @@ -1,4 +1,3 @@ ---- # Install mode: defines where to download and install the package from: # - "github_releases": install from Mergerfs' GitHub releases # - "package_manager": install from the Linux distribution package manager. diff --git a/roles/sprat.mergerfs/meta/main.yml b/roles/sprat.mergerfs/meta/main.yml index 498764f..44e0098 100644 --- a/roles/sprat.mergerfs/meta/main.yml +++ b/roles/sprat.mergerfs/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: Sylvain Prat role_name: mergerfs @@ -8,23 +7,23 @@ galaxy_info: company: none min_ansible_version: 2.3 platforms: - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all - - name: Fedora - versions: - - all - - name: EL - versions: - - all + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all + - name: Fedora + versions: + - all + - name: EL + versions: + - all galaxy_tags: - - mergerfs - - union - - filesystem - - disk - - mount + - mergerfs + - union + - filesystem + - disk + - mount dependencies: [] diff --git a/roles/sprat.mergerfs/molecule/default/converge.yml b/roles/sprat.mergerfs/molecule/default/converge.yml index e972edd..7462468 100644 --- a/roles/sprat.mergerfs/molecule/default/converge.yml +++ b/roles/sprat.mergerfs/molecule/default/converge.yml @@ -1,11 +1,10 @@ ---- - name: Converge hosts: all vars: mergerfs_mounts: - - path: /mnt/storage - branches: - - /mnt/data* - options: allow_other,use_ino + - path: /mnt/storage + branches: + - /mnt/data* + options: allow_other,use_ino roles: - - role: ansible-role-mergerfs + - role: ansible-role-mergerfs diff --git a/roles/sprat.mergerfs/molecule/default/molecule.yml b/roles/sprat.mergerfs/molecule/default/molecule.yml index 4309a0f..e23fb27 100644 --- a/roles/sprat.mergerfs/molecule/default/molecule.yml +++ b/roles/sprat.mergerfs/molecule/default/molecule.yml @@ -1,16 +1,15 @@ ---- dependency: name: galaxy driver: name: docker lint: yamllint -s . && ansible-lint . && flake8 platforms: - - name: instance - image: ${IMAGE:-geerlingguy/docker-ubuntu2004-ansible} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true +- name: instance + image: ${IMAGE:-geerlingguy/docker-ubuntu2004-ansible} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true provisioner: name: ansible inventory: diff --git a/roles/sprat.mergerfs/molecule/default/prepare.yml b/roles/sprat.mergerfs/molecule/default/prepare.yml index 358fc3f..bd162bd 100644 --- a/roles/sprat.mergerfs/molecule/default/prepare.yml +++ b/roles/sprat.mergerfs/molecule/default/prepare.yml @@ -1,25 +1,24 @@ ---- - name: Prepare hosts: all tasks: - - name: Create directories - become: true - file: - path: "{{ item }}" - state: directory - loop: - - /mnt/data1 - - /mnt/data2 + - name: Create directories + become: true + file: + path: '{{ item }}' + state: directory + loop: + - /mnt/data1 + - /mnt/data2 - - name: Create data files - become: true - copy: - content: "{{ item.content }}\n" - dest: "{{ item.path }}" - loop: - - path: /mnt/data1/file1.txt - content: file1 - - path: /mnt/data2/file2.txt - content: file2 - - path: /mnt/data2/file3.txt - content: file3 + - name: Create data files + become: true + copy: + content: "{{ item.content }}\n" + dest: '{{ item.path }}' + loop: + - path: /mnt/data1/file1.txt + content: file1 + - path: /mnt/data2/file2.txt + content: file2 + - path: /mnt/data2/file3.txt + content: file3 diff --git a/roles/sprat.mergerfs/tasks/install_from_github_releases.yml b/roles/sprat.mergerfs/tasks/install_from_github_releases.yml index de8f333..d32f638 100644 --- a/roles/sprat.mergerfs/tasks/install_from_github_releases.yml +++ b/roles/sprat.mergerfs/tasks/install_from_github_releases.yml @@ -1,4 +1,3 @@ ---- # Note: we don't use the GitHub API to retrieve the latest version because # it has rate limits which are hard to avoid in CI (we need a token, authenticate # with the API, etc.). Instead, we browse the latest release url which redirects @@ -9,7 +8,7 @@ block: - name: Get latest release information from GitHub uri: - url: "{{ mergerfs_github_releases_url }}/latest" + url: '{{ mergerfs_github_releases_url }}/latest' register: mergerfs_github_release_page - name: Set latest mergerfs version fact set_fact: @@ -18,8 +17,8 @@ - name: Determine package download url set_fact: - mergerfs_package_url: "{{ mergerfs_github_releases_url }}/download/{{ mergerfs_version }}/\ - {{ mergerfs_pkg_prefix }}{{ mergerfs_version }}{{ mergerfs_pkg_suffix }}" + mergerfs_package_url: '{{ mergerfs_github_releases_url }}/download/{{ mergerfs_version + }}/{{ mergerfs_pkg_prefix }}{{ mergerfs_version }}{{ mergerfs_pkg_suffix }}' - name: Install xz-utils package for .deb package installation become: true @@ -32,7 +31,7 @@ - name: Install mergerfs package with apt become: true apt: - deb: "{{ mergerfs_package_url }}" + deb: '{{ mergerfs_package_url }}' state: present update_cache: true when: ansible_pkg_mgr == 'apt' @@ -40,7 +39,7 @@ - name: Install mergerfs package with yum become: true yum: - name: "{{ mergerfs_package_url }}" + name: '{{ mergerfs_package_url }}' state: present disable_gpg_check: true # the package is not signed when: ansible_pkg_mgr == 'yum' @@ -48,7 +47,7 @@ - name: Install mergerfs package with dnf become: true dnf: - name: "{{ mergerfs_package_url }}" + name: '{{ mergerfs_package_url }}' state: present disable_gpg_check: true # the package is not signed when: ansible_pkg_mgr == 'dnf' diff --git a/roles/sprat.mergerfs/tasks/install_from_package_manager.yml b/roles/sprat.mergerfs/tasks/install_from_package_manager.yml index 5ce2631..70ed6e1 100644 --- a/roles/sprat.mergerfs/tasks/install_from_package_manager.yml +++ b/roles/sprat.mergerfs/tasks/install_from_package_manager.yml @@ -1,4 +1,3 @@ ---- - name: Install mergerfs package with package manager become: true package: diff --git a/roles/sprat.mergerfs/tasks/main.yml b/roles/sprat.mergerfs/tasks/main.yml index 1229f1c..9e47560 100644 --- a/roles/sprat.mergerfs/tasks/main.yml +++ b/roles/sprat.mergerfs/tasks/main.yml @@ -1,34 +1,33 @@ ---- - name: Include OS-specific variables - include_vars: "{{ ansible_os_family }}.yml" + include_vars: '{{ ansible_os_family }}.yml' tags: - - mergerfs + - mergerfs - name: Install mergerfs prerequisites become: true package: - name: "{{ mergerfs_prerequisites }}" + name: '{{ mergerfs_prerequisites }}' state: present update_cache: true tags: - - mergerfs - - mergerfs_install + - mergerfs + - mergerfs_install - name: Include install tasks import_tasks: install_from_{{ mergerfs_install_mode }}.yml tags: - - mergerfs - - mergerfs_install + - mergerfs + - mergerfs_install - name: Mount mergerfs filesystems become: true mount: fstype: fuse.mergerfs src: "{{ ':'.join(item.branches | mandatory) }}" - path: "{{ item.path | mandatory }}" + path: '{{ item.path | mandatory }}' opts: "{{ item.options | default('defaults') }}" state: "{{ item.state | default('mounted') }}" - loop: "{{ mergerfs_mounts }}" + loop: '{{ mergerfs_mounts }}' tags: - - mergerfs - - mergerfs_mount + - mergerfs + - mergerfs_mount diff --git a/roles/sprat.mergerfs/vars/Debian.yml b/roles/sprat.mergerfs/vars/Debian.yml index ff3d38c..9c164e1 100644 --- a/roles/sprat.mergerfs/vars/Debian.yml +++ b/roles/sprat.mergerfs/vars/Debian.yml @@ -1,12 +1,12 @@ ---- mergerfs_prerequisites: - - fuse -mergerfs_dist: "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}" +- fuse +mergerfs_dist: '{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}' mergerfs_arch_map: x86_64: amd64 i386: i386 aarch64: arm64 armv7l: armhf -mergerfs_arch: "{{ mergerfs_arch_map[ansible_userspace_architecture | default(ansible_architecture) ] }}" -mergerfs_pkg_prefix: "mergerfs_" -mergerfs_pkg_suffix: ".{{ mergerfs_dist }}_{{ mergerfs_arch }}.deb" +mergerfs_arch: '{{ mergerfs_arch_map[ansible_userspace_architecture | default(ansible_architecture) + ] }}' +mergerfs_pkg_prefix: mergerfs_ +mergerfs_pkg_suffix: .{{ mergerfs_dist }}_{{ mergerfs_arch }}.deb diff --git a/roles/sprat.mergerfs/vars/RedHat.yml b/roles/sprat.mergerfs/vars/RedHat.yml index 2ab4da1..5a8a040 100644 --- a/roles/sprat.mergerfs/vars/RedHat.yml +++ b/roles/sprat.mergerfs/vars/RedHat.yml @@ -1,7 +1,7 @@ ---- mergerfs_prerequisites: - - fuse -mergerfs_dist: "{{ 'fc' if ansible_distribution == 'Fedora' else 'el' }}{{ ansible_distribution_major_version }}" -mergerfs_arch: "{{ ansible_userspace_architecture }}" -mergerfs_pkg_prefix: "mergerfs-" -mergerfs_pkg_suffix: "-1.{{ mergerfs_dist }}.{{ mergerfs_arch }}.rpm" +- fuse +mergerfs_dist: "{{ 'fc' if ansible_distribution == 'Fedora' else 'el' }}{{ ansible_distribution_major_version\ + \ }}" +mergerfs_arch: '{{ ansible_userspace_architecture }}' +mergerfs_pkg_prefix: mergerfs- +mergerfs_pkg_suffix: -1.{{ mergerfs_dist }}.{{ mergerfs_arch }}.rpm