From 4f3e9b552ce862e002cb38ef8f5c5363bdfe1c76 Mon Sep 17 00:00:00 2001
From: Cian Hatton <cianhatton@gmail.com>
Date: Tue, 30 Aug 2022 22:30:59 +0100
Subject: [PATCH] adding formatting

---
 Makefile                                      |   9 +
 group_vars/linodes.yml                        |  27 ++-
 group_vars/servers.yml                        |  23 ++-
 host_vars/qnap.yml                            |  83 ++++----
 playbooks/bootstrap.yml                       |  11 +-
 playbooks/setup-homelab.yml                   |  57 +++---
 playbooks/setup-linode.yml                    |   7 +-
 playbooks/verify-homelab.yml                  |  76 +++----
 requirements.txt                              |   3 +-
 roles/bootstrap/tasks/main.yml                |   9 +-
 roles/setup_docker/tasks/main.yml             |  18 +-
 roles/setup_hosted_services/defaults/main.yml |   3 +-
 .../files/dashboards/dashy-config.yml         | 185 +++++++++---------
 .../files/olivetin/config.yml                 |  34 ++--
 roles/setup_hosted_services/handlers/main.yml |   3 +-
 roles/setup_hosted_services/tasks/main.yml    | 105 +++++-----
 roles/setup_linode/defaults/main-vault.yml    |  19 +-
 roles/setup_linode/defaults/main.yml          |   5 +-
 roles/setup_linode/tasks/main.yml             |  22 +--
 roles/setup_linode/vars/main.yml              |   4 +-
 roles/setup_mergerfs/tasks/main.yml           |   9 +-
 .../setup_portainer/files/docker-compose.yml  |  13 +-
 roles/setup_portainer/tasks/main.yml          |  46 ++---
 roles/setup_samba/defaults/main.yml           |  11 +-
 roles/setup_samba/handlers/main.yml           |   1 -
 roles/setup_samba/tasks/main.yml              |  41 ++--
 roles/setup_users/tasks/main.yml              |  20 +-
 scripts/format_all_yaml.sh                    |  15 ++
 28 files changed, 423 insertions(+), 436 deletions(-)
 create mode 100755 scripts/format_all_yaml.sh

diff --git a/Makefile b/Makefile
index c3d4d75..53d93b3 100644
--- a/Makefile
+++ b/Makefile
@@ -17,3 +17,12 @@ verify:
 deps:
 	pip install -r requirements.txt
 	ansible-galaxy install -r requirements.yml
+
+format:
+	scripts/format_all_yaml.sh
+
+lint:
+	ansible-lint host_vars
+	ansible-lint group_vars
+	ansible-lint roles
+	ansible-lint playbooks
diff --git a/group_vars/linodes.yml b/group_vars/linodes.yml
index 81839d9..db916a4 100644
--- a/group_vars/linodes.yml
+++ b/group_vars/linodes.yml
@@ -1,25 +1,24 @@
----
 # all encrypted variables should go in the linked file.
 vault_file: vault_vars/linode-vault.yml
 # any linode specific variables go here
 services:
-  - name: gitea
-  - name: mealie
-  - name: linkding
-  - name: overseerr
-  - name: nextcloud
-  - name: nginx-proxy-manager
-  - name: uptime-kuma
-  - name: docker-volume-backup
-  - name: mariadb
-  - name: photoprism
-  - name: olivetin
+- name: gitea
+- name: mealie
+- name: linkding
+- name: overseerr
+- name: nextcloud
+- name: nginx-proxy-manager
+- name: uptime-kuma
+- name: docker-volume-backup
+- name: mariadb
+- name: photoprism
+- name: olivetin
 
 # any additional docker networks that should be created
 docker_networks:
-  - mariadb_net
+- mariadb_net
 
 # use docker compose
-container_deployment_mode: "compose"
+container_deployment_mode: compose
 
 restore_from_s3: false
diff --git a/group_vars/servers.yml b/group_vars/servers.yml
index bcd0754..13b7693 100644
--- a/group_vars/servers.yml
+++ b/group_vars/servers.yml
@@ -1,8 +1,7 @@
----
 backups:
   schedule_keys:
-    monthly: "monthly"
-    nightly: "nightly"
+    monthly: monthly
+    nightly: nightly
 
 # TODO: docker_volume_backup exists in vault. Clean this up.
 dockervolumebackup:
@@ -30,15 +29,15 @@ configure_samba: true
 samba_group: smbgroup
 samba_user: smbuser
 users:
-  - name: cianhatton
-    group: cianhatton
-    passwordless_sudo: true
+- name: cianhatton
+  group: cianhatton
+  passwordless_sudo: true
 
 shares:
-  - /share
-  - /share/public_files
-  - /share/private_files
-  - /share/cian_files
+- /share
+- /share/public_files
+- /share/private_files
+- /share/cian_files
 
 directories:
   # path on qnap where downloads go
@@ -57,5 +56,5 @@ directories:
   photoprism_dir: /mnt/mergerfs/photoprism
 
 desired_docker_images:
-  - ubuntu:latest
-  - busybox:latest
+- ubuntu:latest
+- busybox:latest
diff --git a/host_vars/qnap.yml b/host_vars/qnap.yml
index e0f4268..fcaacb1 100644
--- a/host_vars/qnap.yml
+++ b/host_vars/qnap.yml
@@ -1,4 +1,3 @@
----
 # all encrypted variables should go in the linked file.
 vault_file: vault_vars/qnap-vault.yml
 # any qnap specific variables go here
@@ -6,56 +5,56 @@ mounts:
 - path: /mnt/mergerfs
   state: mounted
   branches:
-    - "/mnt/data/device0"
-    - "/mnt/data/device1"
-    - "/mnt/data/device2"
+  - /mnt/data/device0
+  - /mnt/data/device1
+  - /mnt/data/device2
   options: allow_other,use_ino
 
 devices:
-  - uuid: "a54c1bde-1400-4975-bf24-08c603ca3a11" # /dev/sdc1
-    path: "/mnt/data/device0"
-  - uuid: "727dddaa-f7a1-439a-995f-5f4d35322e08" # /dev/sdd1
-    path: "/mnt/data/device1"
-  - uuid: "f3cff115-9adc-4761-b1e9-e81055f3e0af" # /dev/sda1
-    path: "/mnt/data/device2"
+- uuid: a54c1bde-1400-4975-bf24-08c603ca3a11     # /dev/sdc1
+  path: /mnt/data/device0
+- uuid: 727dddaa-f7a1-439a-995f-5f4d35322e08     # /dev/sdd1
+  path: /mnt/data/device1
+- uuid: f3cff115-9adc-4761-b1e9-e81055f3e0af     # /dev/sda1
+  path: /mnt/data/device2
     # SSD for downloads / transcoding
-  - uuid: "c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec" # /dev/sdf
-    path: "/mnt/ssd0/"
+- uuid: c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec     # /dev/sdf
+  path: /mnt/ssd0/
 
 services:
-  - name: gitea
-    endpoint_id: 2
-  - name: mealie
-    endpoint_id: 2
-  - name: linkding
-    endpoint_id: 2
-  - name: overseerr
-    endpoint_id: 2
-  - name: nextcloud
-    endpoint_id: 2
-  - name: dashboards
-    endpoint_id: 2
-  - name: nginx-proxy-manager
-    endpoint_id: 2
-  - name: plex
-    endpoint_id: 2
-  - name: uptime-kuma
-    endpoint_id: 2
-  - name: vpn-stack
-    endpoint_id: 2
-  - name: docker-volume-backup
-    endpoint_id: 2
-  - name: mariadb
-    endpoint_id: 2
-  - name: photoprism
-    endpoint_id: 2
-  - name: olivetin
-    endpoint_id: 2
+- name: gitea
+  endpoint_id: 2
+- name: mealie
+  endpoint_id: 2
+- name: linkding
+  endpoint_id: 2
+- name: overseerr
+  endpoint_id: 2
+- name: nextcloud
+  endpoint_id: 2
+- name: dashboards
+  endpoint_id: 2
+- name: nginx-proxy-manager
+  endpoint_id: 2
+- name: plex
+  endpoint_id: 2
+- name: uptime-kuma
+  endpoint_id: 2
+- name: vpn-stack
+  endpoint_id: 2
+- name: docker-volume-backup
+  endpoint_id: 2
+- name: mariadb
+  endpoint_id: 2
+- name: photoprism
+  endpoint_id: 2
+- name: olivetin
+  endpoint_id: 2
 
 # any additional docker networks that should be created
 docker_networks:
-  - mariadb_net
+- mariadb_net
 
 # use portainer
-container_deployment_mode: "portainer"
+container_deployment_mode: portainer
 restore_from_s3: true
diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml
index 5a23f56..b0287c7 100644
--- a/playbooks/bootstrap.yml
+++ b/playbooks/bootstrap.yml
@@ -1,4 +1,3 @@
----
 # needs to be run with a different user with access to create ansible key and user.
 # e.g.
 # ansible-playbook bootstrap.yml -e ansible_ssh_user=cianhatton
@@ -8,12 +7,12 @@
   hosts: localhost
   connection: local
   tasks:
-    - name: Generate an OpenSSH rsa keypair for ansible
-      community.crypto.openssh_keypair:
-        path: ~/.ssh/ansible
-        passphrase: ""
+  - name: Generate an OpenSSH rsa keypair for ansible
+    community.crypto.openssh_keypair:
+      path: ~/.ssh/ansible
+      passphrase: ''
 
 - hosts: all
   become: true
   roles:
-    - role: bootstrap
+  - role: bootstrap
diff --git a/playbooks/setup-homelab.yml b/playbooks/setup-homelab.yml
index 67d8af8..26ad76d 100644
--- a/playbooks/setup-homelab.yml
+++ b/playbooks/setup-homelab.yml
@@ -1,54 +1,53 @@
----
 - name: Update packages and ensure users on all hosts
-  tags: ["always"]
+  tags: [always]
   hosts: all
   become: true
   pre_tasks:
-    - name: Update Packages
-      apt:
-        upgrade: dist
-        update_cache: true
+  - name: Update Packages
+    apt:
+      upgrade: dist
+      update_cache: true
   roles:
-    - role: setup_users
+  - role: setup_users
 
 - name: Install docker on docker hosts
   hosts: dockerhosts
   become: true
   roles:
-    - role: setup_docker
-      tags: ["setup","docker"]
+  - role: setup_docker
+    tags: [setup, docker]
 
 - name: Setup and deploy services on the QNAP
   hosts: qnap
   become: true
   pre_tasks:
-    - name: Include vault variables.
-      include_vars: "{{vault_file}}"
-      tags: ["always"]
+  - name: Include vault variables.
+    include_vars: '{{vault_file}}'
+    tags: [always]
 
   roles:
-    - role: setup_mergerfs
-      tags: ["mergerfs"]
-    - role: setup_samba
-      tags: ["samba"]
-    - role: setup_portainer
-      tags: ["services", "portainer"]
-    - role: setup_hosted_services
-      tags: ["services"]
+  - role: setup_mergerfs
+    tags: [mergerfs]
+  - role: setup_samba
+    tags: [samba]
+  - role: setup_portainer
+    tags: [services, portainer]
+  - role: setup_hosted_services
+    tags: [services]
 
 
 - hosts: linodes
   become: true
 
   pre_tasks:
-    - name: Include vault variables.
-      include_vars: "{{vault_file}}"
-      tags: ["always"]
+  - name: Include vault variables.
+    include_vars: '{{vault_file}}'
+    tags: [always]
 
   roles:
-    - role: setup_samba
-      tags: ["samba"]
-    - role: setup_docker
-      tags: ["docker"]
-    - role: setup_hosted_services
-      tags: ["services"]
+  - role: setup_samba
+    tags: [samba]
+  - role: setup_docker
+    tags: [docker]
+  - role: setup_hosted_services
+    tags: [services]
diff --git a/playbooks/setup-linode.yml b/playbooks/setup-linode.yml
index 9d39165..e6bf949 100644
--- a/playbooks/setup-linode.yml
+++ b/playbooks/setup-linode.yml
@@ -1,7 +1,6 @@
----
 - hosts: localhost
   become: true
   roles:
-    - role: 'roles/setup_linode'
-      vars:
-        state: present
+  - role: roles/setup_linode
+    vars:
+      state: present
diff --git a/playbooks/verify-homelab.yml b/playbooks/verify-homelab.yml
index e9cee4e..4fd0c83 100644
--- a/playbooks/verify-homelab.yml
+++ b/playbooks/verify-homelab.yml
@@ -1,48 +1,48 @@
 - hosts: all
   become: true
   pre_tasks:
-    - name: Include vault variables.
-      include_vars: '../{{vault_file}}'
-      tags:
-        - always
+  - name: Include vault variables.
+    include_vars: ../{{vault_file}}
+    tags:
+    - always
   tasks:
-    - name: Docker Compose Files Exist
-      command: >-
-        stat {{directories.docker_compose_directory}}/{{ item.name }}/docker-compose.yml
-      with_items: '{{services}}'
-      changed_when: false
-      register: docker_compose_stat
+  - name: Docker Compose Files Exist
+    command: >-
+      stat {{directories.docker_compose_directory}}/{{ item.name }}/docker-compose.yml
+    with_items: '{{services}}'
+    changed_when: false
+    register: docker_compose_stat
 
-    - name: Assert all Docker Compose files were created
-      assert:
-        that: item.rc == 0
-      with_items: '{{docker_compose_stat.results}}'
+  - name: Assert all Docker Compose files were created
+    assert:
+      that: item.rc == 0
+    with_items: '{{docker_compose_stat.results}}'
 
-    - name: Populate service facts
-      service_facts: {}
-    - name: Assert docker is installed and started
-      assert:
-        that:
-          - ansible_facts.services.docker.state == "running"
-          - ansible_facts.services['docker.service'].status == "enabled"
-    - name: Inspect all images
-      docker_image_info: {}
-      register: image_details
-    - name: Assert desired images exist
-      assert:
-        that: {{item in image_details.images | map(attribute='RepoTags') | flatten }}
-      with_items: '{{desired_docker_images}}'
+  - name: Populate service facts
+    service_facts: {}
+  - name: Assert docker is installed and started
+    assert:
+      that:
+      - ansible_facts.services.docker.state == "running"
+      - ansible_facts.services['docker.service'].status == "enabled"
+  - name: Inspect all images
+    docker_image_info: {}
+    register: image_details
+  - name: Assert desired images exist
+    assert:
+      that: {{item in image_details.images | map(attribute='RepoTags') | flatten: !!null ''}: !!null ''}
+    with_items: '{{desired_docker_images}}'
 
-    - name: Fetch Sudoers Files
-      command: 'stat /etc/sudoers.d/{{item.name}}'
-      changed_when: false
-      register: sudoers_stat
-      with_items: '{{users}}'
-      when: item.passwordless_sudo == true
+  - name: Fetch Sudoers Files
+    command: stat /etc/sudoers.d/{{item.name}}
+    changed_when: false
+    register: sudoers_stat
+    with_items: '{{users}}'
+    when: item.passwordless_sudo == true
 
-    - name: Assert sudoers files are created
-      assert:
-        that: item.rc == 0
-      with_items: '{{sudoers_stat.results}}'
+  - name: Assert sudoers files are created
+    assert:
+      that: item.rc == 0
+    with_items: '{{sudoers_stat.results}}'
 
 
diff --git a/requirements.txt b/requirements.txt
index 34c11c1..5a41902 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -49,7 +49,7 @@ PyYAML==6.0
 requests==2.28.1
 resolvelib==0.8.1
 rich==12.5.1
-ruamel.yaml==0.17.21
+ruamel.yaml==0.15.100
 ruamel.yaml.clib==0.2.6
 six==1.16.0
 subprocess-tee==0.3.5
@@ -57,5 +57,6 @@ text-unidecode==1.3
 typing_extensions==4.3.0
 urllib3==1.26.12
 wcmatch==8.4
+yamlfmt==1.1.0
 yamllint==1.27.1
 zipp==3.8.1
diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml
index 5b4793c..8512ab4 100644
--- a/roles/bootstrap/tasks/main.yml
+++ b/roles/bootstrap/tasks/main.yml
@@ -1,10 +1,3 @@
-# @meta author: Cian Hatton
-# @meta description: >
-# Role to bootstrap a target host. This role will add an ansible
-# user and allow paswordless sudo.
-# @end
-
----
 - name: Update Packages
   apt:
     upgrade: dist
@@ -18,7 +11,7 @@
 
 - name: Add ssh key for ansible
   authorized_key:
-    user: "ansible"
+    user: ansible
     state: present
     key: "{{ lookup('file', '~/.ssh/ansible.pub') }}"
 
diff --git a/roles/setup_docker/tasks/main.yml b/roles/setup_docker/tasks/main.yml
index 78cba8b..89345af 100644
--- a/roles/setup_docker/tasks/main.yml
+++ b/roles/setup_docker/tasks/main.yml
@@ -9,11 +9,11 @@
 - name: Install packages using apt
   apt:
     name:
-      - ca-certificates
-      - curl
-      - gnupg2
-      - lsb-release
-      - pip
+    - ca-certificates
+    - curl
+    - gnupg2
+    - lsb-release
+    - pip
     state: present
     update_cache: yes
 
@@ -31,10 +31,10 @@
 - name: Install docker packages using apt
   apt:
     name:
-      - docker-ce
-      - docker-ce-cli
-      - containerd.io
-      - docker-compose-plugin
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    - docker-compose-plugin
     state: present
     update_cache: yes
 
diff --git a/roles/setup_hosted_services/defaults/main.yml b/roles/setup_hosted_services/defaults/main.yml
index ed97d53..6d800ee 100644
--- a/roles/setup_hosted_services/defaults/main.yml
+++ b/roles/setup_hosted_services/defaults/main.yml
@@ -1 +1,2 @@
----
+null
+...
diff --git a/roles/setup_hosted_services/files/dashboards/dashy-config.yml b/roles/setup_hosted_services/files/dashboards/dashy-config.yml
index 2f64ba3..c26e6d4 100644
--- a/roles/setup_hosted_services/files/dashboards/dashy-config.yml
+++ b/roles/setup_hosted_services/files/dashboards/dashy-config.yml
@@ -1,101 +1,96 @@
-# https://github.com/Lissy93/dashy/blob/master/docs/showcase.md
-# Details about config.
-# https://github.com/Lissy93/dashy/blob/master/docs/configuring.md
-# Widgets: https://github.com/Lissy93/dashy/blob/master/docs/widgets.md
----
 pageInfo:
   title: Home Lab
 sections:
-  - name: Dashboards
-    widgets:
-      - type: gl-disk-space
-        options:
-          hostname: http://qnap:8083
-      - type: crypto-watch-list
-        options:
-          currency: GBP
-          sortBy: marketCap
-          assets:
-            - bitcoin
-            - ethereum
-            - cosmos
-            - polkadot
-            - dogecoin
-    items:
-      - title: Dash Dot
-        icon: hl-dashdot
-        url: "http://qnap:3010"
-      - title: Uptime Kuma
-        icon: hl-uptime-kuma
-        url: "http://qnap:3001"
-      - title: Tautulli
-        icon: hl-tautulli
-        url: "http://qnap:8182"
-      - title: Glances
-        icon: hl-glances
-        url: "http://qnap:8083"
-  - name: Media Stack
-    items:
-      - title: Plex
-        icon: hl-plex
-        url: "http://qnap:32400"
-        statusCheck: false
-      - title: Sonarr
-        icon: hl-sonarr
-        url: "http://qnap:8989"
-      - title: Radarr
-        icon: hl-radarr
-        url: "http://qnap:7878"
-      - title: Overseerr
-        icon: hl-overseerr
-        url: "http://qnap:5055"
-      - title: Jackett
-        icon: hl-jackett
-        url: "http://qnap:9117"
-        statusCheckUrl: "http://qnap:9117/health"
-      - title: Qbittorrent
-        icon: hl-qbittorrent
-        url: "http://qnap:15000"
-  - name: Tools
-    items:
-      - title: Photoprism
-        description: Manager photos
-        icon: hl-photoprism
-        url: "http://qnap:2342"
-      - title: Olivetin
-        description: Run pre-defined shell commands
-        icon: hl-olivetin
-        url: "http://qnap:1337"
-      - title: Linkding
-        description: Manager photos
-        icon: hl-linkding
-        url: "http://qnap:9090"
-      - title: Nextcloud
-        icon: hl-nextcloud
-        url: "http://qnap:8081"
-      - title: Mealie
-        icon: hl-mealie
-        url: "https://mealie.cianhatton.ie"
-      - title: Gitea
-        icon: hl-gitea
-        url: "https://git.cianhatton.ie"
-  - name: System Admin
-    items:
-      - title: Portainer
-        description: Manage docker apps using Portainer
-        icon: hl-portainer
-        url: "http://qnap:9000"
-      - title: Webmin
-        icon: hl-webmin
-        url: "http://qnap:10000"
-      - title: Adminer
-        description: Manage MariaDB
-        icon: hl-adminer
-        url: "http://qnap:3307"
-      - title: Nginx Proxy Manager
-        description: Manage reverse proxies
-        icon: hl-nginx
-        url: "http://qnap:8181"
+- name: Dashboards
+  widgets:
+  - type: gl-disk-space
+    options:
+      hostname: http://qnap:8083
+  - type: crypto-watch-list
+    options:
+      currency: GBP
+      sortBy: marketCap
+      assets:
+      - bitcoin
+      - ethereum
+      - cosmos
+      - polkadot
+      - dogecoin
+  items:
+  - title: Dash Dot
+    icon: hl-dashdot
+    url: http://qnap:3010
+  - title: Uptime Kuma
+    icon: hl-uptime-kuma
+    url: http://qnap:3001
+  - title: Tautulli
+    icon: hl-tautulli
+    url: http://qnap:8182
+  - title: Glances
+    icon: hl-glances
+    url: http://qnap:8083
+- name: Media Stack
+  items:
+  - title: Plex
+    icon: hl-plex
+    url: http://qnap:32400
+    statusCheck: false
+  - title: Sonarr
+    icon: hl-sonarr
+    url: http://qnap:8989
+  - title: Radarr
+    icon: hl-radarr
+    url: http://qnap:7878
+  - title: Overseerr
+    icon: hl-overseerr
+    url: http://qnap:5055
+  - title: Jackett
+    icon: hl-jackett
+    url: http://qnap:9117
+    statusCheckUrl: http://qnap:9117/health
+  - title: Qbittorrent
+    icon: hl-qbittorrent
+    url: http://qnap:15000
+- name: Tools
+  items:
+  - title: Photoprism
+    description: Manager photos
+    icon: hl-photoprism
+    url: http://qnap:2342
+  - title: Olivetin
+    description: Run pre-defined shell commands
+    icon: hl-olivetin
+    url: http://qnap:1337
+  - title: Linkding
+    description: Manager photos
+    icon: hl-linkding
+    url: http://qnap:9090
+  - title: Nextcloud
+    icon: hl-nextcloud
+    url: http://qnap:8081
+  - title: Mealie
+    icon: hl-mealie
+    url: https://mealie.cianhatton.ie
+  - title: Gitea
+    icon: hl-gitea
+    url: https://git.cianhatton.ie
+- name: System Admin
+  items:
+  - title: Portainer
+    description: Manage docker apps using Portainer
+    icon: hl-portainer
+    url: http://qnap:9000
+  - title: Webmin
+    icon: hl-webmin
+    url: http://qnap:10000
+  - title: Adminer
+    description: Manage MariaDB
+    icon: hl-adminer
+    url: http://qnap:3307
+  - title: Nginx Proxy Manager
+    description: Manage reverse proxies
+    icon: hl-nginx
+    url: http://qnap:8181
 appConfig:
   statusCheck: true
   showSplashScreen: false
diff --git a/roles/setup_hosted_services/files/olivetin/config.yml b/roles/setup_hosted_services/files/olivetin/config.yml
index fb5c376..74bad8a 100644
--- a/roles/setup_hosted_services/files/olivetin/config.yml
+++ b/roles/setup_hosted_services/files/olivetin/config.yml
@@ -1,23 +1,23 @@
 # Listen on all addresses available, port 1337
 listenAddressSingleHTTPFrontend: 0.0.0.0:1337
 # Choose from INFO (default), WARN and DEBUG
-logLevel: "INFO"
+logLevel: INFO
 # Actions (buttons) to show up on the WebUI:
 actions:
   # Docs: https://docs.olivetin.app/action-container-control.html
-  - title: Restart Plex
-    icon: plex
-    shell: docker restart plex
-    timeout: 30
-  - title: Restart Dashy
-    icon: restart
-    shell: docker restart dashy
-    timeout: 30
-  - title: Restart Dashy 2
-    icon: restart
-    shell: docker restart dashy
-    timeout: 30
-  - title: Restart Olivetin
-    icon: restart
-    shell: docker restart olivetin
-    timeout: 30
+- title: Restart Plex
+  icon: plex
+  shell: docker restart plex
+  timeout: 30
+- title: Restart Dashy
+  icon: restart
+  shell: docker restart dashy
+  timeout: 30
+- title: Restart Dashy 2
+  icon: restart
+  shell: docker restart dashy
+  timeout: 30
+- title: Restart Olivetin
+  icon: restart
+  shell: docker restart olivetin
+  timeout: 30
diff --git a/roles/setup_hosted_services/handlers/main.yml b/roles/setup_hosted_services/handlers/main.yml
index 91f8f4c..61ecc28 100644
--- a/roles/setup_hosted_services/handlers/main.yml
+++ b/roles/setup_hosted_services/handlers/main.yml
@@ -1,8 +1,7 @@
----
 # handlers file for setup_hosted_services
 - name: restart-dashy
   shell: docker restart dashy
-  ignore_errors: True
+  ignore_errors: true
 
 - name: restart-olivetin
   shell: docker restart olivetin
diff --git a/roles/setup_hosted_services/tasks/main.yml b/roles/setup_hosted_services/tasks/main.yml
index d4c0d9d..f5377a8 100644
--- a/roles/setup_hosted_services/tasks/main.yml
+++ b/roles/setup_hosted_services/tasks/main.yml
@@ -1,122 +1,125 @@
----
 - name: Docker | Pull images
   docker_image:
-    name: "{{item}}"
+    name: '{{item}}'
     source: pull
   with_items:
-    - ubuntu
-    - busybox
+  - ubuntu
+  - busybox
 
 - name: Docker Compose | Create a directory if it does not exist
   file:
-    path: "{{directories.docker_compose_directory}}/{{item.name}}"
+    path: '{{directories.docker_compose_directory}}/{{item.name}}'
     state: directory
     mode: '0755'
-  with_items: "{{services}}"
+  with_items: '{{services}}'
 
 - name: Docker Compose | Template Docker Compose Files
   template:
-    src: "{{item.name}}.j2"
-    dest: "{{directories.docker_compose_directory}}/{{item.name}}/docker-compose.yml"
-  with_items: "{{services}}"
+    src: '{{item.name}}.j2'
+    dest: '{{directories.docker_compose_directory}}/{{item.name}}/docker-compose.yml'
+  with_items: '{{services}}'
 
 
 - name: Directories | Ensure required directories
   file:
-    path: "{{item}}"
+    path: '{{item}}'
     state: directory
     mode: '0755'
   with_items:
-    - "{{dashy.config_directory}}"
-    - "{{olivetin.config_directory}}"
-    - "{{dockervolumebackup.config_directory}}"
-    - "{{directories.backups_dir}}/.s3tmp"
+  - '{{dashy.config_directory}}'
+  - '{{olivetin.config_directory}}'
+  - '{{dockervolumebackup.config_directory}}'
+  - '{{directories.backups_dir}}/.s3tmp'
 
 - name: Dashy | Config Files
   copy:
-    src: "{{dashy.source_file}}"
-    dest: "{{dashy.config_directory}}/{{dashy.config_file}}"
+    src: '{{dashy.source_file}}'
+    dest: '{{dashy.config_directory}}/{{dashy.config_file}}'
   notify:
-    - restart-dashy
+  - restart-dashy
 
 - name: Olivetin | Config Files
   copy:
-    src: "{{olivetin.source_file}}"
-    dest: "{{olivetin.config_directory}}/{{olivetin.config_file}}"
+    src: '{{olivetin.source_file}}'
+    dest: '{{olivetin.config_directory}}/{{olivetin.config_file}}'
   notify:
-    - restart-olivetin
+  - restart-olivetin
 
 - name: Docker Volume Backup | Config Files
   template:
-    src: "docker-volume-backup/config.j2"
-    dest: "{{dockervolumebackup.config_directory}}/config.yml"
+    src: docker-volume-backup/config.j2
+    dest: '{{dockervolumebackup.config_directory}}/config.yml'
   notify:
-    - restart-docker-volume-backup
+  - restart-docker-volume-backup
 
 - name: Install python dependencies (requests)
   pip:
     name: requests
 
 - name: Docker | Find docker volumes
-  shell: docker volume ls -f name={{item.name}} --format '{{ '{{' }}  .Name {{ '}}' }}'
-  with_items: "{{services}}"
+  shell: docker volume ls -f name={{item.name}} --format '{{ '{{' }}  .Name {{ '}}'
+    }}'
+  with_items: '{{services}}'
   register: find_volumes
-  changed_when: False
+  changed_when: false
 
-- debug: msg="{{find_volumes.results | map(attribute='stdout_lines') | list | flatten }}"
+- debug: msg="{{find_volumes.results | map(attribute='stdout_lines') | list | flatten
+    }}"
 
 - name: Docker | Find volumes that need to be restored
   script: scripts/find-volumes-to-restore.py
   environment:
-    EXISTING_VOLUMES: "{{ find_volumes.results | map(attribute='stdout_lines') | list | flatten }}"
-    SERVICES: "{{ services }}"
-    DOCKER_COMPOSE_DIR: "{{directories.docker_compose_directory}}"
+    EXISTING_VOLUMES: "{{ find_volumes.results | map(attribute='stdout_lines') | list\
+      \ | flatten }}"
+    SERVICES: '{{ services }}'
+    DOCKER_COMPOSE_DIR: '{{directories.docker_compose_directory}}'
   args:
     executable: python3
   register: python_output
-  changed_when: False
+  changed_when: false
 
 - debug: msg="{{python_output.stdout_lines | list }}"
 
 - name: Docker Volume Backup | Restore any missing backups from S3
   when: restore_from_s3
   docker_container:
-    command: "restore-volume --s3 --volume {{item}}"
-    image: "ghcr.io/chatton/docker-volume-backup:v0.3.0"
-    name: "s3-restore-{{item}}"
+    command: restore-volume --s3 --volume {{item}}
+    image: ghcr.io/chatton/docker-volume-backup:v0.3.0
+    name: s3-restore-{{item}}
     cleanup: true # delete container after it's done.
     state: started # container should execute.
     detach: no # task fails if container exits.
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - /tmp:/tmp # temp s3 archive goes here
+    - /var/run/docker.sock:/var/run/docker.sock
+    - /tmp:/tmp   # temp s3 archive goes here
     env:
-      AWS_ACCESS_KEY_ID: "{{aws_s3.aws_access_key}}"
-      AWS_SECRET_ACCESS_KEY: "{{aws_s3.aws_secret_key}}"
-      AWS_DEFAULT_REGION: "{{aws_s3.region}}"
-      AWS_BUCKET: "{{aws_s3.bucket}}"
-      AWS_ENDPOINT: "{{aws_s3.s3_url}}"
-  with_items: "{{ python_output.stdout_lines }}"
+      AWS_ACCESS_KEY_ID: '{{aws_s3.aws_access_key}}'
+      AWS_SECRET_ACCESS_KEY: '{{aws_s3.aws_secret_key}}'
+      AWS_DEFAULT_REGION: '{{aws_s3.region}}'
+      AWS_BUCKET: '{{aws_s3.bucket}}'
+      AWS_ENDPOINT: '{{aws_s3.s3_url}}'
+  with_items: '{{ python_output.stdout_lines }}'
 
 - name: Docker | Create required docker networks
   docker_network:
-    name: "{{item}}"
-  with_items: "{{ docker_networks }}"
+    name: '{{item}}'
+  with_items: '{{ docker_networks }}'
 
 - name: Portainer | Update Stack
   when: container_deployment_mode == "portainer"
   chatton.portainer.portainer_stack:
     username: admin
-    password: "{{portainer.password}}"
-    docker_compose_file_path: "{{directories.docker_compose_directory}}/{{ item.name }}/docker-compose.yml"
-    stack_name: "{{ item.name }}"
-    endpoint_id: "{{ item.endpoint_id }}"
+    password: '{{portainer.password}}'
+    docker_compose_file_path: '{{directories.docker_compose_directory}}/{{ item.name
+      }}/docker-compose.yml'
+    stack_name: '{{ item.name }}'
+    endpoint_id: '{{ item.endpoint_id }}'
     state: present
-  with_items: "{{services}}"
+  with_items: '{{services}}'
 
 - name: Docker compose | Update Stack
   when: container_deployment_mode == "compose"
   docker_compose:
-    project_src: "{{directories.docker_compose_directory}}/{{ item.name }}"
+    project_src: '{{directories.docker_compose_directory}}/{{ item.name }}'
     state: present
-  with_items: "{{services}}"
+  with_items: '{{services}}'
diff --git a/roles/setup_linode/defaults/main-vault.yml b/roles/setup_linode/defaults/main-vault.yml
index 0034d8a..0e19475 100644
--- a/roles/setup_linode/defaults/main-vault.yml
+++ b/roles/setup_linode/defaults/main-vault.yml
@@ -1,12 +1,7 @@
-$ANSIBLE_VAULT;1.1;AES256
-36356161663039666634393933383830653035633438343866643730303434353632383031303965
-3465343332353437616663643662343262373333366162300a373662386533363234636234633339
-35383439373430656130353938653531636563663066646265643838323230356231333836326262
-6439626538643837390a383039373366626637333738386332356361306131323133383534323462
-32376564376363663666383639313064316365353037356633363035373632313561643030643933
-34663533313231636162306465656433663634643038343938396462643261656238626432633136
-39356562353463353034373534386537313634326534623830616362336638396337386631663538
-30663236653532316461306636333536373836626537363430613961346137626261333238366234
-30633438653936316539326436393634366236616664383835396434373966333166366265636661
-39666335653265323565313831303264336331363339333532353939653330383362363965353032
-383434386133323961373833303262336439
+$ANSIBLE_VAULT;1.1;AES256 36356161663039666634393933383830653035633438343866643730303434353632383031303965
+3465343332353437616663643662343262373333366162300a373662386533363234636234633339 35383439373430656130353938653531636563663066646265643838323230356231333836326262
+6439626538643837390a383039373366626637333738386332356361306131323133383534323462 32376564376363663666383639313064316365353037356633363035373632313561643030643933
+34663533313231636162306465656433663634643038343938396462643261656238626432633136 39356562353463353034373534386537313634326534623830616362336638396337386631663538
+30663236653532316461306636333536373836626537363430613961346137626261333238366234 30633438653936316539326436393634366236616664383835396434373966333166366265636661
+39666335653265323565313831303264336331363339333532353939653330383362363965353032 383434386133323961373833303262336439
+...
diff --git a/roles/setup_linode/defaults/main.yml b/roles/setup_linode/defaults/main.yml
index bba11e6..0be9da5 100644
--- a/roles/setup_linode/defaults/main.yml
+++ b/roles/setup_linode/defaults/main.yml
@@ -1,13 +1,12 @@
----
 # defaults file for setup_linode
 ssh_keys:
-  - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
+- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
 label: simple-linode
 
 # hosts that are added to the generated .ini file.
 hosts:
 - user: root
-  ip: "{{my_linode.instance.ipv4[0]}}"
+  ip: '{{my_linode.instance.ipv4[0]}}'
 
 # https://www.linode.com/community/questions/17190/obtain-a-list-of-image-and-plan-types-using-linode-apicli
 type: g6-standard-2
diff --git a/roles/setup_linode/tasks/main.yml b/roles/setup_linode/tasks/main.yml
index 9538e1a..cbfd1f8 100644
--- a/roles/setup_linode/tasks/main.yml
+++ b/roles/setup_linode/tasks/main.yml
@@ -1,31 +1,27 @@
----
 - name: Include vault variables.
   include_vars: defaults/main-vault.yml
 
 - name: Create a new Linode.
   linode_v4:
-    label: "{{ label }}"
-    access_token: "{{ token }}"
-    type: "{{ type }}"
-    region: "{{ region }}"
+    label: '{{ label }}'
+    access_token: '{{ token }}'
+    type: '{{ type }}'
+    region: '{{ region }}'
     image: linode/debian11
-    root_pass: "{{ password }}"
-    authorized_keys: "{{ ssh_keys }}"
+    root_pass: '{{ password }}'
+    authorized_keys: '{{ ssh_keys }}'
     group: servers
-    state: "{{ state }}"
+    state: '{{ state }}'
   register: my_linode
 
 - name: Wait for SSH to come up
   local_action:
-    module: wait_for
-      host={{ my_linode.instance.ipv4[0] }}
-      port=22
-      search_regex=OpenSSH
+    module: wait_for host={{ my_linode.instance.ipv4[0] }} port=22 search_regex=OpenSSH
       timeout=320
 
 - name: Instance Details
   debug:
-    msg: "{{my_linode}}"
+    msg: '{{my_linode}}'
 
 - name: Update hosts.ini
   blockinfile:
diff --git a/roles/setup_linode/vars/main.yml b/roles/setup_linode/vars/main.yml
index da15b8b..6d800ee 100644
--- a/roles/setup_linode/vars/main.yml
+++ b/roles/setup_linode/vars/main.yml
@@ -1,2 +1,2 @@
----
-# vars file for setup_linode
+null
+...
diff --git a/roles/setup_mergerfs/tasks/main.yml b/roles/setup_mergerfs/tasks/main.yml
index 4dd525f..f10494d 100644
--- a/roles/setup_mergerfs/tasks/main.yml
+++ b/roles/setup_mergerfs/tasks/main.yml
@@ -1,4 +1,3 @@
----
 # dangerous to use this as the device name changes when there are new drives.
 # can this be done with an ID?
 #- name: Create a ext4 filesystem on /dev/sdb1
@@ -9,12 +8,12 @@
 
 - name: Mount Volumes
   mount:
-    path: "{{item.path}}"
-    src: "UUID={{item.uuid}}"
+    path: '{{item.path}}'
+    src: UUID={{item.uuid}}
     fstype: ext4
     state: mounted
     opts: defaults,nofail
-  loop: "{{ devices }}"
+  loop: '{{ devices }}'
   register: volume_out
 
 - debug: msg="{{volume_out}}"
@@ -38,4 +37,4 @@
   include_role:
     name: sprat.mergerfs
   vars:
-    mergerfs_mounts: "{{mounts}}"
+    mergerfs_mounts: '{{mounts}}'
diff --git a/roles/setup_portainer/files/docker-compose.yml b/roles/setup_portainer/files/docker-compose.yml
index 43e6b9a..e6ae5b7 100644
--- a/roles/setup_portainer/files/docker-compose.yml
+++ b/roles/setup_portainer/files/docker-compose.yml
@@ -1,17 +1,16 @@
----
 version: '3.2'
 services:
   portainer:
     labels:
-      ie.cianhatton.backup.enabled: "true"
-      ie.cianhatton.backup.key: "nightly"
+      ie.cianhatton.backup.enabled: 'true'
+      ie.cianhatton.backup.key: nightly
     image: portainer/portainer-ce
-    container_name: "portainer"
+    container_name: portainer
     ports:
-      - "9000:9000"
+    - 9000:9000
     volumes:
-      - portainer_data:/data
-      - /var/run/docker.sock:/var/run/docker.sock
+    - portainer_data:/data
+    - /var/run/docker.sock:/var/run/docker.sock
 
 volumes:
   portainer_data:
diff --git a/roles/setup_portainer/tasks/main.yml b/roles/setup_portainer/tasks/main.yml
index 5036adc..da20b12 100644
--- a/roles/setup_portainer/tasks/main.yml
+++ b/roles/setup_portainer/tasks/main.yml
@@ -1,59 +1,51 @@
-# @meta author: Cian Hatton
-# @meta description: >
-# Role to configure Portainer. This role copies the docker-compose.yml
-# onto the host and starts portainer with docker compose.
-# If there is a backup of the portainer volume stored in s3, it will
-# be restored before portainer is started.
-# @end
-
----
 - name: Portainer | Create directory if it does not exist
   ansible.builtin.file:
-    path: "{{directories.docker_compose_directory}}"
+    path: '{{directories.docker_compose_directory}}'
     state: directory
     mode: '0755'
 
 - name: Portainer | Copy docker compose file
   copy:
     src: docker-compose.yml
-    dest: "{{directories.docker_compose_directory}}/docker-compose.yml"
+    dest: '{{directories.docker_compose_directory}}/docker-compose.yml'
 
 - name: Portainer | Check if volume exists
-  shell: docker volume ls -f name=portainer_portainer_data --format '{{ '{{' }}  .Name {{ '}}' }}'
+  shell: docker volume ls -f name=portainer_portainer_data --format '{{ '{{' }}  .Name
+    {{ '}}' }}'
   register: portainer_volume
-  changed_when: False
+  changed_when: false
 
 - name: Portainer | Pull images
   docker_image:
-    name: "{{item}}"
+    name: '{{item}}'
     source: pull
   with_items:
-    - ubuntu
-    - busybox
+  - ubuntu
+  - busybox
 
 - name: Docker Volume Backup | Restore Portainer volume from S3
   when: (portainer_volume.stdout_lines | length) == 0
   docker_container:
-    command: "restore-volume --s3 --volume portainer_portainer_data"
-    image: "ghcr.io/chatton/docker-volume-backup:v0.3.0"
-    name: "s3-restore-portainer"
+    command: restore-volume --s3 --volume portainer_portainer_data
+    image: ghcr.io/chatton/docker-volume-backup:v0.3.0
+    name: s3-restore-portainer
     cleanup: true # delete container after it's done.
     state: started # container should execute.
     detach: no # task fails if container exits.
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - /tmp:/tmp # temp s3 archive goes here
+    - /var/run/docker.sock:/var/run/docker.sock
+    - /tmp:/tmp   # temp s3 archive goes here
     env:
-      AWS_ACCESS_KEY_ID: "{{aws_s3.aws_access_key}}"
-      AWS_SECRET_ACCESS_KEY: "{{aws_s3.aws_secret_key}}"
-      AWS_DEFAULT_REGION: "{{aws_s3.region}}"
-      AWS_BUCKET: "{{aws_s3.bucket}}"
-      AWS_ENDPOINT: "{{aws_s3.s3_url}}"
+      AWS_ACCESS_KEY_ID: '{{aws_s3.aws_access_key}}'
+      AWS_SECRET_ACCESS_KEY: '{{aws_s3.aws_secret_key}}'
+      AWS_DEFAULT_REGION: '{{aws_s3.region}}'
+      AWS_BUCKET: '{{aws_s3.bucket}}'
+      AWS_ENDPOINT: '{{aws_s3.s3_url}}'
 
 
 - name: Portainer | Docker compose up
   community.docker.docker_compose:
-    project_src: "{{directories.docker_compose_directory}}/portainer"
+    project_src: '{{directories.docker_compose_directory}}/portainer'
 
 # Don't really need this as long as there is an S3 backup.
 #- name: Portainer | Register Admin User
diff --git a/roles/setup_samba/defaults/main.yml b/roles/setup_samba/defaults/main.yml
index 1316efe..b33b858 100644
--- a/roles/setup_samba/defaults/main.yml
+++ b/roles/setup_samba/defaults/main.yml
@@ -1,10 +1,9 @@
----
 samba_group: smbgroup
 samba_user: smbuser
 users:
-  - name: cianhatton
+- name: cianhatton
 shares:
-  - /share
-  - /share/public_files
-  - /share/private_files
-  - /share/cian_files
+- /share
+- /share/public_files
+- /share/private_files
+- /share/cian_files
diff --git a/roles/setup_samba/handlers/main.yml b/roles/setup_samba/handlers/main.yml
index 1d41483..5ff63f8 100644
--- a/roles/setup_samba/handlers/main.yml
+++ b/roles/setup_samba/handlers/main.yml
@@ -1,4 +1,3 @@
----
 - name: restart-samba
   ansible.builtin.service:
     name: smbd
diff --git a/roles/setup_samba/tasks/main.yml b/roles/setup_samba/tasks/main.yml
index 59e2689..de03b3f 100644
--- a/roles/setup_samba/tasks/main.yml
+++ b/roles/setup_samba/tasks/main.yml
@@ -1,54 +1,53 @@
----
 - name: Install samba packages using apt
   apt:
     name:
-      - samba
+    - samba
     state: present
     update_cache: yes
 
 - name: Ensure samba group exists
   ansible.builtin.group:
-    name:  "{{samba_group}}"
+    name: '{{samba_group}}'
     state: present
     system: true
   notify:
-    - reload-samba
+  - reload-samba
 
 - name: Ensure samba user
   ansible.builtin.user:
-    name: "{{samba_user}}"
+    name: '{{samba_user}}'
     comment: Samba user
-    group: "{{samba_group}}"
+    group: '{{samba_group}}'
     shell: /bin/false
     create_home: false
   notify:
-    - reload-samba
+  - reload-samba
 
 - name: Add the User(s) to Samba group
   user:
-    name: "{{ item.name }}"
-    groups: "{{ samba_group }}"
+    name: '{{ item.name }}'
+    groups: '{{ samba_group }}'
     append: yes
-  with_items: "{{users}}"
+  with_items: '{{users}}'
 
 - name: Ensure Share directories
   ansible.builtin.file:
-    path: "{{item}}"
+    path: '{{item}}'
     recurse: yes
     state: directory
-    owner: "{{samba_user}}"
-    group: "{{samba_group}}"
-    mode: 'u+rw,g+rw'
-  with_items: "{{shares}}"
+    owner: '{{samba_user}}'
+    group: '{{samba_group}}'
+    mode: u+rw,g+rw
+  with_items: '{{shares}}'
   notify:
-    - reload-samba
+  - reload-samba
 
 - name: Copy smb conf files
   copy:
-    src: "{{item}}"
-    dest: "/etc/samba/{{item}}"
+    src: '{{item}}'
+    dest: /etc/samba/{{item}}
   with_items:
-    - smb.conf
-    - shares.conf
+  - smb.conf
+  - shares.conf
   notify:
-    - reload-samba
+  - reload-samba
diff --git a/roles/setup_users/tasks/main.yml b/roles/setup_users/tasks/main.yml
index 329addc..35d4a9f 100644
--- a/roles/setup_users/tasks/main.yml
+++ b/roles/setup_users/tasks/main.yml
@@ -2,32 +2,32 @@
 - name: Install Sudo
   apt:
     pkg:
-      - sudo
+    - sudo
     state: latest
     update_cache: true
 
 - name: Make sure we have a  groups
   group:
-    name: "{{item.group}}"
+    name: '{{item.group}}'
     state: present
-  with_items: "{{users}}"
+  with_items: '{{users}}'
 
 - name: Add Users
   ansible.builtin.user:
-    name: "{{item.name}}"
-    comment: "{{item.name}} user"
-    group: "{{item.group}}"
-  with_items: "{{users}}"
+    name: '{{item.name}}'
+    comment: '{{item.name}} user'
+    group: '{{item.group}}'
+  with_items: '{{users}}'
 
 - name: Add sudoers
   template:
     src: sudoers.j2
-    dest: "/etc/sudoers.d/{{item.name}}"
-  with_items: "{{users}}"
+    dest: /etc/sudoers.d/{{item.name}}
+  with_items: '{{users}}'
   when: item.passwordless_sudo == true
 
 - name: Set authorized key
   authorized_key:
-    user: "{{homelab_user}}"
+    user: '{{homelab_user}}'
     state: present
     key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
diff --git a/scripts/format_all_yaml.sh b/scripts/format_all_yaml.sh
new file mode 100755
index 0000000..962b522
--- /dev/null
+++ b/scripts/format_all_yaml.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+function format_dir(){
+  dir="${1}"
+  yaml_files="$(find ${dir} -type f -name "*.yml")"
+  for f in $yaml_files
+  do
+    yamlfmt $f -w
+  done
+}
+
+format_dir roles
+format_dir playbooks
+format_dir host_vars
+format_dir group_vars