fixing ansible lint

3 years ago · 62f3ee4316
parent d49819acec
commit 62f3ee4316
14 changed files with 102 additions and 224 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@ -0,0 +1,3 @@
 skip_list:
  - '403' # allow for latest packages
  - name[casing]
--- a/group_vars/linodes.yml
+++ b/group_vars/linodes.yml
@ -9,7 +9,6 @@ services:
 - name: nextcloud
 - name: nginx-proxy-manager
 - name: uptime-kuma
 #- name: docker-volume-backup
 - name: mariadb
 - name: photoprism
 - name: olivetin
--- a/host_vars/qnap.yml
+++ b/host_vars/qnap.yml
@ -42,8 +42,6 @@ services:
  endpoint_id: 2
 - name: vpn-stack
  endpoint_id: 2
 #- name: docker-volume-backup
 #  endpoint_id: 2
 - name: mariadb
  endpoint_id: 2
 - name: photoprism
--- a/playbooks/backup-docker-volumes.yml
+++ b/playbooks/backup-docker-volumes.yml
@ -1,5 +1,6 @@
 ---
- hosts: qnap
+- name: Backup Docker Volumes.
  hosts: qnap
  become: true
  vars:
    # corrsponds to which category of backups will be used.
@ -8,12 +9,11 @@
  pre_tasks:
  - name: Include vault variables.
-    include_vars: '../{{vault_file}}'
+    include_vars: '../{{ vault_file }}'
    tags: [always]
  tasks:
    - name: Find Containers With Backup Label
      register: docker_info
      docker_host_info:
        containers: true
        containers_filters:
@ -21,12 +21,11 @@
           - "ie.cianhatton.backup.enabled=true"
           - "ie.cianhatton.backup.schedule={{ schedule }}"
      register: filter_output
    - debug: msg="{{filter_output}}"
    - name: Get Container Names
      set_fact: container_names="{{ filter_output.containers  | map(attribute="Names")  | flatten }}"
-    - debug: msg="{{container_names}}"
+    - debug: msg="{{ container_names }}"
    - name: Backup Containers with backup label
      include_role:
--- a/playbooks/verify-homelab.yml
+++ b/playbooks/verify-homelab.yml
@ -30,7 +30,7 @@
    register: image_details
  - name: Assert desired images exist
    assert:
-      that: {{item in image_details.images | map(attribute='RepoTags') | flatten: !!null ''}: !!null ''}
+      that: "{{ item in image_details.images | map(attribute='RepoTags') | flatten }}"
    with_items: '{{desired_docker_images}}'
  - name: Fetch Sudoers Files
--- a/roles/setup_hosted_services/tasks/main.yml
+++ b/roles/setup_hosted_services/tasks/main.yml
@ -106,20 +106,22 @@
  with_items: '{{services}}'
 - name: Ensure Nightly Cron Backups
  tags: ["cron"]
  ansible.builtin.cron:
    name: backup docker volumes (nightly)
    weekday: "0"
    minute: "0"
    hour: "3"
    user: ansible
-    job: "ansible-pull -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=nightly"
+    job: "ansible-pull -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=nightly >> /home/cianhatton/logs/nightly.log 2>&1"
    cron_file: ansible_nightly_docker_volume_backup
 - name: Ensure Monthly Cron Backups
  tags: ["cron"]
  ansible.builtin.cron:
    name: backup docker volumes (monthly)
    month: "*"
    day : "1"
    user: ansible
-    job: "ansible-pull -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=monthly"
+    job: "ansible-pull -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=monthly >> /home/cianhatton/logs/monthly.log 2>&1"
    cron_file: ansible_monthly_docker_volume_backup
--- a/roles/setup_mergerfs/tasks/main.yml
+++ b/roles/setup_mergerfs/tasks/main.yml
@ -37,4 +37,4 @@
  include_role:
    name: sprat.mergerfs
  vars:
-    mergerfs_mounts: '{{mounts}}'
+    mergerfs_mounts: '{{ mounts }}'
--- a/roles/setup_portainer/meta/main.yml
+++ b/roles/setup_portainer/meta/main.yml
@ -1,53 +1,15 @@
 galaxy_info:
  author: Cian Hatton
  namespace: chatton
-  description: your role description
+  description: Setup Portainer for my Home Lab
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: MIT
-  min_ansible_version: 2.1
+  min_ansible_version: "2.1"
-
+  platforms:
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
+    - name: Debian
-  # min_ansible_container_version:
+      versions:
-
+        - all
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/setup_portainer/tasks/main.yml
+++ b/roles/setup_portainer/tasks/main.yml
@ -1,27 +1,27 @@
- name: Portainer | Create directory if it does not exist
+---
 - name: Portainer | Create directory if it does not exist.
  ansible.builtin.file:
-    path: '{{directories.docker_compose_directory}}'
+    path: '{{ directories.docker_compose_directory }}'
    state: directory
    mode: '0755'
- name: Portainer | Copy docker compose file
+- name: Portainer | Copy docker compose file.
-  copy:
+  ansible.builtin.copy:
    src: docker-compose.yml
-    dest: '{{directories.docker_compose_directory}}/docker-compose.yml'
+    dest: '{{ directories.docker_compose_directory }}/docker-compose.yml'
 - name: Portainer | Check if volume exists
-  shell: docker volume ls -f name=portainer_portainer_data --format '{{ '{{' }}  .Name
+  ansible.builtin.shell: docker volume ls -f name=portainer_portainer_data --format '{{ '{{' }}  .Name {{ '}}' }}'
    {{ '}}' }}'
  register: portainer_volume
  changed_when: false
 - name: Portainer | Pull images
  docker_image:
-    name: '{{item}}'
+    name: '{{ item }}'
    source: pull
  with_items:
-  - ubuntu
+    - ubuntu
-  - busybox
+    - busybox
 - name: Docker Volume Backup | Restore Portainer volume from S3
  when: (portainer_volume.stdout_lines | length) == 0
@ -31,34 +31,17 @@
    name: s3-restore-portainer
    cleanup: true # delete container after it's done.
    state: started # container should execute.
-    detach: no # task fails if container exits.
+    detach: false # task fails if container exits.
    volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
+      - /var/run/docker.sock:/var/run/docker.sock
-    - /tmp:/tmp   # temp s3 archive goes here
+      - /tmp:/tmp   # temp s3 archive goes here
    env:
-      AWS_ACCESS_KEY_ID: '{{aws_s3.aws_access_key}}'
+      AWS_ACCESS_KEY_ID: '{{ aws_s3.aws_access_key }}'
-      AWS_SECRET_ACCESS_KEY: '{{aws_s3.aws_secret_key}}'
+      AWS_SECRET_ACCESS_KEY: '{{ aws_s3.aws_secret_key }}'
-      AWS_DEFAULT_REGION: '{{aws_s3.region}}'
+      AWS_DEFAULT_REGION: '{{ aws_s3.region }}'
-      AWS_BUCKET: '{{aws_s3.bucket}}'
+      AWS_BUCKET: '{{ aws_s3.bucket }}'
-      AWS_ENDPOINT: '{{aws_s3.s3_url}}'
+      AWS_ENDPOINT: '{{ aws_s3.s3_url }}'
 - name: Portainer | Docker compose up
  community.docker.docker_compose:
-    project_src: '{{directories.docker_compose_directory}}/portainer'
+    project_src: '{{ directories.docker_compose_directory }}/portainer'
 # Don't really need this as long as there is an S3 backup.
 #- name: Portainer | Register Admin User
 #  when: (portainer_volume.stdout_lines | length) == 0
 #  uri:
 #    url: http://localhost:9000/api/users/admin/init
 #    method: POST
 #    body:
 #      Username: admin
 #      Password: "{{portainer.password}}"
 #    status_code: 200
 #    body_format: json
 #  register: result
 #  until: result.status == 200
 #  retries: 60
 #  delay: 1
--- a/roles/setup_samba/defaults/main.yml
+++ b/roles/setup_samba/defaults/main.yml
@ -1,9 +1,10 @@
 ---
 samba_group: smbgroup
 samba_user: smbuser
 users:
- name: cianhatton
+  - name: cianhatton
 shares:
- /share
+  - /share
- /share/public_files
+  - /share/public_files
- /share/private_files
+  - /share/private_files
- /share/cian_files
+  - /share/cian_files
--- a/roles/setup_samba/meta/main.yml
+++ b/roles/setup_samba/meta/main.yml
@ -1,53 +1,15 @@
 galaxy_info:
  author: Cian Hatton
  namespace: chatton
-  description: your role description
+  description: Setup Samba Shares for my Home Lab.
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: MIT
-  min_ansible_version: 2.1
+  min_ansible_version: "2.1"
-
+  platforms:
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
+    - name: Debian
-  # min_ansible_container_version:
+      versions:
-
+        - all
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/setup_samba/tasks/main.yml
+++ b/roles/setup_samba/tasks/main.yml
@ -1,53 +1,57 @@
- name: Install samba packages using apt
+---
-  apt:
+- name: Install samba packages using apt.
  ansible.builtin.apt:
    name:
-    - samba
+      - samba
    state: present
    update_cache: true
- name: Ensure samba group exists
+- name: Ensure samba group exists.
  ansible.builtin.group:
-    name: '{{samba_group}}'
+    name: '{{ samba_group }}'
    state: present
    system: true
  notify:
-  - reload-samba
+    - reload-samba
- name: Ensure samba user
+- name: Ensure samba user.
  ansible.builtin.user:
-    name: '{{samba_user}}'
+    name: '{{ samba_user }}'
    comment: Samba user
-    group: '{{samba_group}}'
+    group: '{{ samba_group }}'
    shell: /bin/false
    create_home: false
  notify:
-  - reload-samba
+    - reload-samba
- name: Add the User(s) to Samba group
+- name: Add the User(s) to Samba group.
-  user:
+  ansible.builtin.user:
    name: '{{ item.name }}'
    groups: '{{ samba_group }}'
    append: true
-  with_items: '{{users}}'
+  with_items: '{{ users }}'
- name: Ensure Share directories
+- name: Ensure Share directories.
  ansible.builtin.file:
-    path: '{{item}}'
+    path: '{{ item }}'
    recurse: true
    state: directory
-    owner: '{{samba_user}}'
+    owner: '{{ samba_user }}'
-    group: '{{samba_group}}'
+    group: '{{ samba_group }}'
    mode: u+rw,g+rw
-  with_items: '{{shares}}'
+  with_items: '{{ shares }}'
  notify:
-  - reload-samba
+    - reload-samba
- name: Copy smb conf files
+- name: Copy smb conf files.
-  copy:
+  ansible.builtin.copy:
-    src: '{{item}}'
+    src: '{{ item }}'
-    dest: /etc/samba/{{item}}
+    dest: "/etc/samba/{{ item }}"
    mode: 0644
    owner: "{{ samba_user }}"
    group: "{{ samba_group }}"
  with_items:
-  - smb.conf
+    - smb.conf
-  - shares.conf
+    - shares.conf
  notify:
-  - reload-samba
+    - reload-samba
--- a/roles/setup_users/meta/main.yml
+++ b/roles/setup_users/meta/main.yml
@ -1,53 +1,15 @@
 galaxy_info:
  author: Cian Hatton
  namespace: chatton
-  description: your role description
+  description: Setup users for my Home Lab
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: MIT
-  min_ansible_version: 2.1
+  min_ansible_version: "2.1"
-
+  platforms:
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
+    - name: Debian
-  # min_ansible_container_version:
+      versions:
-
+        - all
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/setup_users/tasks/main.yml
+++ b/roles/setup_users/tasks/main.yml
@ -1,39 +1,42 @@
 # https://stackoverflow.com/questions/37333305/ansible-create-a-user-with-sudo-privileges
- name: Install Sudo
+- name: Install Sudo.
-  apt:
+  ansible.builtin.apt:
    pkg:
-    - sudo
+      - sudo
    state: latest
    update_cache: true
- name: Make sure we have a  groups
+- name: Make sure we have a groups.
-  group:
+  ansible.builtin.group:
    name: '{{ item.group }}'
    state: present
  with_items: '{{ users }}'
- name: Add Users
+- name: Add Users.
  ansible.builtin.user:
    name: '{{ item.name }}'
    comment: '{{ item.name }} user'
    group: '{{ item.group }}'
  with_items: '{{ users }}'
- name: Add sudoers
+- name: Add sudoers.
-  template:
+  ansible.builtin.template:
    src: sudoers.j2
-    dest: /etc/sudoers.d/{{item.name}}
+    dest: /etc/sudoers.d/{{ item.name }}
    mode: 0440
  with_items: '{{ users }}'
-  when: item.passwordless_sudo == true
+  when: item.passwordless_sudo
- name: Set authorized key
+- name: Set authorized key.
  authorized_key:
    user: '{{ homelab_user }}'
    state: present
    key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: Copy Bashrc
+- name: Copy Bashrc.
-  copy:
+  ansible.builtin.copy:
    src: bash_rc
    dest: "/home/{{ homelab_user }}/.bash_rc"
    group: "{{ homelab_user }}"
    owner: "{{ homelab_user }}"
    mode: 0644