diff --git a/roles/accounts/tasks/main.yml b/roles/accounts/tasks/main.yml index 7363b37..250c849 100644 --- a/roles/accounts/tasks/main.yml +++ b/roles/accounts/tasks/main.yml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- - name: "Create {{ evobsd_internal_group }}, {{ evobsd_ssh_group }}, {{ evobsd_sudo_group }} group" group: @@ -10,7 +11,7 @@ tags: - admin -- name: Create user accounts +- name: "Create user accounts" include: user.yml vars: user: "{{ item.value }}" @@ -19,7 +20,7 @@ tags: - admin -- name: verify AllowGroups directive +- name: "Verify AllowGroups directive" command: "grep -E '^AllowGroups' /etc/ssh/sshd_config" changed_when: false failed_when: false @@ -28,7 +29,7 @@ tags: - admin -- name: verify AllowUsers directive +- name: "Verify AllowUsers directive" command: "grep -E '^AllowUsers' /etc/ssh/sshd_config" changed_when: false failed_when: false diff --git a/roles/accounts/tasks/user.yml b/roles/accounts/tasks/user.yml index 23c07e0..3e905f0 100644 --- a/roles/accounts/tasks/user.yml +++ b/roles/accounts/tasks/user.yml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- - name: "Group '{{ user.name }}' is present" group: diff --git a/roles/base/tasks/cron.yml b/roles/base/tasks/cron.yml index 635182f..351b937 100644 --- a/roles/base/tasks/cron.yml +++ b/roles/base/tasks/cron.yml @@ -1,5 +1,5 @@ --- -- name: Customize PATH variable of root crontab +- name: "Customize PATH variable of root crontab" cron: name: PATH env: true diff --git a/roles/base/tasks/doas.yml b/roles/base/tasks/doas.yml index 538b1af..134a568 100644 --- a/roles/base/tasks/doas.yml +++ b/roles/base/tasks/doas.yml @@ -1,5 +1,5 @@ --- -- name: Configure doas +- name: "Configure doas" template: src: doas.conf.j2 dest: /etc/doas.conf diff --git a/roles/base/tasks/dotfiles.yml b/roles/base/tasks/dotfiles.yml index 551d5ab..191f954 100644 --- a/roles/base/tasks/dotfiles.yml +++ b/roles/base/tasks/dotfiles.yml @@ -1,5 +1,5 @@ --- -- name: Customize root's .profile +- name: "Customize root's .profile" template: src: profile.j2 dest: /root/.profile @@ -8,7 +8,7 @@ - admin - dotfiles -- name: Copy vim default configuration +- name: "Copy vim default configuration" copy: src: vimrc dest: /root/.vimrc @@ -18,7 +18,7 @@ - dotfiles - vim -- name: Customize .kshrc environment file +- name: "Customize .kshrc environment file" copy: src: kshrc dest: /root/.kshrc @@ -27,7 +27,7 @@ - admin - dotfiles -- name: Change default .profile skeleton +- name: "Change default .profile skeleton" template: src: profile.j2 dest: /etc/skel/.profile @@ -36,7 +36,7 @@ - admin - dotfiles -- name: Add evomaintenance trap .profile skeleton with doas +- name: "Add evomaintenance trap .profile skeleton with doas" lineinfile: state: present dest: /etc/skel/.profile @@ -48,7 +48,7 @@ - admin - dotfiles -- name: Add vim configuration to dotfiles for new users +- name: "Add vim configuration to dotfiles for new users" copy: src: vimrc dest: /etc/skel/.vimrc @@ -58,7 +58,7 @@ - dotfiles - vim -- name: Customize .kshrc environment file for new users +- name: "Customize .kshrc environment file for new users" copy: src: kshrc dest: /etc/skel/.kshrc diff --git a/roles/base/tasks/evobackup.yml b/roles/base/tasks/evobackup.yml index f04d730..be0d7d2 100644 --- a/roles/base/tasks/evobackup.yml +++ b/roles/base/tasks/evobackup.yml @@ -1,5 +1,5 @@ --- -- name: Copy zzz_evobackup script +- name: "Copy zzz_evobackup script" copy: src: zzz_evobackup dest: /usr/share/scripts/zzz_evobackup @@ -10,7 +10,7 @@ tags: - evobackup -- name: Fetch daily.local content +- name: "Fetch daily.local content" command: 'grep "sh /usr/share/scripts/zzz_evobackup" /etc/daily.local' check_mode: false register: daily_local_content @@ -19,7 +19,7 @@ tags: - evobackup -- name: Add evobackup cron (disabled) +- name: "Add evobackup cron (disabled)" lineinfile: path: /etc/daily.local line: '#sh /usr/share/scripts/zzz_evobackup' @@ -32,7 +32,7 @@ tags: - evobackup -- name: Add evobackup cron - next_part +- name: "Add evobackup cron - next_part" lineinfile: path: /etc/daily.local line: 'next_part "EvoBackup output:"' @@ -43,7 +43,7 @@ tags: - evobackup -- name: Delete legacy evobackup root crontab +- name: "Delete legacy evobackup root crontab" lineinfile: path: /var/cron/tabs/root regexp: '/usr/share/scripts/zzz_evobackup' diff --git a/roles/base/tasks/evomaintenance.yml b/roles/base/tasks/evomaintenance.yml index 495bd65..4f8c182 100644 --- a/roles/base/tasks/evomaintenance.yml +++ b/roles/base/tasks/evomaintenance.yml @@ -1,5 +1,5 @@ --- -- name: Create scripts directory +- name: "Create scripts directory" file: path: /usr/share/scripts/ state: directory @@ -9,7 +9,7 @@ tags: - evomaintenance -- name: Copy evomaintenance script and template +- name: "Copy evomaintenance script and template" copy: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -23,7 +23,7 @@ - evomaintenance - script-evomaintenance -- name: Configure evomaintenance +- name: "Configure evomaintenance" template: src: evomaintenance.j2 dest: /etc/evomaintenance.cf diff --git a/roles/base/tasks/fstab.yml b/roles/base/tasks/fstab.yml index 23a9af9..75a53c2 100644 --- a/roles/base/tasks/fstab.yml +++ b/roles/base/tasks/fstab.yml @@ -1,5 +1,5 @@ --- -- name: Fetch fstab content +- name: "Fetch fstab content" command: "grep -v '^#' /etc/fstab" check_mode: false register: fstab_content @@ -8,7 +8,7 @@ tags: - fstab -- name: / partition is customized - softdep +- name: "/ partition is customized - softdep" replace: dest: /etc/fstab regexp: '([^#]\s+/\s+ffs\s+rw)(.*)' @@ -19,7 +19,7 @@ tags: - fstab -- name: / partition is customized - noatime +- name: "/ partition is customized - noatime" replace: dest: /etc/fstab regexp: '([^#]\s+/\s+ffs\s+rw)(\S*)(\s+.*)' @@ -31,7 +31,7 @@ tags: - fstab -- name: /var partition is customized - softdep +- name: "/var partition is customized - softdep" replace: dest: /etc/fstab regexp: '([^#]\s+/var\s+ffs\s+rw)(.*)' @@ -42,7 +42,7 @@ tags: - fstab -- name: /var partition is customized - noatime +- name: "/var partition is customized - noatime" replace: dest: /etc/fstab regexp: '([^#]\s+/var\s+ffs\s+rw)(\S*)(\s+.*)' @@ -54,7 +54,7 @@ tags: - fstab -- name: /usr partition is customized - softdep +- name: "/usr partition is customized - softdep" replace: dest: /etc/fstab regexp: '([^#]\s+/usr\s+ffs\s+rw)(.*)' @@ -65,7 +65,7 @@ tags: - fstab -- name: /usr partition is customized - noatime +- name: "/usr partition is customized - noatime" replace: dest: /etc/fstab regexp: '([^#]\s+/usr\s+ffs\s+rw)(\S*)(\s+.*)' @@ -77,7 +77,7 @@ tags: - fstab -- name: /tmp partition is customized - noexec +- name: "/tmp partition is customized - noexec" replace: dest: /etc/fstab regexp: '([^#]\s+/tmp\s+ffs\s+rw(,softdep)*)(.*)' @@ -90,7 +90,7 @@ tags: - fstab -- name: /tmp partition is customized - softdep +- name: "/tmp partition is customized - softdep" replace: dest: /etc/fstab regexp: '([^#]\s+/tmp\s+ffs\s+rw)(.*)' @@ -102,7 +102,7 @@ tags: - fstab -- name: /tmp partition is customized - noatime +- name: "/tmp partition is customized - noatime" replace: dest: /etc/fstab regexp: '([^#]\s+/tmp\s+ffs\s+rw)(\S*)(\s+.*)' @@ -114,7 +114,7 @@ tags: - fstab -- name: /home partition is customized - softdep +- name: "/home partition is customized - softdep" replace: dest: /etc/fstab regexp: '([^#]\s+/home\s+ffs\s+rw)(.*)' @@ -125,7 +125,7 @@ tags: - fstab -- name: /home partition is customized - noatime +- name: "/home partition is customized - noatime" replace: dest: /etc/fstab regexp: '([^#]\s+/home\s+ffs\s+rw)(\S*)(\s+.*)' diff --git a/roles/base/tasks/mail.yml b/roles/base/tasks/mail.yml index fc36a64..a9ca06d 100644 --- a/roles/base/tasks/mail.yml +++ b/roles/base/tasks/mail.yml @@ -1,5 +1,5 @@ --- -- name: Fetch rc.local content +- name: "Fetch rc.local content" command: "grep -v '^#' /etc/rc.local" check_mode: false register: rclocal_content @@ -8,7 +8,7 @@ tags: - misc -- name: Configure rc.local +- name: "Configure rc.local" lineinfile: path: /etc/rc.local line: @@ -22,7 +22,7 @@ tags: - misc -- name: Delete rc.local entry of boot/reboot not precising hostname +- name: "Delete rc.local entry of boot/reboot not precising hostname" lineinfile: path: /etc/rc.local regexp: @@ -31,7 +31,7 @@ tags: - misc -- name: Set root mail alias +- name: "Set root mail alias" replace: dest: /etc/mail/aliases regexp: "# root:" diff --git a/roles/base/tasks/newsyslog.yml b/roles/base/tasks/newsyslog.yml index e21bf0a..4258cae 100644 --- a/roles/base/tasks/newsyslog.yml +++ b/roles/base/tasks/newsyslog.yml @@ -1,5 +1,5 @@ --- -- name: Customize newsyslog +- name: "Customize newsyslog" copy: src: newsyslog.conf dest: /etc/newsyslog.conf diff --git a/roles/base/tasks/ntp.yml b/roles/base/tasks/ntp.yml index b98a26f..6c1ec61 100644 --- a/roles/base/tasks/ntp.yml +++ b/roles/base/tasks/ntp.yml @@ -1,5 +1,5 @@ --- -- name: Retrieve ntpd.conf content +- name: "Retrieve ntpd.conf content" command: cat ntpd.conf args: chdir: /etc/ @@ -9,7 +9,7 @@ tags: - ntp -- name: Empty ntpd.conf before customizing it +- name: "Empty ntpd.conf before customizing it" file: path: /etc/ntpd.conf state: absent @@ -17,7 +17,7 @@ tags: - ntp -- name: Customize ntpd conf +- name: "Customize ntpd conf" lineinfile: path: /etc/ntpd.conf line: "server {{ ntpd_servers }}" diff --git a/roles/base/tasks/packages.yml b/roles/base/tasks/packages.yml index fbf10a9..2e9b4c7 100644 --- a/roles/base/tasks/packages.yml +++ b/roles/base/tasks/packages.yml @@ -1,6 +1,6 @@ --- -- name: Configure installurl +- name: "Configure installurl" copy: dest: /etc/installurl src: installurl @@ -8,7 +8,7 @@ tags: - pkg -- name: Install packages (vim rsync mtr etc) +- name: "Install packages (vim rsync mtr etc)" openbsd_pkg: name: - wget @@ -20,7 +20,7 @@ tags: - pkg -- name: Disable sndiod +- name: "Disable sndiod" service: name: sndiod enabled: false diff --git a/roles/base/tasks/sudo.yml b/roles/base/tasks/sudo.yml index 980d064..698aa00 100644 --- a/roles/base/tasks/sudo.yml +++ b/roles/base/tasks/sudo.yml @@ -1,5 +1,5 @@ --- -- name: Configure sudoers umask +- name: "Configure sudoers umask" lineinfile: dest: /etc/sudoers insertafter: '# Defaults specification' @@ -8,7 +8,7 @@ tags: - sudo -- name: Allow wheel group to run command as root in sudo +- name: "Allow wheel group to run command as root in sudo" lineinfile: dest: /etc/sudoers insertafter: '# and set environment variables.' @@ -18,7 +18,7 @@ tags: - sudo -- name: Delete line with space instead of tab +- name: "Delete line with space instead of tab" lineinfile: dest: /etc/sudoers line: "%wheel ALL=(ALL) SETENV: ALL" @@ -28,7 +28,7 @@ tags: - sudo -- name: Configure sudoers for evomaintenance and monitoring +- name: "Configure sudoers for evomaintenance and monitoring" blockinfile: state: present dest: /etc/sudoers diff --git a/roles/base/tasks/utils.yml b/roles/base/tasks/utils.yml index eb0c6e7..b9cf8c1 100644 --- a/roles/base/tasks/utils.yml +++ b/roles/base/tasks/utils.yml @@ -1,5 +1,5 @@ --- -- name: dump-server-state script is present +- name: "dump-server-state script is present" copy: src: "dump-server-state.sh" dest: /usr/local/sbin/dump-server-state @@ -10,7 +10,7 @@ tags: - utils -- name: update-evobackup-canary script is present +- name: "update-evobackup-canary script is present" copy: src: "update-evobackup-canary" dest: /usr/local/bin/update-evobackup-canary diff --git a/roles/bgp/tasks/main.yml b/roles/bgp/tasks/main.yml index 9b4c404..7edae90 100644 --- a/roles/bgp/tasks/main.yml +++ b/roles/bgp/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Deploy bgp check script +- name: "Deploy bgp check script" template: src: bgpd-check-peers.sh.j2 dest: /usr/share/scripts/bgpd-check-peers.sh @@ -7,7 +7,7 @@ tags: - bgp -- name: Cron job for bgp check script is installed +- name: "Cron job for bgp check script is installed" cron: name: bgp check job: "/bin/sh /usr/share/scripts/bgpd-check-peers.sh" @@ -15,7 +15,7 @@ tags: - bgp -- name: Create bgp log directory +- name: "Create bgp log directory" file: path: /var/log/bgp state: directory @@ -23,7 +23,7 @@ tags: - bgp -- name: daily best routes cron job is installed +- name: "Daily best routes cron job is installed" cron: name: bgp best routes minute: 0 @@ -35,7 +35,7 @@ tags: - bgp -- name: weekly best routes clean up cron job is installed +- name: "Weekly best routes clean up cron job is installed" cron: name: bgp best routes clean up minute: 0 diff --git a/roles/collectd/tasks/main.yml b/roles/collectd/tasks/main.yml index c68a230..ba8cfe2 100644 --- a/roles/collectd/tasks/main.yml +++ b/roles/collectd/tasks/main.yml @@ -1,11 +1,12 @@ +# yamllint disable rule:line-length --- -- name: Install Collectd package +- name: "Install Collectd package" openbsd_pkg: name: "collectd" tags: - collectd -- name: Deploy Collectd configuration +- name: "Deploy Collectd configuration" template: src: "collectd.conf.j2" dest: "/etc/collectd.conf" @@ -13,14 +14,14 @@ tags: - collectd -- name: Enabling Collectd +- name: "Enabling Collectd" service: name: collectd enabled: true tags: - collectd -- name: Create scripts directory for exec plugins +- name: "Create scripts directory for exec plugins" file: path: /usr/local/share/collectd/scripts state: directory @@ -28,7 +29,7 @@ tags: - collectd -- name: Copy ifq_drops.sh +- name: "Copy ifq_drops.sh" copy: src: ifq_drops.sh dest: /usr/local/share/collectd/scripts/ifq_drops.sh @@ -38,7 +39,7 @@ tags: - collectd -- name: Remove ifq_drops.sh +- name: "Remove ifq_drops.sh" file: path: /usr/local/share/collectd/scripts/ifq_drops.sh state: absent @@ -46,7 +47,7 @@ tags: - collectd -- name: Copy dns_stats.sh +- name: "Copy dns_stats.sh" copy: src: dns_stats.sh dest: /usr/local/share/collectd/scripts/dns_stats.sh @@ -56,7 +57,7 @@ tags: - collectd -- name: Add stats DNS on unbound +- name: "Add stats DNS on unbound" lineinfile: path: /var/unbound/etc/unbound.conf regexp: 'statistics-interval' @@ -69,7 +70,7 @@ tags: - collectd -- name: Remove dns_stats.sh +- name: "Remove dns_stats.sh" file: path: /usr/local/share/collectd/scripts/dns_stats.sh state: absent @@ -77,7 +78,7 @@ tags: - collectd -- name: Remove stats DNS on unbound +- name: "Remove stats DNS on unbound" lineinfile: path: /var/unbound/etc/unbound.conf regexp: 'statistics-interval' @@ -88,7 +89,7 @@ tags: - collectd -- name: Add doas configuration for dns_stats.sh execution +- name: "Add doas configuration for dns_stats.sh execution" lineinfile: path: /etc/doas.conf line: 'permit nopass _collectd as root cmd /bin/cat' @@ -96,7 +97,7 @@ tags: - collectd -- name: Copy dhcp_pool.pl +- name: "Copy dhcp_pool.pl" copy: src: dhcp_pool.pl dest: /usr/local/share/collectd/scripts/dhcp_pool.pl @@ -106,7 +107,7 @@ tags: - collectd -- name: Remove dhcp_pool.pl +- name: "Remove dhcp_pool.pl" file: path: /usr/local/share/collectd/scripts/dhcp_pool.pl state: absent diff --git a/roles/etc-git/tasks/commit.yml b/roles/etc-git/tasks/commit.yml index fcad3a4..10f4b45 100644 --- a/roles/etc-git/tasks/commit.yml +++ b/roles/etc-git/tasks/commit.yml @@ -1,3 +1,4 @@ +# yamllint disable rule:line-length --- - name: "Execute ansible-commit" diff --git a/roles/etc-git/tasks/main.yml b/roles/etc-git/tasks/main.yml index 7f5e118..acc8728 100644 --- a/roles/etc-git/tasks/main.yml +++ b/roles/etc-git/tasks/main.yml @@ -1,18 +1,18 @@ --- -- name: Git is installed +- name: "Git is installed" openbsd_pkg: name: git state: present tags: - etc-git -- name: Install and configure utilities +- name: "Install and configure utilities" include: utils.yml tags: - etc-git -- name: Configure repositories +- name: "Configure repositories" include: repositories.yml tags: - etc-git diff --git a/roles/etc-git/tasks/repositories.yml b/roles/etc-git/tasks/repositories.yml index 47e2557..156338f 100644 --- a/roles/etc-git/tasks/repositories.yml +++ b/roles/etc-git/tasks/repositories.yml @@ -6,7 +6,7 @@ tags: - etc-git -- name: verify /usr/share/scripts presence +- name: "Verify /usr/share/scripts presence" stat: path: /usr/share/scripts register: _usr_share_scripts diff --git a/roles/etc-git/tasks/repository.yml b/roles/etc-git/tasks/repository.yml index 467fc74..ba3fc48 100644 --- a/roles/etc-git/tasks/repository.yml +++ b/roles/etc-git/tasks/repository.yml @@ -10,7 +10,7 @@ tags: - etc-git -- name: Git user.email is configured +- name: "Git user.email is configured" git_config: name: user.email repo: "{{ repository_path }}" @@ -37,7 +37,7 @@ tags: - etc-git -- name: Set vim as default editor +- name: "Set vim as default editor" git_config: name: core.editor scope: global @@ -45,7 +45,7 @@ tags: - etc-git -- name: "does {{ repository_path }}/ have any commit?" +- name: "Does {{ repository_path }}/ have any commit?" command: "git log" args: chdir: "{{ repository_path }}" @@ -57,7 +57,7 @@ tags: - etc-git -- name: initial commit is present? +- name: "Initial commit is present?" shell: "git add -A . && git commit -m \"Initial commit via Ansible\"" args: chdir: "{{ repository_path }}" diff --git a/roles/etc-git/tasks/utils.yml b/roles/etc-git/tasks/utils.yml index f2d5e29..d16315e 100644 --- a/roles/etc-git/tasks/utils.yml +++ b/roles/etc-git/tasks/utils.yml @@ -1,6 +1,7 @@ +# yamllint disable rule:line-length --- -- name: evocommit script is installed +- name: "evocommit script is installed" copy: src: evocommit dest: /usr/local/bin/evocommit @@ -18,7 +19,7 @@ tags: - etc-git -- name: etc-git-optimize script is installed +- name: "etc-git-optimize script is installed" copy: src: etc-git-optimize dest: /usr/share/scripts/etc-git-optimize @@ -27,7 +28,7 @@ tags: - etc-git -- name: etc-git-status script is installed +- name: "etc-git-status script is installed" copy: src: etc-git-status dest: /usr/share/scripts/etc-git-status @@ -36,7 +37,7 @@ tags: - etc-git -- name: Legacy monthly cron job for /etc/.git optimization is absent +- name: "Legacy monthly cron job for /etc/.git optimization is absent" lineinfile: path: /etc/monthly.local line: '/usr/local/bin/git --git-dir /etc/.git gc --quiet' @@ -44,7 +45,7 @@ tags: - etc-git -- name: Legacy hourly cron job for /etc/.git status is absent +- name: "Legacy hourly cron job for /etc/.git status is absent" cron: name: git status minute: "42" @@ -53,7 +54,7 @@ tags: - etc-git -- name: Legacy daily cron jobs for /etc/.git status are absent +- name: "Legacy daily cron jobs for /etc/.git status are absent" lineinfile: path: /etc/daily.local line: "{{ item }}" @@ -66,7 +67,7 @@ tags: - etc-git -- name: Cron job for monthly git optimization +- name: "Cron job for monthly git optimization" lineinfile: path: /etc/monthly.local line: "/usr/share/scripts/etc-git-optimize" @@ -76,7 +77,7 @@ tags: - etc-git -- name: Cron job for monthly git optimization - next_part +- name: "Cron job for monthly git optimization - next_part" lineinfile: path: /etc/monthly.local line: 'next_part "Monthly optimization:"' @@ -87,7 +88,7 @@ tags: - etc-git -- name: Cron job for hourly git status +- name: "Cron job for hourly git status" lineinfile: path: /etc/hourly.local line: "who > /dev/null || /usr/share/scripts/etc-git-status" @@ -98,7 +99,7 @@ tags: - etc-git -- name: Cron job for hourly git status - next_part +- name: "Cron job for hourly git status - next_part" lineinfile: path: /etc/hourly.local line: 'next_part "Hourly warning for unclean Git repository if nobody is connected:"' @@ -110,7 +111,7 @@ tags: - etc-git -- name: Cron job for daily git status +- name: "Cron job for daily git status" lineinfile: path: /etc/daily.local line: "/usr/share/scripts/etc-git-status" @@ -121,7 +122,7 @@ tags: - etc-git -- name: Cron job for daily git status - next_part +- name: "Cron job for daily git status - next_part" lineinfile: path: /etc/daily.local line: 'next_part "Daily warning for unclean Git repository:"' diff --git a/roles/evocheck/tasks/exec.yml b/roles/evocheck/tasks/exec.yml index f5f70fa..3e6f772 100644 --- a/roles/evocheck/tasks/exec.yml +++ b/roles/evocheck/tasks/exec.yml @@ -1,5 +1,5 @@ --- -- name: run evocheck +- name: "Run evocheck" command: "{{ evocheck_bin_dir }}/evocheck.sh" register: evocheck_run changed_when: false diff --git a/roles/evocheck/tasks/main.yml b/roles/evocheck/tasks/main.yml index c0da5d1..ded85c8 100644 --- a/roles/evocheck/tasks/main.yml +++ b/roles/evocheck/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Scripts dir is present +- name: "Scripts dir is present" file: path: "{{ evocheck_bin_dir }}" state: directory @@ -9,7 +9,7 @@ tags: - evocheck -- name: Copy evocheck.sh +- name: "Copy evocheck.sh" copy: src: evocheck.sh dest: "{{ evocheck_bin_dir }}/evocheck.sh" @@ -19,7 +19,7 @@ tags: - evocheck -- name: Copy evocheck.cf +- name: "Copy evocheck.cf" copy: src: evocheck.cf dest: /etc/evocheck.cf @@ -28,7 +28,7 @@ tags: - evocheck -- name: Add evocheck cron +- name: "Add evocheck cron" lineinfile: path: /etc/daily.local insertbefore: BOF @@ -39,7 +39,7 @@ tags: - evocheck -- name: Add evocheck cron - next_part +- name: "Add evocheck cron - next_part" lineinfile: path: /etc/daily.local line: 'next_part "Evocheck output:"' diff --git a/roles/forwarding/tasks/main.yml b/roles/forwarding/tasks/main.yml index 9f72295..15679c7 100644 --- a/roles/forwarding/tasks/main.yml +++ b/roles/forwarding/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Enable IPv4 forwarding +- name: "Enable IPv4 forwarding" sysctl: name: net.inet.ip.forwarding value: "1" @@ -8,7 +8,7 @@ tags: - net -- name: Enable IPv6 forwarding +- name: "Enable IPv6 forwarding" sysctl: name: net.inet6.ip6.forwarding value: "1" diff --git a/roles/logsentry/tasks/main.yml b/roles/logsentry/tasks/main.yml index 57ac5e1..ac5639b 100644 --- a/roles/logsentry/tasks/main.yml +++ b/roles/logsentry/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Install logsentry +- name: "Install logsentry" openbsd_pkg: name: - logsentry-- @@ -7,7 +7,7 @@ tags: - logsentry -- name: Copy logsentry script to /usr/share/scripts +- name: "Copy logsentry script to /usr/share/scripts" copy: src: logsentry.sh dest: /usr/share/scripts/logsentry.sh @@ -17,7 +17,7 @@ tags: - logsentry -- name: Copy logsentry.ignore configuration +- name: "Copy logsentry.ignore configuration" copy: src: "{{ item }}" dest: /etc/logsentry/logsentry.ignore @@ -28,7 +28,7 @@ - logsentry - config -- name: Copy logsentry.violations.ignore configuration +- name: "Copy logsentry.violations.ignore configuration" copy: src: "{{ item }}" dest: /etc/logsentry/logsentry.violations.ignore @@ -39,7 +39,7 @@ - logsentry - config -- name: hourly cron job for logsentry.sh is installed +- name: "Hourly cron job for logsentry.sh is installed" cron: name: logsentry minute: "11" diff --git a/roles/nagios-nrpe/tasks/main.yml b/roles/nagios-nrpe/tasks/main.yml index 3870a0d..1bfd1c6 100644 --- a/roles/nagios-nrpe/tasks/main.yml +++ b/roles/nagios-nrpe/tasks/main.yml @@ -1,18 +1,18 @@ --- -- name: Install nrpe +- name: "Install nrpe" openbsd_pkg: name: - nrpe-- state: present -- name: Install monitoring packages +- name: "Install monitoring packages" openbsd_pkg: name: - monitoring-plugins - check_bioctl state: present -- name: Create nrpe.d dir +- name: "Create nrpe.d dir" file: path: /etc/nrpe.d state: directory @@ -20,19 +20,19 @@ group: wheel mode: "0755" -- name: Include nrpe.d dir in nrpe.cfg +- name: "Include nrpe.d dir in nrpe.cfg" lineinfile: dest: /etc/nrpe.cfg line: 'include_dir=/etc/nrpe.d' -- name: custom configuration is present +- name: "Custom configuration is present" template: src: evolix_bsd.cfg.j2 dest: /etc/nrpe.d/evolix.cfg mode: "0644" notify: restart nrpe -- name: Create nrpe plugins dir +- name: "Create nrpe plugins dir" file: path: /usr/local/libexec/nagios/plugins/ state: directory @@ -40,7 +40,7 @@ group: wheel mode: "0755" -- name: Nagios plugins are installed +- name: "Nagios plugins are installed" copy: src: plugins_bsd/{{ item.name }} dest: /usr/local/libexec/nagios/plugins/{{ item.name }} @@ -64,7 +64,7 @@ - {name: 'check_dhcpd.sh', force: false} notify: restart nrpe -- name: Nagios plugins are installed - template +- name: "Nagios plugins are installed - template" template: src: plugins_bsd/{{ item.name }}.j2 dest: /usr/local/libexec/nagios/plugins/{{ item.name }} @@ -76,7 +76,7 @@ - {name: 'check_free_mem.sh', force: true} notify: restart nrpe -- name: Starting and enabling nrpe +- name: "Starting and enabling nrpe" service: name: nrpe enabled: true diff --git a/roles/ospf/tasks/main.yml b/roles/ospf/tasks/main.yml index d1b28be..43178c3 100644 --- a/roles/ospf/tasks/main.yml +++ b/roles/ospf/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Deploy ospf check scripts +- name: "Deploy ospf check scripts" template: src: "{{ item }}.j2" dest: /usr/share/scripts/{{ item }} @@ -10,7 +10,7 @@ tags: - ospf -- name: Cron job for ospf check scripts is installed +- name: "Cron job for ospf check scripts is installed" cron: name: "{{ item }} check" job: "/bin/sh /usr/share/scripts/{{ item }}-check-peers.sh" diff --git a/roles/pf/tasks/main.yml b/roles/pf/tasks/main.yml index 4e52827..e873933 100644 --- a/roles/pf/tasks/main.yml +++ b/roles/pf/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Setup pf.conf +- name: "Setup pf.conf" template: src: pf.conf.j2 dest: /etc/pf.conf diff --git a/roles/post-install/tasks/ldif.yml b/roles/post-install/tasks/ldif.yml index 11e8bde..6fe292d 100644 --- a/roles/post-install/tasks/ldif.yml +++ b/roles/post-install/tasks/ldif.yml @@ -1,5 +1,5 @@ --- -- name: "copy generateldif.sh" +- name: "Copy generateldif.sh" template: src: generateldif.sh.j2 dest: '{{ general_scripts_dir }}/generateldif.sh' @@ -7,7 +7,7 @@ group: wheel mode: "0750" -- name: run generateldif +- name: "Run generateldif" command: '{{ general_scripts_dir }}/generateldif.sh' register: generateldif_run changed_when: false diff --git a/roles/post-install/tasks/motd.yml b/roles/post-install/tasks/motd.yml index f78dbf5..648ace5 100644 --- a/roles/post-install/tasks/motd.yml +++ b/roles/post-install/tasks/motd.yml @@ -1,5 +1,5 @@ --- -- name: Deploy dynamic motd script for CARP master or backup +- name: "Deploy dynamic motd script for CARP master or backup" copy: src: motd-carp-state.sh dest: /usr/share/scripts/motd-carp-state.sh @@ -7,7 +7,7 @@ group: wheel mode: '0755' -- name: Fetch root crontab content +- name: "Fetch root crontab content" command: > grep "/bin/sh /usr/share/scripts/motd-carp-state.sh" /var/cron/tabs/root check_mode: false @@ -15,7 +15,7 @@ failed_when: false changed_when: false -- name: Cron job for dynamic motd script is installed +- name: "Cron job for dynamic motd script is installed" cron: name: dynamic motd for CARP job: "/bin/sh /usr/share/scripts/motd-carp-state.sh" diff --git a/roles/post-install/tasks/update.yml b/roles/post-install/tasks/update.yml index f6b0e69..2c1708c 100644 --- a/roles/post-install/tasks/update.yml +++ b/roles/post-install/tasks/update.yml @@ -1,5 +1,5 @@ --- -- name: Check and install updates (erratas) if available +- name: "Check and install updates (erratas) if available" command: /usr/sbin/syspatch ignore_errors: true when: ansible_distribution_version is version_compare("6.1",'>=')