diff --git a/.drone.yml b/.drone.yml index b5a3161..13451c1 100644 --- a/.drone.yml +++ b/.drone.yml @@ -4,18 +4,26 @@ type: docker name: default steps: -- name: lint markdown files - image: pipelinecomponents/remark-lint:latest - commands: - - "remark --no-stdout --color --use preset-lint-recommended ." + - name: lint markdown files + image: pipelinecomponents/remark-lint:latest + commands: + - "remark --no-stdout --color --use preset-lint-recommended ." -- name: lint yaml files - image: pipelinecomponents/yamllint:latest - commands: - - "yamllint ." + - name: lint yaml files + image: pipelinecomponents/yamllint:latest + commands: + - "yamllint ." -- name: lint ansible scripts - image: pipelinecomponents/ansible-lint:latest - commands: - - "find . -maxdepth 1 -name '*.yml' | sort | grep -v '.drone.yml' | xargs ansible-playbook --syntax-check --list-tasks" - - "find . -maxdepth 1 -name '*.yml' | sort | grep -v '.drone.yml' | xargs ansible-lint" + - name: lint ansible scripts + image: pipelinecomponents/ansible-lint:latest + commands: + - > + find . -maxdepth 1 -name '*.yml' + | sort + | grep -v '.drone.yml' + | xargs ansible-playbook --syntax-check --list-tasks + - > + find . -maxdepth 1 -name '*.yml' + | sort + | grep -v '.drone.yml' + | xargs ansible-lint" diff --git a/evolixisation.yml b/evolixisation.yml index 49ebd97..da873e6 100644 --- a/evolixisation.yml +++ b/evolixisation.yml @@ -40,4 +40,5 @@ tasks_from: exec.yml # environment: +# yamllint disable-line rule:line-length # PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/" diff --git a/prerequisite.yml b/prerequisite.yml index c2fcfbe..aaf5bbb 100644 --- a/prerequisite.yml +++ b/prerequisite.yml @@ -11,6 +11,7 @@ tasks: - name: Install ansible's prerequisite + # yamllint disable-line rule:line-length raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-2 # vim:ft=ansible diff --git a/roles/accounts/tasks/main.yml b/roles/accounts/tasks/main.yml index c205a97..02d8749 100644 --- a/roles/accounts/tasks/main.yml +++ b/roles/accounts/tasks/main.yml @@ -37,7 +37,8 @@ - name: "If AllowGroups is present then use it" set_fact: - ssh_allowgroups: "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}" + ssh_allowgroups: + "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}" - name: "Add AllowGroups sshd directive with '{{ evolinux_ssh_group }}'" lineinfile: diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml index b2173a8..9be1d76 100644 --- a/roles/base/defaults/main.yml +++ b/roles/base/defaults/main.yml @@ -6,8 +6,10 @@ general_alert_email: "root@localhost" general_technical_realm: "example.com" evomaintenance_realm: "example.com" -evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}" -evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}" +evomaintenance_alert_email: + "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}" +evomaintenance_hostname: + "{{ inventory_hostname }}.{{ general_technical_realm }}" evomaintenance_pg_host: null evomaintenance_pg_passwd: null evomaintenance_pg_db: null @@ -27,4 +29,7 @@ evomaintenance_hook_commit: true evomaintenance_hook_mail: true evomaintenance_default_hosts: [] evomaintenance_additional_hosts: [] -evomaintenance_hosts: "{{ evomaintenance_default_hosts | union(evomaintenance_additional_hosts) | unique }}" +evomaintenance_hosts: > + {{ evomaintenance_default_hosts + | union(evomaintenance_additional_hosts) + | unique }} diff --git a/roles/base/tasks/evomaintenance.yml b/roles/base/tasks/evomaintenance.yml index e963256..9d51c7a 100644 --- a/roles/base/tasks/evomaintenance.yml +++ b/roles/base/tasks/evomaintenance.yml @@ -10,7 +10,12 @@ - evomaintenance - name: Copy evomaintenance script and template - copy: src={{ item.src }} dest={{ item.dest }} owner=root group=wheel mode="0755" + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: 'root' + group: 'wheel' + mode: '0755' with_items: - {src: 'evomaintenance.sh', dest: '/usr/share/scripts/'} - {src: 'evomaintenance.tpl', dest: '/usr/share/scripts/'} diff --git a/roles/base/tasks/mail.yml b/roles/base/tasks/mail.yml index dae151c..dacd60d 100644 --- a/roles/base/tasks/mail.yml +++ b/roles/base/tasks/mail.yml @@ -2,7 +2,8 @@ - name: Configure rc.local lineinfile: path: /etc/rc.local - line: 'date | mail -s "boot/reboot of $(hostname -s)" {{ general_alert_email }}' + line: + 'date | mail -s "boot/reboot of $(hostname -s)" {{ general_alert_email }}' create: true tags: - misc diff --git a/roles/bgp/tasks/main.yml b/roles/bgp/tasks/main.yml index c08f47a..a0304a7 100644 --- a/roles/bgp/tasks/main.yml +++ b/roles/bgp/tasks/main.yml @@ -29,7 +29,9 @@ minute: 0 hour: 4 weekday: 0 - job: "/usr/sbin/bgpctl show rib selected > /var/log/bgp/rib-selected-$(date +\\%F)" + job: > + /usr/sbin/bgpctl show rib selected + > /var/log/bgp/rib-selected-$(date +\\%F) when: group_names | select('search','bgp') | list | count > 0 tags: - bgp diff --git a/roles/etc-git/tasks/commit.yml b/roles/etc-git/tasks/commit.yml index a816d81..94cd02f 100644 --- a/roles/etc-git/tasks/commit.yml +++ b/roles/etc-git/tasks/commit.yml @@ -29,6 +29,7 @@ - etc-git - commit-etc +# yamllint disable rule:line-length - name: set commit author set_fact: commit_author: '{% if ansible_env.SUDO_USER is not defined %}root{% else %}{{ ansible_env.SUDO_USER }}{% endif %}' @@ -47,6 +48,7 @@ tags: - etc-git - commit-etc +# yamllint enable rule:line-length - debug: var: etc_commit_end_run diff --git a/roles/etc-git/tasks/main.yml b/roles/etc-git/tasks/main.yml index e4c01e2..6b20325 100644 --- a/roles/etc-git/tasks/main.yml +++ b/roles/etc-git/tasks/main.yml @@ -93,7 +93,8 @@ - name: cron job for /etc/.git status is removed lineinfile: path: /etc/daily.local - line: '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short' + line: + '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short' owner: root mode: "0644" state: absent @@ -105,7 +106,13 @@ cron: name: git status minute: 42 - job: "who > /dev/null || /usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short" + job: > + who + > /dev/null + || /usr/local/bin/git + --git-dir=/etc/.git + --work-tree=/etc + status --short when: etc_git_monitor_status tags: - etc-git @@ -114,7 +121,13 @@ cron: name: git status minute: 42 - job: "who > /dev/null || /usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short" + job: > + who + > /dev/null + || /usr/local/bin/git + --git-dir=/etc/.git + --work-tree=/etc + status --short state: absent when: not etc_git_monitor_status tags: diff --git a/roles/nagios-nrpe/defaults/main.yml b/roles/nagios-nrpe/defaults/main.yml index 96c3ddd..c27efa8 100644 --- a/roles/nagios-nrpe/defaults/main.yml +++ b/roles/nagios-nrpe/defaults/main.yml @@ -2,7 +2,8 @@ evolix_trusted_ips: [] additional_trusted_ips: [] # Let's merge evolix_trusted_ips with additional_trusted_ips -nagios_nrpe_allowed_hosts: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}" +nagios_nrpe_allowed_hosts: + "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}" nagios_nrpe_ldap_dc: "dc=DOMAIN,dc=EXT" nagios_nrpe_ldap_passwd: LDAP_PASSWD nagios_nrpe_pgsql_passwd: PGSQL_PASSWD diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 05e7b83..c3b0d80 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -55,8 +55,12 @@ mode: "{{ item.mode }}" force: true with_items: - - {src: 'files/shellpki/openssl.cnf', dest: '/etc/shellpki/openssl.cnf', mode: '0640'} - - {src: 'files/shellpki/shellpki', dest: '/usr/local/sbin/shellpki', mode: '0755'} + - src: 'files/shellpki/openssl.cnf' + dest: '/etc/shellpki/openssl.cnf' + mode: '0640' + - src: 'files/shellpki/shellpki' + dest: '/usr/local/sbin/shellpki' + mode: '0755' tags: - openvpn @@ -104,6 +108,8 @@ mode: "{{ item.mode }}" force: true with_items: - - {src: 'files/check_openvpn.pl', dest: '/usr/local/libexec/nagios/plugins/check_openvpn.pl', mode: '0755'} + - src: 'files/check_openvpn.pl' + dest: '/usr/local/libexec/nagios/plugins/check_openvpn.pl' + mode: '0755' tags: - openvpn diff --git a/tasks/commit_etc_git.yml b/tasks/commit_etc_git.yml index bb8d5dd..2925120 100644 --- a/tasks/commit_etc_git.yml +++ b/tasks/commit_etc_git.yml @@ -9,9 +9,14 @@ ignore_errors: true tags: - commit-etc - +# yamllint disable rule:line-length - name: /etc modifications are committed - shell: "git add -A . && git commit -m \"{{ commit_message | default('Ansible run') }}\" --author=\"{{ ansible_env.SUDO_USER | default('Root') }} <{{ ansible_env.SUDO_USER | default('Root') }}@{{ general_technical_realm }}>\"" + shell: > + git add -A . + && git commit + -m "{{ commit_message | default('Ansible run') }}" + --author="{{ ansible_env.SUDO_USER | default('Root') }}" + < "{{ ansible_env.SUDO_USER | default('Root') }}@{{ general_technical_realm }}>" args: chdir: /etc register: etc_commit_end_evolinux @@ -19,3 +24,4 @@ ignore_errors: true tags: - commit-etc +# yamllint enable rule:line-length diff --git a/vars/main.yml b/vars/main.yml index 7e70b75..347a44e 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,8 +13,10 @@ evolinux_sudo_group: "evolinux-sudo" evolinux_root_disable_ssh: true # # evomaintenance_realm: "example.com" -# evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}" -# evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}" +# evomaintenance_alert_email: +# "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}" +# evomaintenance_hostname: +# "{{ inventory_hostname }}.{{ general_technical_realm }}" # evomaintenance_pg_host: Null # evomaintenance_pg_passwd: Null # evomaintenance_pg_db: Null