use Fully Qualified Collection Name everywhere

prerequisite.yml

@@ -12,7 +12,7 @@
 
     - name: Install ansible's prerequisite
       # yamllint disable-line rule:line-length
-      raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-3
+      ansible.builtin.raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-3
       changed_when: true
 
 # vim:ft=ansible

roles/accounts/handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 
 - name: reload sshd
-  service:
+  ansible.builtin.service:
     name: sshd
     state: reloaded

roles/accounts/tasks/main.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "Create {{ evobsd_internal_group }}, {{ evobsd_ssh_group }}, {{ evobsd_sudo_group }} group"
-  group:
+  ansible.builtin.group:
     name: "{{ item }}"
     system: true
   with_items:
@@ -25,7 +25,7 @@
     - admin
 
 - name: "Verify AllowGroups directive"
-  command: "grep -E '^AllowGroups' /etc/ssh/sshd_config"
+  ansible.builtin.command: "grep -E '^AllowGroups' /etc/ssh/sshd_config"
   changed_when: false
   failed_when: false
   check_mode: false
@@ -35,7 +35,7 @@
     - admin
 
 - name: "Verify AllowUsers directive"
-  command: "grep -E '^AllowUsers' /etc/ssh/sshd_config"
+  ansible.builtin.command: "grep -E '^AllowUsers' /etc/ssh/sshd_config"
   changed_when: false
   failed_when: false
   check_mode: false
@@ -45,7 +45,7 @@
     - admin
 
 - name: "Check that AllowUsers and AllowGroup do not override each other"
-  assert:
+  ansible.builtin.assert:
     that: "not (grep_allowusers_ssh.rc == 0 and grep_allowgroups_ssh.rc == 0)"
     msg: "We can't deal with AllowUsers and AllowGroups at the same time"
   tags:
@@ -53,7 +53,7 @@
     - admin
 
 - name: "If AllowGroups is present then use it"
-  set_fact:
+  ansible.builtin.set_fact:
     ssh_allowgroups:
       "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}"
   tags:
@@ -61,7 +61,7 @@
     - admin
 
 - name: "Add AllowGroups sshd directive with '{{ evobsd_ssh_group }}'"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/ssh/sshd_config
     line: "\nAllowGroups {{ evobsd_ssh_group }}"
     insertafter: 'Subsystem'
@@ -75,7 +75,7 @@
     - admin
 
 - name: "Append '{{ evobsd_ssh_group }}' to AllowGroups sshd directive"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/ssh/sshd_config
     regexp: '^(AllowGroups ((?!\b{{ evobsd_ssh_group }}\b).)*)$'
     replace: '\1 {{ evobsd_ssh_group }}'
@@ -89,7 +89,7 @@
     - admin
 
 - name: "Security directives for EvoBSD"
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: /etc/ssh/sshd_config
     marker: "# {mark} EVOBSD PASSWORD RESTRICTIONS"
     block: |
@@ -107,7 +107,7 @@
     - admin
 
 - name: "Disable root login"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/ssh/sshd_config
     regexp: '^PermitRootLogin\s+(yes|without-password|prohibit-password)'
     replace: "PermitRootLogin {{ evobsd_root_login }}"

roles/accounts/tasks/user.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "Group '{{ user.name }}' is present"
-  group:
+  ansible.builtin.group:
     state: present
     name: "{{ user.name }}"
     gid: "{{ user.uid }}"
@@ -10,7 +10,7 @@
     - admin
 
 - name: "User '{{ user.name }}' is present"
-  user:
+  ansible.builtin.user:
     state: present
     name: '{{ user.name }}'
     uid: '{{ user.uid }}'
@@ -24,14 +24,14 @@
     - admin
 
 - name: "Gather available local users"
-  getent:
+  ansible.builtin.getent:
     database: passwd
   tags:
     - accounts
     - admin
 
 - name: "Home directory for '{{ user.name }}' is only accesible by owner"
-  file:
+  ansible.builtin.file:
     name: '/home/{{ user.name }}'
     mode: "0700"
     owner: "{{ user.name }}"
@@ -43,7 +43,7 @@
     - admin
 
 - name: "SSH public keys for '{{ user.name }}' are present"
-  authorized_key:
+  ansible.posix.authorized_key:
     user: "{{ user.name }}"
     key: "{{ ssk_key }}"
     state: present
@@ -58,7 +58,7 @@
     - admin
 
 - name: "Add {{ user.name }} to {{ evobsd_internal_group }}, {{ evobsd_ssh_group }}, {{ evobsd_sudo_group }} group"
-  user:
+  ansible.builtin.user:
     name: "{{ user.name }}"
     groups: "{{ groups_item }}"
     append: true

roles/base/handlers/main.yml

@@ -1,38 +1,38 @@
 ---
 - name: newaliases
-  command: smtpctl update table aliases
+  ansible.builtin.command: smtpctl update table aliases
 
 - name: remount / noatime
-  command: mount -u -o noatime /
+  ansible.builtin.command: mount -u -o noatime /
   args:
     warn: false
 
 - name: remount /var noatime
-  command: mount -u -o noatime /var
+  ansible.builtin.command: mount -u -o noatime /var
   args:
     warn: false
 
 - name: remount /usr noatime
-  command: mount -u -o noatime /usr
+  ansible.builtin.command: mount -u -o noatime /usr
   args:
     warn: false
 
 - name: remount /tmp noexec
-  command: mount -u -o noexec /tmp
+  ansible.builtin.command: mount -u -o noexec /tmp
   args:
     warn: false
 
 - name: remount /tmp noatime
-  command: mount -u -o noatime /tmp
+  ansible.builtin.command: mount -u -o noatime /tmp
   args:
     warn: false
 
 - name: remount /home noatime
-  command: mount -u -o noatime /home
+  ansible.builtin.command: mount -u -o noatime /home
   args:
     warn: false
 
 - name: restart ntpd
-  service:
+  ansible.builtin.service:
     name: ntpd
     state: restarted

roles/base/tasks/cron.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Customize PATH variable of root crontab"
-  cron:
+  ansible.builtin.cron:
     name: PATH
     env: true
     value: "{{ cron_root_path }}"

roles/base/tasks/doas.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "Configure doas"
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: /etc/doas.conf
     owner: root
     group: wheel

roles/base/tasks/dotfiles.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Customize root's .profile"
-  template:
+  ansible.builtin.template:
     src: profile.j2
     dest: /root/.profile
     mode: "0644"
@@ -9,7 +9,7 @@
     - dotfiles
 
 - name: "Copy vim default configuration"
-  copy:
+  ansible.builtin.copy:
     src: vimrc
     dest: /root/.vimrc
     mode: "0644"
@@ -18,7 +18,7 @@
     - dotfiles
 
 - name: "Customize .kshrc environment file"
-  template:
+  ansible.builtin.template:
     src: kshrc.j2
     dest: /root/.kshrc
     mode: "0644"
@@ -27,7 +27,7 @@
     - dotfiles
 
 - name: "Change default .profile skeleton"
-  template:
+  ansible.builtin.template:
     src: profile.j2
     dest: /etc/skel/.profile
     mode: "0644"
@@ -36,7 +36,7 @@
     - dotfiles
 
 - name: "Add evomaintenance trap .profile skeleton with doas"
-  lineinfile:
+  ansible.builtin.lineinfile:
     state: present
     dest: /etc/skel/.profile
     mode: "0644"
@@ -48,7 +48,7 @@
     - dotfiles
 
 - name: "Add vim configuration to dotfiles for new users"
-  copy:
+  ansible.builtin.copy:
     src: vimrc
     dest: /etc/skel/.vimrc
     mode: "0644"
@@ -57,7 +57,7 @@
     - dotfiles
 
 - name: "Customize .kshrc environment file for new users"
-  template:
+  ansible.builtin.template:
     src: kshrc.j2
     dest: /etc/skel/.kshrc
     mode: "0644"

roles/base/tasks/fstab_entries.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Fetch fstab content"
-  command: "grep -v '^#' /etc/fstab"
+  ansible.builtin.command: "grep -v '^#' /etc/fstab"
   check_mode: false
   register: fstab_content
   failed_when: false

roles/base/tasks/fstab_entry.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "{{ fstab_path }} partition is customized - softdep"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/fstab
     regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw)(.*)'
     replace: '\1,softdep\2'
@@ -13,7 +13,7 @@
     - fstab
 
 - name: "{{ fstab_path }} partition is customized - noatime"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/fstab
     regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw)(\S*)(\s+.*)'
     replace: '\1\2,noatime\3'
@@ -26,7 +26,7 @@
     - fstab
 
 - name: "{{ fstab_path }} partition is customized - noexec"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/fstab
     regexp: '([^#]\s+{{ fstab_path }}\s+ffs\s+rw(,softdep)*)(.*)'
     replace: '\1,noexec\3'

roles/base/tasks/mail.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Fetch rc.local content"
-  command: "grep -v '^#' /etc/rc.local"
+  ansible.builtin.command: "grep -v '^#' /etc/rc.local"
   check_mode: false
   register: rclocal_content
   failed_when: false
@@ -9,7 +9,7 @@
     - alerting
 
 - name: "Configure rc.local"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/rc.local
     line:
       'date | mail -s "boot/reboot of $(hostname -s)" {{ general_alert_email }}'
@@ -23,7 +23,7 @@
     - alerting
 
 - name: "Delete rc.local entry of boot/reboot not precising hostname"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/rc.local
     regexp:
       "^.* mail -s (?!.*of.*).+$"
@@ -32,7 +32,7 @@
     - alerting
 
 - name: "Set root mail alias"
-  replace:
+  ansible.builtin.replace:
     dest: /etc/mail/aliases
     regexp: "# root:"
     replace: "root: {{ general_alert_email }}"

roles/base/tasks/newsyslog.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Customize newsyslog"
-  copy:
+  ansible.builtin.copy:
     src: newsyslog.conf
     dest: /etc/newsyslog.conf
     mode: "0644"

roles/base/tasks/ntp.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Customize ntpd conf"
-  template:
+  ansible.builtin.template:
     src: ntpd.conf.j2
     dest: /etc/ntpd.conf
     owner: root

roles/base/tasks/packages.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: "Configure installurl"
-  copy:
+  ansible.builtin.copy:
     content: "{{ evobsd_install_url }}\n"
     dest: /etc/installurl
     mode: "0644"
@@ -9,7 +9,7 @@
     - pkg
 
 - name: "Install packages (vim rsync mtr etc)"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name:
       - wget
       - vim--no_x11
@@ -25,7 +25,7 @@
     - pkg
 
 - name: "Disable sndiod"
-  service:
+  ansible.builtin.service:
     name: sndiod
     enabled: false
     state: stopped

roles/base/tasks/resolvconf.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Configure resolv.conf"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/resolv.conf
     line: "lookup file bind"
     insertbefore: BOF

roles/base/tasks/sudo.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Configure sudoers umask"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/sudoers
     insertafter: '# Defaults specification'
     line: 'Defaults umask=0077'
@@ -9,7 +9,7 @@
     - sudo
 
 - name: "Deactivate sudo insults"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/sudoers
     insertafter: 'Defaults umask=0077'
     line: 'Defaults !insults'
@@ -18,7 +18,7 @@
     - sudo
 
 - name: "Configure sudoers"
-  blockinfile:
+  ansible.builtin.blockinfile:
     state: present
     dest: /etc/sudoers
     insertafter: EOF

roles/base/tasks/utils.yml

@@ -1,6 +1,6 @@
 ---
 - name: "dump-server-state script is present"
-  copy:
+  ansible.builtin.copy:
     src: "dump-server-state.sh"
     dest: /usr/local/sbin/dump-server-state
     force: true
@@ -13,7 +13,7 @@
     - utils
 
 - name: "update-evobackup-canary script is present"
-  copy:
+  ansible.builtin.copy:
     src: "update-evobackup-canary"
     dest: /usr/local/bin/update-evobackup-canary
     force: true

roles/bgp/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Deploy bgp check script"
-  template:
+  ansible.builtin.template:
     src: bgpd-check-peers.sh.j2
     dest: /usr/share/scripts/bgpd-check-peers.sh
   when: group_names | select('search','bgp') | list | count > 0
@@ -8,7 +8,7 @@
     - bgp
 
 - name: "Cron job for bgp check script is installed"
-  cron:
+  ansible.builtin.cron:
     name: bgp check
     job: "/bin/sh /usr/share/scripts/bgpd-check-peers.sh"
   when: group_names | select('search','bgp') | list | count > 0
@@ -16,7 +16,7 @@
     - bgp
 
 - name: "Create bgp log directory"
-  file:
+  ansible.builtin.file:
     path: /var/log/bgp
     state: directory
   when: group_names | select('search','bgp') | list | count > 0
@@ -24,7 +24,7 @@
     - bgp
 
 - name: "Daily best routes cron job is installed"
-  cron:
+  ansible.builtin.cron:
     name: bgp best routes
     minute: 0
     hour: 4
@@ -36,7 +36,7 @@
     - bgp
 
 - name: "Weekly best routes clean up cron job is installed"
-  cron:
+  ansible.builtin.cron:
     name: bgp best routes clean up
     minute: 0
     hour: 4

roles/collectd/handlers/main.yml

@@ -1,5 +1,5 @@
 ---
 - name: restart collectd
-  service:
+  ansible.builtin.service:
     name: collectd
     state: restarted

roles/collectd/tasks/main.yml

@@ -1,13 +1,13 @@
 # yamllint disable rule:line-length
 ---
 - name: "Install Collectd package"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name: "collectd"
   tags:
     - collectd
 
 - name: "Deploy Collectd configuration"
-  template:
+  ansible.builtin.template:
     src: "collectd.conf.j2"
     dest: "/etc/collectd.conf"
   notify: restart collectd
@@ -15,7 +15,7 @@
     - collectd
 
 - name: "Enabling Collectd"
-  service:
+  ansible.builtin.service:
     name: collectd
     enabled: true
   when: not ansible_check_mode
@@ -23,7 +23,7 @@
     - collectd
 
 - name: "Fix rights for collectd directory"
-  file:
+  ansible.builtin.file:
     path: /usr/local/share/collectd
     state: directory
     owner: "root"
@@ -34,7 +34,7 @@
     - collectd
 
 - name: "Create scripts directory for exec plugins"
-  file:
+  ansible.builtin.file:
     path: /usr/local/share/collectd/scripts
     state: directory
     owner: "root"
@@ -45,7 +45,7 @@
     - collectd
 
 - name: "Copy ifq_drops.sh"
-  copy:
+  ansible.builtin.copy:
     src: ifq_drops.sh
     dest: /usr/local/share/collectd/scripts/ifq_drops.sh
     owner: "root"
@@ -57,7 +57,7 @@
     - collectd
 
 - name: "Remove ifq_drops.sh"
-  file:
+  ansible.builtin.file:
     path: /usr/local/share/collectd/scripts/ifq_drops.sh
     state: absent
   when: not collectd_plugin_exec_ifq_drops
@@ -65,7 +65,7 @@
     - collectd
 
 - name: "Copy dns_stats.sh"
-  copy:
+  ansible.builtin.copy:
     src: dns_stats.sh
     dest: /usr/local/share/collectd/scripts/dns_stats.sh
     owner: "root"
@@ -77,7 +77,7 @@
     - collectd
 
 - name: "Remove dns_stats.sh"
-  file:
+  ansible.builtin.file:
     path: /usr/local/share/collectd/scripts/dns_stats.sh
     state: absent
   when: not collectd_plugin_exec_dns_stats
@@ -85,7 +85,7 @@
     - collectd
 
 - name: "Add doas configuration for dns_stats.sh execution"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/doas.conf
     line: 'permit nopass _collectd as root cmd /usr/sbin/unbound-control args stats'
   when: collectd_plugin_exec_dns_stats
@@ -93,7 +93,7 @@
     - collectd
 
 - name: "Copy dhcp_pool.pl"
-  copy:
+  ansible.builtin.copy:
     src: dhcp_pool.pl
     dest: /usr/local/share/collectd/scripts/dhcp_pool.pl
     owner: "root"
@@ -105,7 +105,7 @@
     - collectd
 
 - name: "Remove dhcp_pool.pl"
-  file:
+  ansible.builtin.file:
     path: /usr/local/share/collectd/scripts/dhcp_pool.pl
     state: absent
   when: not collectd_plugin_exec_dhcp_pool

roles/etc-git/tasks/commit.yml

@@ -2,7 +2,7 @@
 ---
 
 - name: "Execute ansible-commit"
-  command: "/usr/local/bin/ansible-commit --verbose --message \"{{ commit_message | mandatory }}\""
+  ansible.builtin.command: "/usr/local/bin/ansible-commit --verbose --message \"{{ commit_message | mandatory }}\""
   changed_when:
     - _ansible_commit.stdout
     - "'CHANGED:' in _ansible_commit.stdout"

roles/etc-git/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: "Git is installed"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name: git
     state: present
   tags:

roles/etc-git/tasks/repositories.yml

@@ -12,7 +12,7 @@
     - etc-git
 
 - name: "Verify /usr/share/scripts presence"
-  stat:
+  ansible.builtin.stat:
     path: /usr/share/scripts
   register: _usr_share_scripts
   tags:

roles/etc-git/tasks/repository.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: "{{ repository_path }} is versioned with git"
-  command: "git init ."
+  ansible.builtin.command: "git init ."
   args:
     chdir: "{{ repository_path }}"
     creates: "{{ repository_path }}/.git/"
@@ -11,7 +11,7 @@
     - etc-git
 
 - name: "Git user.email is configured"
-  git_config:
+  community.general.git_config:
     name: user.email
     repo: "{{ repository_path }}"
     scope: local
@@ -20,7 +20,7 @@
     - etc-git
 
 - name: "{{ repository_path }}/.git is restricted to root"
-  file:
+  ansible.builtin.file:
     path: "{{ repository_path }}/.git"
     owner: root
     mode: "0700"
@@ -29,7 +29,7 @@
     - etc-git
 
 - name: "{{ repository_path }}/.gitignore is present"
-  copy:
+  ansible.builtin.copy:
     src: gitignore
     dest: "{{ repository_path }}/.gitignore"
     owner: root
@@ -39,7 +39,7 @@
     - etc-git
 
 - name: "Some entries MUST be in the {{ repository_path }}/.gitignore file"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: "{{ repository_path }}/.gitignore"
     line: "{{ item }}"
   loop: "{{ gitignore_items | default([]) }}"
@@ -47,7 +47,7 @@
     - etc-git
 
 - name: "Set vim as default editor"
-  git_config:
+  community.general.git_config:
     name: core.editor
     scope: global
     value: vim
@@ -55,7 +55,7 @@
     - etc-git
 
 - name: "Does {{ repository_path }}/ have any commit?"
-  command: "git log"
+  ansible.builtin.command: "git log"
   args:
     chdir: "{{ repository_path }}"
     warn: false
@@ -67,7 +67,7 @@
     - etc-git
 
 - name: "Initial commit is present?"
-  shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
+  ansible.builtin.shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
   args:
     chdir: "{{ repository_path }}"
     warn: false

roles/etc-git/tasks/utils.yml

@@ -2,7 +2,7 @@
 ---
 
 - name: "evocommit script is installed"
-  copy:
+  ansible.builtin.copy:
     src: evocommit
     dest: /usr/local/bin/evocommit
     mode: "0755"
@@ -12,7 +12,7 @@
     - etc-git-utils
 
 - name: "ansible-commit script is installed"
-  copy:
+  ansible.builtin.copy:
     src: ansible-commit
     dest: /usr/local/bin/ansible-commit
     mode: "0755"
@@ -22,7 +22,7 @@
     - etc-git-utils
 
 - name: "etc-git-optimize script is installed"
-  copy:
+  ansible.builtin.copy:
     src: etc-git-optimize
     dest: /usr/share/scripts/etc-git-optimize
     mode: "0755"
@@ -32,7 +32,7 @@
     - etc-git-utils
 
 - name: "etc-git-status script is installed"
-  copy:
+  ansible.builtin.copy:
     src: etc-git-status
     dest: /usr/share/scripts/etc-git-status
     mode: "0755"
@@ -42,7 +42,7 @@
     - etc-git-utils
 
 - name: "Legacy monthly cron job for /etc/.git optimization is absent"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/monthly.local
     line: '/usr/local/bin/git --git-dir /etc/.git gc --quiet'
     state: absent
@@ -50,7 +50,7 @@
     - etc-git
 
 - name: "Legacy hourly cron job for /etc/.git status is absent"
-  cron:
+  ansible.builtin.cron:
     name: git status
     minute: "42"
     job: who > /dev/null || /usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short
@@ -59,7 +59,7 @@
     - etc-git
 
 - name: "Legacy daily cron jobs for /etc/.git status are absent"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: "{{ item }}"
     owner: root
@@ -72,7 +72,7 @@
     - etc-git
 
 - name: "Cron job for monthly git optimization"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/monthly.local
     line: "/usr/share/scripts/etc-git-optimize"
     owner: root
@@ -82,7 +82,7 @@
     - etc-git
 
 - name: "Cron job for monthly git optimization - next_part"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/monthly.local
     line: 'next_part "Monthly optimization:"'
     insertbefore: "/usr/share/scripts/etc-git-optimize"
@@ -93,7 +93,7 @@
     - etc-git
 
 - name: "Cron job for hourly git status"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/hourly.local
     line: "who > /dev/null || /usr/share/scripts/etc-git-status"
     owner: root
@@ -104,7 +104,7 @@
     - etc-git
 
 - name: "Cron job for hourly git status - next_part"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/hourly.local
     line: 'next_part "Hourly warning for unclean Git repository if nobody is connected:"'
     insertbefore: "who > /dev/null || /usr/share/scripts/etc-git-status"
@@ -116,7 +116,7 @@
     - etc-git
 
 - name: "Cron job for daily git status"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: "/usr/share/scripts/etc-git-status"
     owner: root
@@ -127,7 +127,7 @@
     - etc-git
 
 - name: "Cron job for daily git status - next_part"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: 'next_part "Daily warning for unclean Git repository:"'
     insertbefore: "/usr/share/scripts/etc-git-status"

roles/evobackup/tasks/main.yml

@@ -3,7 +3,7 @@
 # Info : old zzz_evobackup used sh, and since "sh" match "bash", we keep "sh" for regex commands
 
 - name: "Copy zzz_evobackup script"
-  copy:
+  ansible.builtin.copy:
     src: zzz_evobackup
     dest: /usr/share/scripts/zzz_evobackup
     owner: root
@@ -14,7 +14,7 @@
     - evobackup
 
 - name: "Copy update-evobackup-canary script"
-  copy:
+  ansible.builtin.copy:
     src: 000-update-evobackup-canary
     dest: /usr/share/scripts/000-update-evobackup-canary
     owner: root
@@ -25,7 +25,7 @@
     - evobackup
 
 - name: "Fetch daily.local content"
-  command: 'grep "sh /usr/share/scripts/zzz_evobackup" /etc/daily.local'
+  ansible.builtin.command: 'grep "sh /usr/share/scripts/zzz_evobackup" /etc/daily.local'
   check_mode: false
   register: daily_local_content
   failed_when: false
@@ -34,7 +34,7 @@
     - evobackup
 
 - name: "Add evobackup cron (disabled)"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: '#bash /usr/share/scripts/zzz_evobackup'
     owner: root
@@ -46,7 +46,7 @@
     - evobackup
 
 - name: "Add evobackup cron - next_part"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: 'next_part "EvoBackup output:"'
     insertbefore: 'sh /usr/share/scripts/zzz_evobackup'
@@ -57,7 +57,7 @@
     - evobackup
 
 - name: "Add canary cron"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     line: 'sh /usr/share/scripts/000-update-evobackup-canary'
     insertafter: 'next_part "EvoBackup output:"'
@@ -68,7 +68,7 @@
     - evobackup
 
 - name: "Delete legacy evobackup root crontab"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /var/cron/tabs/root
     regexp: '/usr/share/scripts/zzz_evobackup'
     validate: /usr/bin/crontab %s

roles/evocheck/tasks/exec.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Run evocheck"
-  command: "{{ evocheck_bin_dir }}/evocheck.sh"
+  ansible.builtin.command: "{{ evocheck_bin_dir }}/evocheck.sh"
   register: evocheck_run
   changed_when: false
   failed_when: false
@@ -8,7 +8,7 @@
   tags:
     - evocheck-exec
 
-- debug:
+- ansible.builtin.debug:
     var: evocheck_run.stdout_lines
   when: evocheck_run.stdout | length != 0
   tags:

roles/evocheck/tasks/main.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "Scripts dir is present"
-  file:
+  ansible.builtin.file:
     path: "{{ evocheck_bin_dir }}"
     state: directory
     owner: root
@@ -11,7 +11,7 @@
     - evocheck
 
 - name: "Copy evocheck.sh"
-  copy:
+  ansible.builtin.copy:
     src: evocheck.sh
     dest: "{{ evocheck_bin_dir }}/evocheck.sh"
     mode: "0700"
@@ -22,7 +22,7 @@
     - evocheck-utils
 
 - name: "Copy evocheck.cf"
-  copy:
+  ansible.builtin.copy:
     src: evocheck.cf
     dest: /etc/evocheck.cf
     mode: "0644"
@@ -31,7 +31,7 @@
     - evocheck
 
 - name: "Delete legacy evocheck cron"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     regexp: 'sh /usr/share/scripts/evocheck.sh --verbose --cron'
     state: absent
@@ -39,7 +39,7 @@
     - evocheck
 
 - name: "Add evocheck cron"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     insertbefore: BOF
     line: 'sh /usr/share/scripts/evocheck.sh --verbose $cron_arg'
@@ -50,7 +50,7 @@
     - evocheck
 
 - name: "Add evocheck cron - test for date"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     insertbefore: BOF
     line: 'if [ $(date +%d) -eq "01" ]; then cron_arg=""; else cron_arg="--cron"; fi'
@@ -61,7 +61,7 @@
     - evocheck
 
 - name: "Add evocheck cron - next_part"
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/daily.local
     insertbefore: BOF
     line: 'next_part "Evocheck output:"'

roles/evomaintenance/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Create scripts directory"
-  file:
+  ansible.builtin.file:
     path: /usr/share/scripts/
     state: directory
     owner: root
@@ -10,7 +10,7 @@
     - evomaintenance
 
 - name: "Copy evomaintenance script and template"
-  copy:
+  ansible.builtin.copy:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     owner: 'root'
@@ -24,7 +24,7 @@
     - evomaintenance-utils
 
 - name: "Configure evomaintenance"
-  template:
+  ansible.builtin.template:
     src: evomaintenance.j2
     dest: /etc/evomaintenance.cf
     owner: root

roles/forwarding/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Enable IPv4 forwarding"
-  sysctl:
+  ansible.posix.sysctl:
     name: net.inet.ip.forwarding
     value: "1"
     state: present
@@ -9,7 +9,7 @@
     - forwarding
 
 - name: "Enable IPv6 forwarding"
-  sysctl:
+  ansible.posix.sysctl:
     name: net.inet6.ip6.forwarding
     value: "1"
     state: present

roles/logsentry/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Install logsentry"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name:
       - logsentry--
     state: present
@@ -8,7 +8,7 @@
     - logsentry
 
 - name: "Copy logsentry script to /usr/share/scripts"
-  copy:
+  ansible.builtin.copy:
     src: logsentry.sh
     dest: /usr/share/scripts/logsentry.sh
     owner: root
@@ -18,7 +18,7 @@
     - logsentry
 
 - name: "Copy custom logsentry configuration files"
-  copy:
+  ansible.builtin.copy:
     src: "{{ item }}"
     dest: "/etc/logsentry/{{ item }}"
     owner: root
@@ -32,14 +32,14 @@
     - logsentry-config
 
 - name: "Delete unused default script"
-  file:
+  ansible.builtin.file:
     state: absent
     path: /etc/logsentry/logsentry.sh
   tags:
     - logsentry
 
 - name: "Hourly cron job for logsentry.sh is installed"
-  cron:
+  ansible.builtin.cron:
     name: logsentry
     minute: "11"
     job: >

roles/nagios-nrpe/handlers/main.yml

@@ -1,5 +1,5 @@
 ---
 - name: restart nrpe
-  service:
+  ansible.builtin.service:
     name: nrpe
     state: restarted

roles/nagios-nrpe/tasks/main.yml

@@ -1,7 +1,7 @@
 # yamllint disable rule:line-length
 ---
 - name: "Install nrpe"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name:
       - nrpe--
     state: present
@@ -9,7 +9,7 @@
     - nagios-nrpe
 
 - name: "Install monitoring packages"
-  openbsd_pkg:
+  community.general.openbsd_pkg:
     name:
       - monitoring-plugins
       - check_bioctl
@@ -18,7 +18,7 @@
     - nagios-nrpe
 
 - name: "Create nrpe.d dir"
-  file:
+  ansible.builtin.file:
     path: /etc/nrpe.d
     state: directory
     owner: root
@@ -28,14 +28,14 @@
     - nagios-nrpe
 
 - name: "Include nrpe.d dir in nrpe.cfg"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/nrpe.cfg
     line: 'include_dir=/etc/nrpe.d'
   tags:
     - nagios-nrpe
 
 - name: "Custom configuration is present"
-  blockinfile:
+  ansible.builtin.blockinfile:
     block: "{{ lookup('template', 'evolix_bsd.cfg.j2') }}"
     path: /etc/nrpe.d/evolix.cfg
     marker: "## {mark} ANSIBLE MANAGED BLOCK : Custom NRPE configuration file from EvoBSD"
@@ -47,7 +47,7 @@
     - nagios-nrpe
 
 - name: "Fetch nrpe config content"
-  command: 'grep "allowed_hosts=" /etc/nrpe.d/evolix.cfg'
+  ansible.builtin.command: 'grep "allowed_hosts=" /etc/nrpe.d/evolix.cfg'
   check_mode: false
   register: nrpe_config_content
   failed_when: false
@@ -56,7 +56,7 @@
     - nagios-nrpe
 
 - name: "Allow NRPE hosts - if no allowed_hosts configured"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/nrpe.d/evolix.cfg
     insertbefore: BOF
     regex: "allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}"
@@ -66,7 +66,7 @@
     - nagios-nrpe
 
 - name: "Allow NRPE hosts - if allowed_hosts already configured : keep added IP"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/nrpe.d/evolix.cfg
     backrefs: true
     insertbefore: BOF
@@ -77,7 +77,7 @@
     - nagios-nrpe
 
 - name: "Allow NRPE hosts - add comment"
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/nrpe.d/evolix.cfg
     insertbefore: BOF
     line: "# Allowed IPs"
@@ -85,7 +85,7 @@
     - nagios-nrpe
 
 - name: "Create nrpe plugins dir"
-  file:
+  ansible.builtin.file:
     path: /usr/local/libexec/nagios/plugins/
     state: directory
     owner: root
@@ -95,7 +95,7 @@
     - nagios-nrpe
 
 - name: "Nagios plugins are installed"
-  copy:
+  ansible.builtin.copy:
     src: plugins_bsd/{{ item.name }}
     dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
     owner: root
@@ -123,7 +123,7 @@
     - nagios-nrpe-utils
 
 - name: "Nagios plugins are installed - template"
-  template:
+  ansible.builtin.template:
     src: plugins_bsd/{{ item.name }}.j2
     dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
     owner: root
@@ -138,7 +138,7 @@
     - nagios-nrpe-utils
 
 - name: "Starting and enabling nrpe"
-  service:
+  ansible.builtin.service:
     name: nrpe
     enabled: true
     state: started

roles/ospf/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Deploy ospf check scripts"
-  template:
+  ansible.builtin.template:
     src: "{{ item }}.j2"
     dest: /usr/share/scripts/{{ item }}
   with_items:
@@ -11,7 +11,7 @@
     - ospf
 
 - name: "Cron job for ospf check scripts is installed"
-  cron:
+  ansible.builtin.cron:
     name: "{{ item }} check"
     job: "/bin/sh /usr/share/scripts/{{ item }}-check-peers.sh"
   with_items:

roles/pf/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Setup pf.conf"
-  template:
+  ansible.builtin.template:
     src: pf.conf.j2
     dest: /etc/pf.conf
     mode: "0600"

roles/post-install/tasks/ldif.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Copy generateldif.sh"
-  template:
+  ansible.builtin.template:
     src: generateldif.sh.j2
     dest: '{{ general_scripts_dir }}/generateldif.sh'
     owner: root
@@ -11,7 +11,7 @@
     - generateldif
 
 - name: "Run generateldif"
-  command: '{{ general_scripts_dir }}/generateldif.sh'
+  ansible.builtin.command: '{{ general_scripts_dir }}/generateldif.sh'
   register: generateldif_run
   changed_when: false
   failed_when: false
@@ -21,7 +21,7 @@
     - generateldif
     - generateldif-exec
 
-- debug:
+- ansible.builtin.debug:
     var: generateldif_run.stdout_lines
     verbosity: 1
   tags:

roles/post-install/tasks/motd.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Deploy dynamic motd script for CARP master or backup"
-  copy:
+  ansible.builtin.copy:
     src: motd-carp-state.sh
     dest: /usr/share/scripts/motd-carp-state.sh
     force: true
@@ -13,7 +13,7 @@
     - motd-utils
 
 - name: "Fetch root crontab content"
-  command: >
+  ansible.builtin.command: >
     grep "/bin/sh /usr/share/scripts/motd-carp-state.sh" /var/cron/tabs/root
   check_mode: false
   register: root_crontab_content
@@ -24,7 +24,7 @@
     - motd
 
 - name: "Cron job for dynamic motd script is installed"
-  cron:
+  ansible.builtin.cron:
     name: dynamic motd for CARP
     job: "/bin/sh /usr/share/scripts/motd-carp-state.sh"
     minute: "0"

roles/post-install/tasks/update.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Check and install updates (erratas) if available"
-  command: /usr/sbin/syspatch
+  ansible.builtin.command: /usr/sbin/syspatch
   ignore_errors: true
   when: ansible_distribution_version is version_compare("6.1",'>=')
   tags:

update-utils.yml

@@ -14,7 +14,7 @@
     - vars/evolix-main.yml
 
   pre_tasks:
-    - include_role:
+    - ansible.builtin.include_role:
         name: etc-git
         tasks_from: commit.yml
       vars:
@@ -31,7 +31,7 @@
     - post-install
 
   post_tasks:
-    - include_role:
+    - ansible.builtin.include_role:
         name: etc-git
         tasks_from: commit.yml
       vars:
@@ -39,6 +39,6 @@
       when: not ansible_check_mode
       tags: always
 
-    - include_role:
+    - ansible.builtin.include_role:
         name: evocheck
         tasks_from: exec.yml