Ansible-lint and yamllint
Does not fix all warnings, but gets rid of the purely cosmetic ones. (roles/accounts/tasks/main.yml)
This commit is contained in:
parent
38e5c1bf70
commit
af7b3b36fe
5 changed files with 36 additions and 37 deletions
|
@ -10,13 +10,13 @@
|
|||
become: true
|
||||
become_user: root
|
||||
become_method: sudo
|
||||
# become_method: su
|
||||
# become_method: su
|
||||
|
||||
|
||||
vars_files:
|
||||
- vars/main.yml
|
||||
# - vars/secrets.yml
|
||||
# - vars/openbsd-secret.yml
|
||||
# - vars/secrets.yml
|
||||
# - vars/openbsd-secret.yml
|
||||
|
||||
roles:
|
||||
- etc-git
|
||||
|
@ -27,9 +27,9 @@
|
|||
- nagios-nrpe
|
||||
- evocheck
|
||||
- post-install
|
||||
#- openvpn
|
||||
#- ospf
|
||||
#- bgp
|
||||
# - openvpn
|
||||
# - ospf
|
||||
# - bgp
|
||||
|
||||
post_tasks:
|
||||
- include: "tasks/commit_etc_git.yml"
|
||||
|
@ -40,6 +40,4 @@
|
|||
tasks_from: exec.yml
|
||||
|
||||
# environment:
|
||||
# PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"
|
||||
|
||||
# vim:ft=ansible
|
||||
# PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
# ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
|
||||
|
||||
---
|
||||
- hosts: all
|
||||
become: yes
|
||||
become_method: su
|
||||
user: root
|
||||
gather_facts: no
|
||||
- hosts: all
|
||||
become: yes
|
||||
become_method: su
|
||||
user: root
|
||||
gather_facts: no
|
||||
|
||||
tasks:
|
||||
tasks:
|
||||
|
||||
- name: Install ansible's prerequisite
|
||||
raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-2
|
||||
|
|
|
@ -30,12 +30,13 @@
|
|||
check_mode: false
|
||||
register: grep_allowusers_ssh
|
||||
|
||||
- assert:
|
||||
- name: "Check that AllowUsers and AllowGroup do not override each other"
|
||||
assert:
|
||||
that: "not (grep_allowusers_ssh.rc == 0 and grep_allowgroups_ssh.rc == 0)"
|
||||
msg: "We can't deal with AllowUsers and AllowGroups at the same time"
|
||||
|
||||
- set_fact:
|
||||
# If "AllowGroups is present"
|
||||
- name: "If AllowGroups is present then use it"
|
||||
set_fact:
|
||||
ssh_allowgroups: "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}"
|
||||
|
||||
- name: "Add AllowGroups sshd directive with '{{ evolinux_ssh_group }}'"
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
when: not ansible_check_mode
|
||||
ignore_errors: yes
|
||||
tags:
|
||||
- commit-etc
|
||||
- commit-etc
|
||||
|
||||
- name: /etc modifications are committed
|
||||
shell: "git add -A . && git commit -m \"{{ commit_message | default('Ansible run') }}\" --author=\"{{ ansible_env.SUDO_USER | default('Root') }} <{{ ansible_env.SUDO_USER | default('Root') }}@{{ general_technical_realm }}>\""
|
||||
|
@ -18,4 +18,4 @@
|
|||
when: not ansible_check_mode and git_status.stdout != ""
|
||||
ignore_errors: yes
|
||||
tags:
|
||||
- commit-etc
|
||||
- commit-etc
|
||||
|
|
|
@ -3,29 +3,29 @@
|
|||
## Edit and uncomment to overwrite the default values ##
|
||||
########################################################
|
||||
|
||||
#ntpd_servers:
|
||||
#- "ntp.evolix.net"
|
||||
# ntpd_servers:
|
||||
# - "ntp.evolix.net"
|
||||
#
|
||||
#general_alert_email: "root@localhost"
|
||||
#general_technical_realm: "example.com"
|
||||
# general_alert_email: "root@localhost"
|
||||
# general_technical_realm: "example.com"
|
||||
evolinux_ssh_group: "evolinux-ssh"
|
||||
evolinux_sudo_group: "evolinux-sudo"
|
||||
evolinux_root_disable_ssh: true
|
||||
#
|
||||
#evomaintenance_realm: "example.com"
|
||||
#evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}"
|
||||
#evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}"
|
||||
#evomaintenance_pg_host: Null
|
||||
#evomaintenance_pg_passwd: Null
|
||||
#evomaintenance_pg_db: Null
|
||||
#evomaintenance_pg_table: Null
|
||||
#evomaintenance_from_domain: "{{ evomaintenance_realm }}"
|
||||
#evomaintenance_from: "evomaintenance@{{ evomaintenance_from_domain }}"
|
||||
#evomaintenance_full_from: "Evomaintenance <{{ evomaintenance_from }}>"
|
||||
#evomaintenance_urgency_from: mama.doe@example.com
|
||||
#evomaintenance_urgency_tel: "06.00.00.00.00"
|
||||
# evomaintenance_realm: "example.com"
|
||||
# evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}"
|
||||
# evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}"
|
||||
# evomaintenance_pg_host: Null
|
||||
# evomaintenance_pg_passwd: Null
|
||||
# evomaintenance_pg_db: Null
|
||||
# evomaintenance_pg_table: Null
|
||||
# evomaintenance_from_domain: "{{ evomaintenance_realm }}"
|
||||
# evomaintenance_from: "evomaintenance@{{ evomaintenance_from_domain }}"
|
||||
# evomaintenance_full_from: "Evomaintenance <{{ evomaintenance_from }}>"
|
||||
# evomaintenance_urgency_from: mama.doe@example.com
|
||||
# evomaintenance_urgency_tel: "06.00.00.00.00"
|
||||
#
|
||||
#evolix_users:
|
||||
# evolix_users:
|
||||
# foo:
|
||||
# name: foo
|
||||
# uid: 1042
|
||||
|
|
Loading…
Reference in a new issue