Ansible-lint and yamllint again
Lot of truthy variables, indentation and trailing spaces
This commit is contained in:
parent
af7b3b36fe
commit
e29e0e9e62
|
@ -3,10 +3,10 @@
|
|||
|
||||
---
|
||||
- hosts: all
|
||||
become: yes
|
||||
become: true
|
||||
become_method: su
|
||||
user: root
|
||||
gather_facts: no
|
||||
gather_facts: false
|
||||
|
||||
tasks:
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
ntpd_servers:
|
||||
- "ntp.evolix.net"
|
||||
- "ntp.evolix.net"
|
||||
|
||||
general_alert_email: "root@localhost"
|
||||
general_technical_realm: "example.com"
|
||||
|
@ -8,23 +8,23 @@ general_technical_realm: "example.com"
|
|||
evomaintenance_realm: "example.com"
|
||||
evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}"
|
||||
evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}"
|
||||
evomaintenance_pg_host: Null
|
||||
evomaintenance_pg_passwd: Null
|
||||
evomaintenance_pg_db: Null
|
||||
evomaintenance_pg_table: Null
|
||||
evomaintenance_pg_host: null
|
||||
evomaintenance_pg_passwd: null
|
||||
evomaintenance_pg_db: null
|
||||
evomaintenance_pg_table: null
|
||||
evomaintenance_from_domain: "{{ evomaintenance_realm }}"
|
||||
evomaintenance_from: "evomaintenance@{{ evomaintenance_from_domain }}"
|
||||
evomaintenance_full_from: "Evomaintenance <{{ evomaintenance_from }}>"
|
||||
evomaintenance_urgency_from: mama.doe@example.com
|
||||
evomaintenance_urgency_tel: "06.00.00.00.00"
|
||||
evomaintenance_install_vendor: False
|
||||
evomaintenance_force_config: True
|
||||
evomaintenance_api_endpoint: Null
|
||||
evomaintenance_api_key: Null
|
||||
evomaintenance_hook_api: True
|
||||
evomaintenance_hook_db: False
|
||||
evomaintenance_hook_commit: True
|
||||
evomaintenance_hook_mail: True
|
||||
evomaintenance_install_vendor: false
|
||||
evomaintenance_force_config: true
|
||||
evomaintenance_api_endpoint: null
|
||||
evomaintenance_api_key: null
|
||||
evomaintenance_hook_api: true
|
||||
evomaintenance_hook_db: false
|
||||
evomaintenance_hook_commit: true
|
||||
evomaintenance_hook_mail: true
|
||||
evomaintenance_default_hosts: []
|
||||
evomaintenance_additional_hosts: []
|
||||
evomaintenance_hosts: "{{ evomaintenance_default_hosts | union(evomaintenance_additional_hosts) | unique }}"
|
||||
|
|
|
@ -6,8 +6,6 @@
|
|||
owner: root
|
||||
group: wheel
|
||||
mode: "0640"
|
||||
backup: no
|
||||
backup: false
|
||||
tags:
|
||||
- doas
|
||||
|
||||
|
||||
- doas
|
||||
|
|
|
@ -39,10 +39,10 @@
|
|||
dest: /etc/skel/.profile
|
||||
insertafter: EOF
|
||||
line: 'trap "doas /usr/share/scripts/evomaintenance.sh" 0'
|
||||
create: yes
|
||||
create: true
|
||||
tags:
|
||||
- admin
|
||||
- dotfiles
|
||||
- admin
|
||||
- dotfiles
|
||||
|
||||
- name: Add vim configuration to dotfiles for new users
|
||||
copy:
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
owner: root
|
||||
group: wheel
|
||||
mode: "0755"
|
||||
force: no
|
||||
force: false
|
||||
tags:
|
||||
- evobackup
|
||||
|
||||
|
@ -16,6 +16,6 @@
|
|||
line: '#sh /usr/share/scripts/zzz_evobackup'
|
||||
owner: root
|
||||
mode: "0644"
|
||||
create: yes
|
||||
create: true
|
||||
tags:
|
||||
- evobackup
|
||||
|
|
|
@ -12,8 +12,8 @@
|
|||
- name: Copy evomaintenance script and template
|
||||
copy: src={{ item.src }} dest={{ item.dest }} owner=root group=wheel mode="0755"
|
||||
with_items:
|
||||
- { src: 'evomaintenance.sh', dest: '/usr/share/scripts/' }
|
||||
- { src: 'evomaintenance.tpl', dest: '/usr/share/scripts/' }
|
||||
- {src: 'evomaintenance.sh', dest: '/usr/share/scripts/'}
|
||||
- {src: 'evomaintenance.tpl', dest: '/usr/share/scripts/'}
|
||||
tags:
|
||||
- evomaintenance
|
||||
- script-evomaintenance
|
||||
|
@ -25,6 +25,6 @@
|
|||
owner: root
|
||||
group: wheel
|
||||
mode: "0600"
|
||||
backup: no
|
||||
backup: false
|
||||
tags:
|
||||
- evomaintenance
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
lineinfile:
|
||||
path: /etc/rc.local
|
||||
line: 'date | mail -s "boot/reboot of $(hostname -s)" {{ general_alert_email }}'
|
||||
create: yes
|
||||
create: true
|
||||
tags:
|
||||
- misc
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
|||
dest: /etc/mail/aliases
|
||||
regexp: "# root:"
|
||||
replace: "root: {{ general_alert_email }}"
|
||||
backup: no
|
||||
backup: false
|
||||
notify:
|
||||
- newaliases
|
||||
tags:
|
||||
|
|
|
@ -10,20 +10,20 @@
|
|||
- name: Install packages (vim rsync mtr etc)
|
||||
openbsd_pkg:
|
||||
name:
|
||||
- wget
|
||||
- vim--no_x11
|
||||
- rsync--
|
||||
- mtr--
|
||||
- iftop
|
||||
- sudo--
|
||||
- postgresql-client
|
||||
- wget
|
||||
- vim--no_x11
|
||||
- rsync--
|
||||
- mtr--
|
||||
- iftop
|
||||
- sudo--
|
||||
- postgresql-client
|
||||
tags:
|
||||
- pkg
|
||||
|
||||
- name: Disable sndiod
|
||||
service:
|
||||
name: sndiod
|
||||
enabled: no
|
||||
enabled: false
|
||||
state: stopped
|
||||
tags:
|
||||
- pkg
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
lineinfile:
|
||||
dest: /etc/sudoers
|
||||
insertafter: '# and set environment variables.'
|
||||
line: '%wheel ALL=(ALL) SETENV: ALL'
|
||||
line: '%wheel ALL=(ALL) SETENV: ALL'
|
||||
validate: 'visudo -cf %s'
|
||||
backup: no
|
||||
backup: false
|
||||
tags:
|
||||
- sudo
|
||||
- sudo
|
||||
|
||||
- name: Configure sudoers for evomaintenance and monitoring
|
||||
blockinfile:
|
||||
|
@ -19,8 +19,6 @@
|
|||
Cmnd_Alias MAINT = /usr/share/scripts/evomaintenance.sh
|
||||
%wheel ALL=NOPASSWD: MAINT
|
||||
validate: 'visudo -cf %s'
|
||||
backup: no
|
||||
backup: false
|
||||
tags:
|
||||
- sudo
|
||||
|
||||
|
||||
- sudo
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
dest: /usr/share/scripts/bgpd-check-peers.sh
|
||||
when: group_names | select('search','bgp') | list | count > 0
|
||||
tags:
|
||||
- bgp
|
||||
- bgp
|
||||
|
||||
- name: Cron job for bgp check script is installed
|
||||
cron:
|
||||
|
@ -21,7 +21,7 @@
|
|||
state: directory
|
||||
when: group_names | select('search','bgp') | list | count > 0
|
||||
tags:
|
||||
- bgp
|
||||
- bgp
|
||||
|
||||
- name: weekly best routes cron job is installed
|
||||
cron:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
---
|
||||
commit_message: Ansible run
|
||||
|
||||
etc_git_monitor_status: True
|
||||
etc_git_monitor_status: true
|
||||
|
|
|
@ -3,20 +3,20 @@
|
|||
command: git status --porcelain
|
||||
args:
|
||||
chdir: /etc
|
||||
changed_when: False
|
||||
changed_when: false
|
||||
register: git_status
|
||||
when: not ansible_check_mode
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
||||
- debug:
|
||||
var: git_status
|
||||
verbosity: 3
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
||||
- name: fetch current Git user.email
|
||||
git_config:
|
||||
|
@ -24,18 +24,18 @@
|
|||
repo: /etc
|
||||
scope: local
|
||||
register: git_config_user_email
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
||||
- name: set commit author
|
||||
set_fact:
|
||||
commit_author: '{% if ansible_env.SUDO_USER is not defined %}root{% else %}{{ ansible_env.SUDO_USER }}{% endif %}'
|
||||
commit_email: '{% if git_config_user_email.config_value is not defined or git_config_user_email.config_value == "" %}root@localhost{% else %}{{ git_config_user_email.config_value }}{% endif %}'
|
||||
commit_email: '{% if git_config_user_email.config_value is not defined or git_config_user_email.config_value == "" %}root@localhost{% else %}{{ git_config_user_email.config_value }}{% endif %}'
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
||||
- name: /etc modifications are committed
|
||||
shell: "git add -A . && git commit -m \"{{ commit_message | mandatory }}\" --author \"{{ commit_author | mandatory }} <{{ commit_email | mandatory }}>\""
|
||||
|
@ -43,14 +43,14 @@
|
|||
chdir: /etc
|
||||
register: etc_commit_end_run
|
||||
when: not ansible_check_mode and git_status.stdout != ""
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
||||
- debug:
|
||||
var: etc_commit_end_run
|
||||
verbosity: 4
|
||||
tags:
|
||||
- etc-git
|
||||
- commit-etc
|
||||
- etc-git
|
||||
- commit-etc
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
args:
|
||||
chdir: /etc
|
||||
creates: /etc/.git/
|
||||
warn: no
|
||||
warn: false
|
||||
register: git_init
|
||||
tags:
|
||||
- etc-git
|
||||
|
@ -48,11 +48,11 @@
|
|||
command: "git log"
|
||||
args:
|
||||
chdir: /etc
|
||||
warn: no
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
warn: false
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
register: git_log
|
||||
check_mode: no
|
||||
check_mode: false
|
||||
tags:
|
||||
- etc-git
|
||||
|
||||
|
@ -60,7 +60,7 @@
|
|||
shell: "git add -A . && git commit -m \"Initial commit via Ansible\""
|
||||
args:
|
||||
chdir: /etc
|
||||
warn: no
|
||||
warn: false
|
||||
register: git_commit
|
||||
when: git_log.rc != 0 or (git_init is defined and git_init.changed)
|
||||
tags:
|
||||
|
@ -72,7 +72,7 @@
|
|||
line: '/usr/local/bin/git --git-dir /etc/.git gc --quiet'
|
||||
owner: root
|
||||
mode: "0644"
|
||||
create: yes
|
||||
create: true
|
||||
tags:
|
||||
- etc-git
|
||||
|
||||
|
@ -82,7 +82,7 @@
|
|||
line: "{{ item }}"
|
||||
owner: root
|
||||
mode: "0644"
|
||||
create: yes
|
||||
create: true
|
||||
when: etc_git_monitor_status
|
||||
tags:
|
||||
- etc-git
|
||||
|
|
|
@ -2,9 +2,9 @@
|
|||
- name: run evocheck
|
||||
command: "{{ evocheck_bin_dir }}/evocheck.sh"
|
||||
register: evocheck_run
|
||||
changed_when: False
|
||||
failed_when: False
|
||||
check_mode: no
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
check_mode: false
|
||||
tags:
|
||||
- evocheck-exec
|
||||
|
||||
|
@ -12,4 +12,4 @@
|
|||
var: evocheck_run.stdout_lines
|
||||
when: evocheck_run.stdout != ""
|
||||
tags:
|
||||
- evocheck-exec
|
||||
- evocheck-exec
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
dest: "{{ evocheck_bin_dir }}/evocheck.sh"
|
||||
mode: "0700"
|
||||
owner: root
|
||||
force: yes
|
||||
force: true
|
||||
tags:
|
||||
- evocheck
|
||||
|
||||
|
@ -23,7 +23,7 @@
|
|||
copy:
|
||||
src: evocheck.cf
|
||||
dest: /etc/evocheck.cf
|
||||
force: no
|
||||
force: false
|
||||
tags:
|
||||
- evocheck
|
||||
|
||||
|
@ -33,6 +33,6 @@
|
|||
line: 'sh /usr/share/scripts/evocheck.sh --verbose --cron'
|
||||
owner: root
|
||||
mode: "0644"
|
||||
create: yes
|
||||
create: true
|
||||
tags:
|
||||
- evocheck
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
name: net.inet.ip.forwarding
|
||||
value: 1
|
||||
state: present
|
||||
reload: yes
|
||||
reload: true
|
||||
tags:
|
||||
- net
|
||||
|
||||
|
@ -13,6 +13,6 @@
|
|||
name: net.inet6.ip6.forwarding
|
||||
value: 1
|
||||
state: present
|
||||
reload: yes
|
||||
reload: true
|
||||
tags:
|
||||
- net
|
||||
|
|
|
@ -54,5 +54,5 @@
|
|||
- name: Starting and enabling nrpe
|
||||
service:
|
||||
name: nrpe
|
||||
enabled: yes
|
||||
enabled: true
|
||||
state: started
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
openbsd_pkg:
|
||||
name: "openvpn--"
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Create /etc/openvpn directory
|
||||
file:
|
||||
|
@ -13,7 +13,7 @@
|
|||
group: "wheel"
|
||||
mode: "0755"
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Deploy OpenVPN configuration
|
||||
template:
|
||||
|
@ -22,30 +22,29 @@
|
|||
mode: "0600"
|
||||
notify: restart openvpn
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Enabling OpenVPN
|
||||
service:
|
||||
name: openvpn
|
||||
enabled: yes
|
||||
enabled: true
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Set OpenVPN flag
|
||||
shell: 'rcctl set openvpn flags "--config /etc/openvpn/server.conf"'
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Create shellpki user
|
||||
user:
|
||||
name: "_shellpki"
|
||||
system: yes
|
||||
system: true
|
||||
state: present
|
||||
system: yes
|
||||
home: "/etc/shellpki/"
|
||||
shell: "/sbin/nologin"
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Copy some shellpki files
|
||||
copy:
|
||||
|
@ -54,10 +53,10 @@
|
|||
owner: root
|
||||
group: wheel
|
||||
mode: "{{ item.mode }}"
|
||||
force: yes
|
||||
force: true
|
||||
with_items:
|
||||
- { src: 'files/shellpki/openssl.cnf', dest: '/etc/shellpki/openssl.cnf', mode: '0640' }
|
||||
- { src: 'files/shellpki/shellpki', dest: '/usr/local/sbin/shellpki', mode: '0755' }
|
||||
- {src: 'files/shellpki/openssl.cnf', dest: '/etc/shellpki/openssl.cnf', mode: '0640'}
|
||||
- {src: 'files/shellpki/shellpki', dest: '/usr/local/sbin/shellpki', mode: '0755'}
|
||||
tags:
|
||||
- openvpn
|
||||
|
||||
|
@ -77,7 +76,7 @@
|
|||
group: "wheel"
|
||||
mode: "0755"
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Include /etc/sudoers.d in sudoers configuration file
|
||||
lineinfile:
|
||||
|
@ -94,7 +93,7 @@
|
|||
mode: "0440"
|
||||
validate: '/usr/local/sbin/visudo -cf %s'
|
||||
tags:
|
||||
- openvpn
|
||||
- openvpn
|
||||
|
||||
- name: Copy check_openvpn
|
||||
copy:
|
||||
|
@ -103,8 +102,8 @@
|
|||
owner: root
|
||||
group: wheel
|
||||
mode: "{{ item.mode }}"
|
||||
force: yes
|
||||
force: true
|
||||
with_items:
|
||||
- { src: 'files/check_openvpn.pl', dest: '/usr/local/libexec/nagios/plugins/check_openvpn.pl', mode: '0755' }
|
||||
- {src: 'files/check_openvpn.pl', dest: '/usr/local/libexec/nagios/plugins/check_openvpn.pl', mode: '0755'}
|
||||
tags:
|
||||
- openvpn
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
- "ospf6d-check-peers.sh"
|
||||
when: group_names | select('search','ospf') | list | count > 0
|
||||
tags:
|
||||
- ospf
|
||||
- ospf
|
||||
|
||||
- name: Cron job for ospf check scripts is installed
|
||||
cron:
|
||||
|
|
|
@ -4,4 +4,4 @@
|
|||
src: pf.conf.j2
|
||||
dest: /etc/pf.conf
|
||||
mode: "0600"
|
||||
backup: yes
|
||||
backup: true
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
command: git status --porcelain
|
||||
args:
|
||||
chdir: /etc
|
||||
changed_when: False
|
||||
changed_when: false
|
||||
register: git_status
|
||||
when: not ansible_check_mode
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
tags:
|
||||
- commit-etc
|
||||
|
||||
|
@ -16,6 +16,6 @@
|
|||
chdir: /etc
|
||||
register: etc_commit_end_evolinux
|
||||
when: not ansible_check_mode and git_status.stdout != ""
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
tags:
|
||||
- commit-etc
|
||||
|
|
Loading…
Reference in a new issue