force: [yes,no] → force [true,false]
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2615|7|2608|177|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/278//ansiblelint">Evolix » ansible-roles » unstable #278</a>
gitea/ansible-roles/pipeline/head This commit looks good

This commit is contained in:
Jérémy Lecour 2023-06-28 13:22:59 +02:00 committed by Jérémy Lecour
parent def4d54538
commit 00fe225a3c
Signed by: jlecour
SSH key fingerprint: SHA256:h+5LgHRKwN9lS0SsdVR5yZPeFlJE4Mt+8UtL4CcP8dY
103 changed files with 179 additions and 178 deletions

View file

@ -21,6 +21,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
### Changed
* all: change syntax "force: [yes,no]" → "force [true,false]"
* elasticsearch: improve networking configuration
* evolinux-users: remove Stretch references in tasks that also apply to next Debian versions
* mysql: improve shell syntax for mysql_skip script

View file

@ -7,7 +7,7 @@
owner: root
group: root
mode: "0640"
force: no
force: false
tags:
- apache
@ -30,7 +30,7 @@
owner: root
group: root
mode: "0640"
force: no
force: false
notify: reload apache
tags:
- apache

View file

@ -14,6 +14,6 @@
owner: log2mail
group: adm
mode: "0644"
force: no
force: false
tags:
- apache

View file

@ -73,7 +73,7 @@
owner: root
group: root
mode: "0640"
force: yes
force: true
notify: reload apache
tags:
- apache
@ -85,7 +85,7 @@
owner: root
group: root
mode: "0640"
force: no
force: false
notify: reload apache
tags:
- apache
@ -119,7 +119,7 @@
src: evolinux-default.conf.j2
dest: /etc/apache2/sites-available/000-evolinux-default.conf
mode: "0640"
force: no
force: false
notify: reload apache
tags:
- apache
@ -129,7 +129,7 @@
src: /etc/apache2/sites-available/000-evolinux-default.conf
dest: /etc/apache2/sites-enabled/000-default.conf
state: link
force: yes
force: true
notify: reload apache
when: apache_evolinux_default_enabled | bool
tags:
@ -181,7 +181,7 @@
src: save_apache_status.sh
dest: /usr/share/scripts/save_apache_status.sh
mode: "0755"
force: no
force: false
tags:
- apache

View file

@ -13,7 +13,7 @@
dest: "{{ apache_serverstatus_suffix_file }}"
# The last character "\u000A" is a line feed (LF), it's better to keep it
content: "{{ apache_serverstatus_suffix }}\u000A"
force: yes
force: true
when: apache_serverstatus_suffix | length > 0
- name: generate random string for server-status suffix

View file

@ -4,7 +4,7 @@
ansible.builtin.template:
src: '{{ ansible_distribution_release }}_backports.sources.j2'
dest: /etc/apt/sources.list.d/backports.sources
force: yes
force: true
mode: "0640"
register: apt_backports_sources
tags:
@ -14,7 +14,7 @@
ansible.builtin.copy:
src: '{{ ansible_distribution_release }}_backports_preferences'
dest: /etc/apt/preferences.d/0-backports-defaults
force: yes
force: true
mode: "0640"
register: apt_backports_config
tags:

View file

@ -11,7 +11,7 @@
ansible.builtin.template:
src: '{{ ansible_distribution_release }}_backports.list.j2'
dest: /etc/apt/sources.list.d/backports.list
force: yes
force: true
mode: "0640"
register: apt_backports_list
tags:
@ -21,7 +21,7 @@
ansible.builtin.copy:
src: '{{ ansible_distribution_release }}_backports_preferences'
dest: /etc/apt/preferences.d/0-backports-defaults
force: yes
force: true
mode: "0640"
register: apt_backports_config
tags:

View file

@ -5,7 +5,7 @@
src: "{{ ansible_distribution_release }}_basics.sources.j2"
dest: /etc/apt/sources.list.d/system.sources
mode: "0644"
force: yes
force: true
register: apt_basic_sources
tags:
- apt
@ -15,7 +15,7 @@
src: "{{ ansible_distribution_release }}_security.sources.j2"
dest: /etc/apt/sources.list.d/security.sources
mode: "0644"
force: yes
force: true
register: apt_security_sources
tags:
- apt

View file

@ -5,7 +5,7 @@
src: "{{ ansible_distribution_release }}_basics.list.j2"
dest: /etc/apt/sources.list
mode: "0644"
force: yes
force: true
register: apt_basic_list
tags:
- apt

View file

@ -20,7 +20,7 @@
ansible.builtin.copy:
src: pub_evolix.asc
dest: "{{ apt_keyring_dir }}/pub_evolix.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root
@ -31,7 +31,7 @@
ansible.builtin.template:
src: evolix_public.sources.j2
dest: /etc/apt/sources.list.d/evolix_public.sources
force: yes
force: true
mode: "0640"
register: apt_evolix_public
tags:

View file

@ -20,7 +20,7 @@
ansible.builtin.copy:
src: pub_evolix.asc
dest: "{{ apt_keyring_dir }}/pub_evolix.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root
@ -31,7 +31,7 @@
ansible.builtin.template:
src: evolix_public.list.j2
dest: /etc/apt/sources.list.d/evolix_public.list
force: yes
force: true
mode: "0640"
register: apt_evolix_public
tags:

View file

@ -71,7 +71,7 @@
ansible.builtin.copy:
src: check_held_packages.sh
dest: /usr/share/scripts/check_held_packages.sh
force: yes
force: true
mode: "0755"
tags:
- apt

View file

@ -16,7 +16,7 @@
ansible.builtin.copy:
src: "{{ item }}"
dest: "/usr/share/scripts/{{ item }}"
force: yes
force: true
mode: "0755"
loop:
- deb822-migration.py

View file

@ -7,5 +7,5 @@
owner: bind
group: bind
mode: "0644"
force: yes
force: true
notify: restart bind

View file

@ -23,7 +23,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
notify: restart apparmor
when: check_apparmor.rc == 0
@ -47,7 +47,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
notify:
- reload systemd
- restart bind
@ -77,7 +77,7 @@
dest: /root/chroot-bind.sh
mode: "0700"
owner: root
force: yes
force: true
backup: yes
when: bind_chroot_set | bool
@ -109,7 +109,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
notify: restart bind
- ansible.builtin.include: munin.yml

View file

@ -48,7 +48,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
notify: restart munin-node
tags:
- bind

View file

@ -8,7 +8,7 @@
owner: bind
group: bind
mode: "0644"
force: yes
force: true
notify: restart bind
- name: enable zones.rfc1918 for recursive server

View file

@ -15,7 +15,7 @@
ansible.builtin.template:
src: acme-challenge/nginx.conf.j2
dest: /etc/nginx/snippets/letsencrypt.conf
force: yes
force: true
notify: reload nginx
when: is_nginx.stat.exists
@ -30,7 +30,7 @@
ansible.builtin.template:
src: acme-challenge/apache.conf.j2
dest: /etc/apache2/conf-available/letsencrypt.conf
force: yes
force: true
notify: reload apache
- name: ACME challenge for Apache is enabled

View file

@ -16,7 +16,7 @@
mode: '0755'
owner: root
group: root
force: yes
force: true
notify: install letsencrypt-auto
- name: Check certbot script
@ -49,7 +49,7 @@
ansible.builtin.copy:
src: cron_jessie
dest: /etc/cron.d/certbot
force: yes
force: true
when: certbot_custom_crontab | bool
- name: disable self-upgrade

View file

@ -26,7 +26,7 @@
ansible.builtin.copy:
src: docker-debian.asc
dest: "{{ apt_keyring_dir }}/docker-debian.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -19,4 +19,4 @@
mode: "0755"
owner: "root"
group: "root"
force: yes
force: true

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: elastic.asc
dest: "{{ apt_keyring_dir }}/elastic.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -38,7 +38,7 @@
dest: "{{ repository_path }}/.gitignore"
owner: root
mode: "0600"
force: no
force: false
tags:
- etc-git

View file

@ -10,7 +10,7 @@
src: evocommit
dest: /usr/local/bin/evocommit
mode: "0755"
force: yes
force: true
tags:
- etc-git
@ -19,7 +19,7 @@
src: ansible-commit
dest: /usr/local/bin/ansible-commit
mode: "0755"
force: yes
force: true
tags:
- etc-git
@ -28,7 +28,7 @@
src: etc-git-optimize
dest: /usr/share/scripts/etc-git-optimize
mode: "0755"
force: yes
force: true
tags:
- etc-git
@ -37,7 +37,7 @@
src: etc-git-status
dest: /usr/share/scripts/etc-git-status
mode: "0755"
force: yes
force: true
tags:
- etc-git

View file

@ -16,5 +16,5 @@
mode: "0644"
owner: root
group: root
force: yes
force: true
when: is_cron_installed.rc == 0

View file

@ -36,7 +36,7 @@
dest: "{{ evocheck_bin_dir }}/evocheck.sh"
mode: "0700"
owner: root
force: yes
force: true
tags:
- evocheck
@ -44,6 +44,6 @@
ansible.builtin.copy:
src: evocheck.cf
dest: /etc/evocheck.cf
force: no
force: false
tags:
- evocheck

View file

@ -20,7 +20,7 @@
src: default_www/index.html.j2
dest: /var/www/index.html
mode: "0644"
force: no
force: false
when: evolinux_default_www_files | bool
# SSL cert

View file

@ -12,4 +12,4 @@
src: /usr/local/sbin/dump-server-state
dest: /usr/local/sbin/backup-server-state
state: link
force: yes
force: true

View file

@ -47,7 +47,7 @@
ansible.builtin.copy:
src: hwraid.le-vert.net.asc
dest: "{{ apt_keyring_dir }}/hwraid.le-vert.net.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -4,7 +4,7 @@
ansible.builtin.copy:
src: hpePublicKey2048_key1.asc
dest: "{{ apt_keyring_dir }}/hpePublicKey2048_key1.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -41,7 +41,7 @@
ansible.builtin.copy:
dest: /etc/mailname
content: "{{ evolinux_fqdn }}\n"
force: yes
force: true
when: evolinux_hostname_mailname | bool
# Override facts

View file

@ -27,7 +27,7 @@
ansible.builtin.copy:
content: ""
dest: "/root/.bash_history"
force: no
force: false
when: evolinux_root_bash_history | bool
- name: Set umask in /root/.profile
@ -47,7 +47,7 @@
ansible.builtin.copy:
src: root/gitconfig
dest: "/root/.gitconfig"
force: no
force: false
when: evolinux_root_gitconfig | bool
- name: Is .bash_history append-only

View file

@ -138,7 +138,7 @@
ansible.builtin.template:
src: system/alert5.sysvinit.j2
dest: /etc/init.d/alert5
force: no
force: false
mode: "0755"
when:
- evolinux_system_alert5_init | bool
@ -159,7 +159,7 @@
ansible.builtin.template:
src: system/alert5.sh.j2
dest: /usr/share/scripts/alert5.sh
force: no
force: false
mode: "0755"
when:
- evolinux_system_alert5_init | bool
@ -169,7 +169,7 @@
ansible.builtin.copy:
src: alert5.service
dest: /etc/systemd/system/alert5.service
force: yes
force: true
mode: "0644"
when:
- evolinux_system_alert5_init | bool

View file

@ -13,7 +13,7 @@
mode: "0700"
owner: root
group: root
force: no
force: false
- name: update-evobackup-canary script is present
ansible.builtin.copy:

View file

@ -12,5 +12,5 @@
src: todo.defaults.txt
dest: /etc/evolinux/todo.txt
mode: "0640"
force: no
force: false
when: ansible_distribution == "Debian"

View file

@ -12,7 +12,7 @@
ansible.builtin.template:
src: sudoers.j2
dest: /etc/sudoers.d/evolinux
force: no
force: false
mode: "0440"
validate: '/usr/sbin/visudo -cf %s'
register: copy_sudoers_evolinux

View file

@ -4,7 +4,7 @@
ansible.builtin.template:
src: sudoers_jessie.j2
dest: /etc/sudoers.d/evolinux
force: no
force: false
mode: "0440"
validate: '/usr/sbin/visudo -cf %s'
register: copy_sudoers_evolinux

View file

@ -40,7 +40,7 @@
owner: root
group: root
mode: "{{ item.mode }}"
force: yes
force: true
backup: yes
loop:
- { src: 'evomaintenance.sh', dest: '/usr/share/scripts/', mode: '0700' }

View file

@ -22,7 +22,7 @@
owner: root
group: root
mode: "{{ item.mode }}"
force: yes
force: true
backup: yes
loop:
- { src: 'evomaintenance.sh', dest: '/usr/share/scripts/', mode: '0700' }

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: elastic.asc
dest: "{{ apt_keyring_dir }}/elastic.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -4,7 +4,7 @@
ansible.builtin.copy:
src: treasuredata.asc
dest: "{{ apt_keyring_dir }}/treasuredata.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -12,7 +12,7 @@
ansible.builtin.file:
src: /usr/share/munin/plugins/haproxy_ng
dest: /etc/munin/plugins/haproxy_ng
force: yes
force: true
state: link
notify: restart munin-node
tags:

View file

@ -23,7 +23,7 @@
ansible.builtin.template:
src: haproxy_apt_preferences.j2
dest: /etc/apt/preferences.d/999-haproxy
force: yes
force: true
mode: "0640"
register: haproxy_apt_preferences
tags:

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: jenkins.asc
dest: "{{ apt_keyring_dir }}/jenkins.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -14,7 +14,7 @@
mode: "0755"
owner: root
group: root
force: yes
force: true
notify: restart keepalived
tags:
- keepalived
@ -27,7 +27,7 @@
mode: "0755"
owner: root
group: root
force: yes
force: true
tags:
- keepalived
- nrpe

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: elastic.asc
dest: "{{ apt_keyring_dir }}/elastic.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -4,13 +4,13 @@
ansible.builtin.template:
src: nginx_proxy_kibana_ssl.j2
dest: /etc/nginx/sites-available/kibana_ssl.conf
force: no
force: false
- name: Example proxy for Kibana with Nginx (without SSL)
ansible.builtin.template:
src: nginx_proxy_kibana_nossl.j2
dest: /etc/nginx/sites-available/kibana_nossl.conf
force: no
force: false
# - name: Kibana host in Nginx is enabled
# file:

View file

@ -20,7 +20,7 @@
url: "https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/libvirt/{{ item }}"
dest: "/usr/local/share/munin/plugins/"
mode: "0755"
force: no
force: false
loop:
- kvm_cpu
- kvm_io
@ -32,7 +32,7 @@
src: "/usr/local/share/munin/plugins/{{ plugin_name }}"
dest: "/etc/munin/plugins/{{ plugin_name }}"
state: link
force: yes
force: true
loop:
- kvm_cpu
- kvm_io

View file

@ -17,7 +17,7 @@
mode: "0700"
owner: root
group: root
force: yes
force: true
- name: migrate-vm script is present
ansible.builtin.copy:
@ -26,7 +26,7 @@
mode: "0700"
owner: root
group: root
force: yes
force: true
- name: kvmstats script is present
ansible.builtin.copy:
@ -35,7 +35,7 @@
mode: "0700"
owner: root
group: root
force: yes
force: true
- name: kvmstats cron is present
ansible.builtin.template:

View file

@ -18,7 +18,7 @@
mode: "0700"
owner: root
group: root
force: yes
force: true
- name: Create /etc/evolinux
ansible.builtin.file:
@ -35,7 +35,7 @@
mode: "0600"
owner: root
group: root
force: no
force: false
- name: Cron.d is present
ansible.builtin.file:

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: elastic.asc
dest: "{{ apt_keyring_dir }}/elastic.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -25,7 +25,7 @@
ansible.builtin.copy:
src: check_memcached_instances.sh
dest: /usr/local/lib/nagios/plugins/check_memcached_instances
force: yes
force: true
mode: "0755"
owner: root
group: root

View file

@ -9,7 +9,7 @@
ansible.builtin.copy:
src: elastic.asc
dest: "{{ apt_keyring_dir }}/elastic.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root

View file

@ -52,7 +52,7 @@
ansible.builtin.template:
src: logrotate_bullseye.j2
dest: /etc/logrotate.d/mongodb
force: yes
force: true
backup: no
- ansible.builtin.include_role:
@ -74,7 +74,7 @@
ansible.builtin.copy:
src: "munin/{{ item }}"
dest: '/usr/local/share/munin/plugins/{{ item }}'
force: yes
force: true
loop:
- mongo_btree
- mongo_collections

View file

@ -10,7 +10,7 @@
ansible.builtin.copy:
src: "server-{{ mongodb_version }}.asc"
dest: "{{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root
@ -51,7 +51,7 @@
ansible.builtin.template:
src: logrotate_bullseye.j2
dest: /etc/logrotate.d/mongodb
force: yes
force: true
backup: no
- ansible.builtin.include_role:
@ -73,7 +73,7 @@
ansible.builtin.copy:
src: "munin/{{ item }}"
dest: '/usr/local/share/munin/plugins/{{ item }}'
force: yes
force: true
loop:
- mongo_btree
- mongo_collections

View file

@ -16,7 +16,7 @@
ansible.builtin.copy:
src: "server-{{ mongodb_version }}.asc"
dest: "{{ apt_keyring_dir }}/mongodb-server-{{ mongodb_version }}.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root
@ -65,7 +65,7 @@
ansible.builtin.template:
src: logrotate_buster.j2
dest: /etc/logrotate.d/mongodb
force: yes
force: true
backup: no
- ansible.builtin.include_role:
@ -87,7 +87,7 @@
ansible.builtin.copy:
src: "munin/{{ item }}"
dest: '/usr/local/share/munin/plugins/{{ item }}'
force: yes
force: true
loop:
- mongo_btree
- mongo_collections

View file

@ -16,7 +16,7 @@
ansible.builtin.copy:
src: "server-{{ mongodb_version }}.asc"
dest: "/etc/apt/trusted.gpg.d/mongodb-server-{{ mongodb_version }}.asc"
force: yes
force: true
mode: "0644"
owner: root
group: root
@ -57,5 +57,5 @@
ansible.builtin.template:
src: logrotate_jessie.j2
dest: /etc/logrotate.d/mongodb
force: yes
force: true
backup: no

View file

@ -28,7 +28,7 @@
ansible.builtin.template:
src: logrotate_stretch.j2
dest: /etc/logrotate.d/mongodb-server
force: yes
force: true
backup: no
- name: disable previous logrotate

View file

@ -13,7 +13,7 @@
src: evolinux-defaults.conf.j2
dest: /etc/monit/conf.d/z-evolinux-defaults.conf
mode: "0640"
force: yes
force: true
notify: restart monit
tags:
- monit

View file

@ -10,7 +10,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
tags:
- mysql
@ -21,6 +21,6 @@
owner: root
group: root
mode: "0644"
force: no
force: false
tags:
- mysql

View file

@ -51,7 +51,7 @@
mode: "0755"
owner: root
group: root
force: yes
force: true
- name: systemd unit is installed
ansible.builtin.copy:
@ -60,7 +60,7 @@
mode: "0644"
owner: root
group: root
force: yes
force: true
register: mysql_systemd_unit
- name: APT cache is up-to-date

View file

@ -75,7 +75,7 @@
mode: "0755"
owner: root
group: staff
force: yes
force: true
tags:
- mytop
- mysql
@ -96,7 +96,7 @@
src: mytop-config.j2
dest: /root/.mytop
mode: "0600"
force: yes
force: true
tags:
- mytop
- mysql

View file

@ -10,7 +10,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
tags:
- mysql

View file

@ -10,7 +10,7 @@
owner: root
group: root
mode: "0644"
force: yes
force: true
notify: "{{ mysql_restart_handler_name }}"
tags:
- mysql
@ -36,7 +36,7 @@
ansible.builtin.template:
src: mariadb.systemd.j2
dest: /etc/systemd/system/mariadb.service.d/evolinux.conf
force: yes
force: true
register: mariadb_systemd_override
- name: reload systemd and restart MariaDB

View file

@ -7,7 +7,7 @@
owner: root
group: root
mode: "0700"
force: yes
force: true
tags:
- mysql_skip
@ -45,7 +45,7 @@
ansible.builtin.template:
src: mysql_skip.systemd.j2
dest: /etc/systemd/system/mysql_skip.service
force: yes
force: true
- name: "Start or stop systemd unit"
ansible.builtin.systemd:

View file

@ -76,7 +76,7 @@
src: mytop.j2