Use proper python Boolean

2023-03-16 14:35:12 +01:00 · 2023-03-16 14:35:12 +01:00 · 6f96f6b458
parent 70d34ac18d
commit 6f96f6b458
24 changed files with 94 additions and 51 deletions
--- a/apt/tasks/hold_packages.yml
+++ b/apt/tasks/hold_packages.yml
@ -79,8 +79,8 @@
 - name: Check if Cron is installed
  shell: "dpkg --list 'cron' 2>/dev/null | grep -q -E '^(i|h)i'"
  register: is_cron
-  changed_when: false
-  failed_when: false
+  changed_when: False
+  failed_when: False
  check_mode: no
  tags:
    - apt
--- a/elasticsearch/tasks/datadir.yml
+++ b/elasticsearch/tasks/datadir.yml
@ -10,7 +10,7 @@

    - name: "read the real datadir"
      command: readlink -f /var/lib/elasticsearch
-      changed_when: false
+      changed_when: False
      register: elasticsearch_current_real_datadir_test
      check_mode: no
  tags:
--- a/fail2ban/tasks/fix-dbpurgeage.yml
+++ b/fail2ban/tasks/fix-dbpurgeage.yml
@ -8,7 +8,7 @@
 - name: Register bantime from default config from package
  shell: "grep -R -E 'dbpurgeage[[:blank:]]*=[[:blank:]]*[0-9]+' /etc/fail2ban/fail2ban.conf |awk '{print $3}'|head -n1"
  register: dbpurgeage
-  changed_when: false
+  changed_when: False
  check_mode: false

 - name:
--- a/filebeat/tasks/main.yml
+++ b/filebeat/tasks/main.yml
@ -84,8 +84,8 @@
  command: grep logstash-input-beats /usr/share/logstash/Gemfile
  check_mode: no
  register: logstash_plugin_installed
-  failed_when: false
-  changed_when: false
+  failed_when: False
+  changed_when: False
  when:
    - filebeat_logstash_plugin | bool
    - logstash_plugin.stat.exists
--- a/kvm-host/tasks/ssh.yml
+++ b/kvm-host/tasks/ssh.yml
@ -9,7 +9,7 @@
  command: cat /root/.ssh/id_rsa.pub
  register: ssh_keys
  check_mode: no
-  changed_when: false
+  changed_when: False

 - name: Print ssh public keys
  debug:
--- a/lxc/tasks/create-container.yml
+++ b/lxc/tasks/create-container.yml
@ -1,7 +1,7 @@
 ---
 - name: "Check if container {{ name }} exists"
  command: "lxc-ls {{ name }}"
-  changed_when: false
+  changed_when: False
  check_mode: no
  register: container_exists

--- a/lxc/tasks/main.yml
+++ b/lxc/tasks/main.yml
@ -32,8 +32,8 @@

 - name: Check if root has subuids
  command: grep '^root:100000:10000$' /etc/subuid
-  failed_when: false
-  changed_when: false
+  failed_when: False
+  changed_when: False
  register: root_subuids
  when: lxc_unprivilegied_containers | bool

@ -45,7 +45,7 @@

 - name: Get filesystem options
  command: findmnt --noheadings --target /var/lib/lxc --output OPTIONS
-  changed_when: false
+  changed_when: False
  check_mode: no
  register: check_fs_options

--- a/minifirewall/tasks/main.yml
+++ b/minifirewall/tasks/main.yml
@ -6,6 +6,8 @@
  stat:
    path: /etc/init.d/minifirewall
  register: _minifirewall_check
+  tags:
+    - always

 # Legacy versions of minifirewall don't define the VERSION variable
 - name: Look for minifirewall version
@ -14,6 +16,8 @@
  changed_when: False
  check_mode: False
  register: _minifirewall_version_check
+  tags:
+    - always

 - name: Set install mode to legacy if needed
  set_fact:
@ -24,21 +28,30 @@
    - minifirewall_install_mode != 'modern'
    - not (minifirewall_force_upgrade_script | bool)
    - _minifirewall_version_check.rc == 1 # grep didn't find but the file exists
+  tags:
+    - always

 - name: Set install mode to modern if not legacy
  set_fact:
    minifirewall_install_mode: modern
  when: minifirewall_install_mode != 'legacy'
+  tags:
+    - always

 - name: Debug install mode
  debug:
    var: minifirewall_install_mode
    verbosity: 1
+  tags:
+    - always

 - name: 'Set minifirewall_restart_handler_name to "noop"'
  set_fact:
    minifirewall_restart_handler_name: "restart minifirewall (noop)"
-  when: not (minifirewall_restart_if_needed | bool)
+  when:
+    - not (minifirewall_restart_if_needed | bool)
+  tags:
+    - always

 - name: 'Set minifirewall_restart_handler_name to "legacy"'
  set_fact:
@ -46,6 +59,8 @@
  when:
    - minifirewall_restart_if_needed | bool
    - minifirewall_install_mode == 'legacy'
+  tags:
+    - always

 - name: 'Set minifirewall_restart_handler_name to "modern"'
  set_fact:
@ -53,6 +68,8 @@
  when:
    - minifirewall_restart_if_needed | bool
    - minifirewall_install_mode != 'legacy'
+  tags:
+    - always

 #######################################################################

@ -62,54 +79,74 @@
  when:
    - minifirewall_install_mode != 'legacy'
    - minifirewall_main_file is defined
+  tags:
+    - always

 - name: Install tasks (modern mode)
-  include: install.yml
+  import_tasks: install.yml
  when: minifirewall_install_mode != 'legacy'

 - name: Install tasks (legacy mode)
-  include: install.legacy.yml
+  import_tasks: install.legacy.yml
  when: minifirewall_install_mode == 'legacy'

 - name: Debug minifirewall_update_config
  debug:
    var: minifirewall_update_config | bool
    verbosity: 1
+  tags:
+    - always

 - name: Config tasks (modern mode)
-  include: config.yml
+  include_tasks: config.yml
  when:
    - minifirewall_install_mode != 'legacy'
    - minifirewall_update_config | bool
+  tags:
+    - manage

 - name: Config tasks (legacy mode)
-  include: config.legacy.yml
+  include_tasks: config.legacy.yml
+  args:
+    apply:
+      tags:
+        - manage
  when:
    - minifirewall_install_mode == 'legacy'
    - minifirewall_update_config | bool

 - name: Utils tasks
-  include: utils.yml
+  include_tasks: utils.yml

 - name: NRPE tasks
-  include: nrpe.yml
+  include_tasks: nrpe.yml

 - name: Activation tasks
-  include: activate.yml
+  include_tasks: activate.yml

 - name: Debug minifirewall_tail_included
  debug:
    var: minifirewall_tail_included | bool
    verbosity: 1
+  tags:
+    - always

 - name: Tail tasks (modern mode)
-  include: tail.yml
+  include_tasks: tail.yml
+  args:
+    apply:
+      tags:
+        - manage
  when:
    - minifirewall_install_mode != 'legacy'
    - minifirewall_tail_included | bool

 - name: Tail tasks (legacy mode)
-  include: tail.legacy.yml
+  include_tasks: tail.legacy.yml
+  args:
+    apply:
+      tags:
+        - manage
  when:
    - minifirewall_install_mode == 'legacy'
    - minifirewall_tail_included | bool
@ -120,10 +157,14 @@
  debug:
    var: minifirewall_restart_force | bool
    verbosity: 1
+  tags:
+    - always

 - name: Force restart minifirewall (legacy)
  command: /bin/true
  notify: "restart minifirewall (legacy)"
+  tags:
+    - always
  when:
    - minifirewall_install_mode == 'legacy'
    - minifirewall_restart_force | bool
@ -131,6 +172,8 @@
 - name: Force restart minifirewall (modern)
  command: /bin/true
  notify: "restart minifirewall (modern)"
+  tags:
+    - always
  when:
    - minifirewall_install_mode != 'legacy'
    - minifirewall_restart_force | bool
--- a/mysql/defaults/main.yml
+++ b/mysql/defaults/main.yml
@ -50,10 +50,10 @@ mysql_restart_if_needed: True

 mysql_performance_schema: True

-mysql_skip_enabled: false
+mysql_skip_enabled: False

 # replication variables:
-mysql_replication: false
+mysql_replication: False
 mysql_log_bin: null
 mysql_binlog_format: mixed
 mysql_server_id: null
--- a/nameserver/tasks/main.yml
+++ b/nameserver/tasks/main.yml
@ -3,7 +3,7 @@
  shell: grep nameserver /etc/resolv.conf | awk '{ print $2 }'
  register: grep_nameserver
  check_mode: no
-  changed_when: false
+  changed_when: False
  tags:
  - nameserver

--- a/newrelic/tasks/php.yml
+++ b/newrelic/tasks/php.yml
@ -18,7 +18,7 @@

 - name: list newrelic config files
  shell: "find /etc/php* -type f -name newrelic.ini"
-  changed_when: false
+  changed_when: False
  check_mode: no
  register: find_newrelic_ini

--- a/openvpn/tasks/debian.yml
+++ b/openvpn/tasks/debian.yml
@ -89,13 +89,13 @@
  stat:
    path: "/etc/default/minifirewall"
  check_mode: no
-  changed_when: false
+  changed_when: False
  register: minifirewall_config

 - name: Retrieve the default interface
  shell: "grep '^INT=' /etc/default/minifirewall | cut -d\\' -f 2"
  check_mode: no
-  changed_when: false
+  changed_when: False
  register: minifirewall_int
  when: minifirewall_config.stat.exists

@ -176,7 +176,7 @@
  stat:
    path: "/etc/nagios/nrpe.d/evolix.cfg"
  check_mode: no
-  changed_when: false
+  changed_when: False
  register: nrpe_evolix_config

 - name: Install NRPE check dependencies
--- a/postfix/tasks/packmail.yml
+++ b/postfix/tasks/packmail.yml
@ -133,6 +133,6 @@

 - name: update antispam list
  command: /usr/share/scripts/spam.sh
-  changed_when: false
+  changed_when: False
  tags:
  - postfix
--- a/postgresql/tests/test.yml
+++ b/postgresql/tests/test.yml
@ -6,7 +6,7 @@
    apt:
      name: locales
      state: present
-    changed_when: false
+    changed_when: False

  - name: Setting default locales
    lineinfile:
@ -14,7 +14,7 @@
      line: "{{ item }}"
      create: yes
      state: present
-    changed_when: false
+    changed_when: False
    loop:
      - "en_US.UTF-8 UTF-8"
      - "fr_FR ISO-8859-1"
@ -23,7 +23,7 @@

  - name: Reconfigure locales
    command: /usr/sbin/locale-gen
-    changed_when: false
+    changed_when: False
    when: test_locales is changed

  roles:
--- a/proftpd/tasks/account.yml
+++ b/proftpd/tasks/account.yml
@ -1,7 +1,7 @@
 ---
 - name: Check if FTP account exist
  command: grep "^{{ proftpd_name }}:" /etc/proftpd/vpasswd
-  failed_when: false
+  failed_when: False
  check_mode: no
  changed_when: check_ftp_account.rc != 0
  register: check_ftp_account
@ -36,7 +36,7 @@
  register: hashed_ftp_password
  check_mode: no
  when: check_ftp_account.rc == 0
-  changed_when: false
+  changed_when: False
  tags:
    - proftpd

@ -45,7 +45,7 @@
    proftpd_password: "{{ hashed_ftp_password.stdout }}"
  check_mode: no
  when: check_ftp_account.rc == 0
-  changed_when: false
+  changed_when: False
  tags:
    - proftpd

--- a/proftpd/tasks/accounts_password.yml
+++ b/proftpd/tasks/accounts_password.yml
@ -1,7 +1,7 @@
 ---
 - name: Check if FTP account exist
  command: grep "^{{ item.name }}:" /etc/proftpd/vpasswd
-  failed_when: false
+  failed_when: False
  check_mode: no
  changed_when: check_ftp_account.rc != 0
  register: check_ftp_account
@ -12,7 +12,7 @@
    shell: grep "^{{ item.name }}:" /etc/proftpd/vpasswd | cut -d':' -f2
    register: protftpd_cur_password
    check_mode: no
-    changed_when: false
+    changed_when: False

  - name: Set password for this account
    set_fact:
--- a/redis/tasks/main.yml
+++ b/redis/tasks/main.yml
@ -36,7 +36,7 @@

 - name: Get Redis version
  shell: "redis-server -v | grep -Eo '(v=\\S+)' | cut -d'=' -f 2 | grep -E '^([0-9]|\\.)+$'"
-  changed_when: false
+  changed_when: False
  check_mode: no
  register: _redis_installed_version
  tags:
--- a/redmine/tasks/mysql.yml
+++ b/redmine/tasks/mysql.yml
@ -4,7 +4,7 @@
  register: redmine_get_mysql_password
  check_mode: no
  changed_when: False
-  failed_when: false
+  failed_when: False
  tags:
    - redmine

--- a/redmine/tasks/user.yml
+++ b/redmine/tasks/user.yml
@ -41,4 +41,4 @@

 - name: Enable systemd user mode
  command: "loginctl enable-linger {{ redmine_user }}"
-  changed_when: false
+  changed_when: False
--- a/remount-usr/handlers/main.yml
+++ b/remount-usr/handlers/main.yml
@ -1,4 +1,4 @@
 ---
 - name: remount usr
  command: "mount -o remount /usr"
-  failed_when: false
+  failed_when: False
--- a/spamassasin/tasks/main.yml
+++ b/spamassasin/tasks/main.yml
@ -87,7 +87,7 @@

 - name: update SpamAssasin's rules
  command: "/usr/share/scripts/sa-update.sh"
-  changed_when: false
+  changed_when: False
  tags:
    - spamassassin

--- a/tomcat-instance/tasks/check.yml
+++ b/tomcat-instance/tasks/check.yml
@ -6,7 +6,7 @@
 - name: Check use of gid
  command: id -ng "{{ tomcat_instance_port }}"
  register: check_port_gid
-  changed_when: false
+  changed_when: False
  failed_when:
    - check_port_gid | success
    - check_port_gid.stdout != "{{ tomcat_instance_name }}"
@ -14,7 +14,7 @@
 - name: Check use of uid
  command: id -nu "{{ tomcat_instance_port }}"
  register: check_port_uid
-  changed_when: false
+  changed_when: False
  failed_when:
    - check_port_uid | success
    - check_port_uid.stdout != "{{ tomcat_instance_name }}"
--- a/tomcat-instance/tasks/systemd.yml
+++ b/tomcat-instance/tasks/systemd.yml
@ -1,7 +1,7 @@
 ---
 - name: Enable systemd user mode
  command: "loginctl enable-linger {{ tomcat_instance_name }}"
-  changed_when: false
+  changed_when: False

 - name: Set systemd conf var
  lineinfile:
--- a/webapps/wordpress/tasks/main.yml
+++ b/webapps/wordpress/tasks/main.yml
@ -25,7 +25,7 @@
 - name: Generate random password
  command: apg -n1 -m 12 -M LCN
  register: shell_password
-  changed_when: false
+  changed_when: False

 - name: Read mysql config from .my.cnf
  set_fact:
@ -48,13 +48,13 @@

 - name: Configure site
  shell: '{{ wordpress_wpcli }} core install --url={{ wordpress_host | quote }} --title={{ wordpress_title | quote }} --admin_user=admin --admin_password="{{ admin_pwd | quote }}" --admin_email={{ wordpress_email }} --skip-email'
-  changed_when: false
+  changed_when: False

 - name: Check if Wordpress is up to date
  shell: '{{ wordpress_wpcli }} core check-update | grep -q Success'
  register: check_version
  check_mode: no
-  failed_when: false
+  failed_when: False
  changed_when: check_version.rc == 1

 - name: Update Wordpress
@ -65,17 +65,17 @@

 - name: Install default plugin
  shell: '{{ wordpress_wpcli }} plugin is-installed {{ item }} || {{ wordpress_wpcli }} plugin install {{ item }}'
-  changed_when: false
+  changed_when: False
  loop: "{{ wordpress_plugins }}"

 - name: Update default plugins
  shell: '{{ wordpress_wpcli }} plugin is-installed {{ item }} && {{ wordpress_wpcli }} plugin update {{ item }}'
-  changed_when: false
+  changed_when: False
  loop: "{{ wordpress_plugins }}"

 - name: Activate default plugins
  shell: '{{ wordpress_wpcli }} plugin is-installed {{ item }} && {{ wordpress_wpcli }} plugin activate {{ item }}'
-  changed_when: false
+  changed_when: False
  loop: "{{ wordpress_plugins }}"

 - name: Send a summary mail