From c219b37aa62b110f13de200c5b665030a79f0116 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Fri, 21 Jun 2024 10:48:31 +0200 Subject: [PATCH] webapps/etherpad > lint --- webapps/etherpad/tasks/main.yml | 23 ++++++++++++++--------- webapps/etherpad/tasks/upgrade.yml | 2 +- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/webapps/etherpad/tasks/main.yml b/webapps/etherpad/tasks/main.yml index 25c07243..4b35a76f 100644 --- a/webapps/etherpad/tasks/main.yml +++ b/webapps/etherpad/tasks/main.yml @@ -4,7 +4,7 @@ - name: Install main system dependencies ansible.builtin.apt: name: "{{ etherpad_system_dep }}" - update_cache: yes + update_cache: true - name: Install pnpm (via npm) ansible.builtin.command: @@ -15,7 +15,7 @@ path: /usr/local/lib/node_modules/ state: directory mode: o+rx - recurse: yes + recurse: true - name: Add UNIX account ansible.builtin.user: @@ -30,7 +30,7 @@ ansible.builtin.mysql_user: name: "{{ etherpad_db_user }}" password: "{{ etherpad_db_password }}" - priv: "{{ etherpad_db_name }}.*:{{privileges |default('SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER,CREATE TEMPORARY TABLES')}}" + priv: "{{ etherpad_db_name }}.*:{{ privileges | default('SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER,CREATE TEMPORARY TABLES') }}" update_password: on_create - name: Clone etherpad repo (git) @@ -38,7 +38,7 @@ repo: "{{ etherpad_git_url }}" dest: "~/etherpad-lite/" version: "{{ etherpad_git_version | default(omit) }}" - update: yes + update: true force: true umask: '0022' become_user: "{{ service }}" @@ -72,8 +72,8 @@ - name: Enable systemd unit ansible.builtin.systemd: name: "{{ service }}.service" - enabled: yes - daemon_reload: yes + enabled: true + daemon_reload: true notify: - restart etherpad @@ -84,10 +84,11 @@ - name: Check if SSL certificate is present and register result ansible.builtin.stat: - path: "/etc/letsencrypt/live/{{ etherpad_domains |first }}/fullchain.pem" + path: "/etc/letsencrypt/live/{{ etherpad_domains | first }}/fullchain.pem" register: ssl - name: Generate certificate only if required (first time) + when: ssl.stat.exists != true block: - name: Template vhost without SSL for successfull LE challengce ansible.builtin.template: @@ -100,6 +101,7 @@ state: link notify: - reload nginx + - name: Flush handlers ansible.builtin.meta: flush_handlers - name: Make sure /var/lib/letsencrypt exists and has correct permissions @@ -107,19 +109,22 @@ path: /var/lib/letsencrypt state: directory mode: '0755' + - name: Generate certificate with certbot ansible.builtin.command: - cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ etherpad_certbot_admin_email }} -d {{ etherpad_domains |first }} + cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ etherpad_certbot_admin_email }} -d {{ etherpad_domains | first }} + - name: Create the ssl dir if needed ansible.builtin.file: path: /etc/nginx/ssl state: directory mode: '0750' + - name: Template ssl bloc for nginx vhost ansible.builtin.template: src: "ssl.conf.j2" dest: "/etc/nginx/ssl/{{ etherpad_domains |first }}.conf" - when: ssl.stat.exists != true + - name: (Re)check if SSL certificate is present and register result ansible.builtin.stat: diff --git a/webapps/etherpad/tasks/upgrade.yml b/webapps/etherpad/tasks/upgrade.yml index 45d1fb45..a32fad49 100644 --- a/webapps/etherpad/tasks/upgrade.yml +++ b/webapps/etherpad/tasks/upgrade.yml @@ -17,7 +17,7 @@ repo: "{{ etherpad_git_url }}" dest: "~/etherpad-lite/" version: "{{ etherpad_git_version }}" - update: yes + update: true force: true become_user: "{{ service }}"