diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..c6123e8 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,14 @@ +#warn_list: # or 'skip_list' to silence them completely +skip_list: + - experimental + - var-naming[no-role-prefix] + - name +warn_list: + - '204' # Lines should be no longer than 160 chars + - no-handler + - ignore-errors + - fqcn-builtins + - fqcn + - partial-become[task] + - template-instead-of-copy +offline: true diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..781c027 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.password-store +.gitignore +.envrc diff --git a/.yamllint.yaml b/.yamllint.yaml index d932357..2d3284c 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -15,3 +15,8 @@ rules: max-spaces-after: -1 commas: max-spaces-after: -1 + comments: + min-spaces-from-content: 1 + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/authorized_keys/blackdragon.keys b/authorized_keys/blackdragon.keys deleted file mode 100644 index d488f52..0000000 --- a/authorized_keys/blackdragon.keys +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLZGbt/we3JQ482/NYcdOKGoKDOj1MgmYFP2GDmjLw/ kyan@flandre diff --git a/bitlair.yaml b/bitlair.yaml index 19de646..d09757f 100644 --- a/bitlair.yaml +++ b/bitlair.yaml @@ -1,73 +1,80 @@ --- -- hosts: all +- name: common + hosts: all gather_facts: true roles: - { role: "common", tags: ["common"] } - { role: "nft", tags: ["nft"] } -- hosts: bank +- name: bank + hosts: bank roles: - { role: "bank", tags: ["bank"] } -- hosts: homeassistant +- name: homeassistant + hosts: homeassistant roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } -- hosts: raspi +- name: raspi + hosts: raspi roles: - { role: "raspi", tags: ["raspi"] } - { role: "bank-terminal", tags: ["bank-terminal"] } -- hosts: fotos +- name: fotos + hosts: fotos roles: - { role: "photos", tags: ["photos"] } -- hosts: git-ci +- name: CI + hosts: git-ci roles: - - { role: "git_ci", tags: ["git_ci"] } + - { role: "git-ci", tags: ["git-ci"] } -- hosts: git +- name: git + hosts: git roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "git-server", tags: ["git-server"] } -- hosts: monitoring +- name: monitoring + hosts: monitoring roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "monitoring", tags: ["monitoring"] } -- hosts: mqtt +- name: mqtt + hosts: mqtt roles: - { role: "mqtt", tags: ["mqtt"] } -- hosts: music +- name: music + hosts: music roles: - { role: "acme", tags: ["acme"] } - { role: "go", tags: ["go"] } - { role: "music", tags: ["music"] } -- hosts: pad +- name: pad + hosts: pad roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "etherpad", tags: ["etherpad"] } -- hosts: services +- name: services + hosts: services roles: - { role: "services", tags: ["services"] } -- hosts: wiki +- name: wiki + hosts: wiki roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "www", tags: ["www"] } - -- hosts: chat - roles: - - { role: "acme", tags: [ "acme" ] } - - { role: "nginx", tags: [ "nginx" ] } - - { role: "chat", tags: [ "chat" ] } diff --git a/chat.yaml b/chat.yaml deleted file mode 100644 index a5b4c42..0000000 --- a/chat.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- - -- hosts: chat - roles: - - { role: "common", tags: [ "common" ] } - - { role: "nft", tags: [ "nft" ] } - - { role: "nginx", tags: [ "nginx" ] } - - { role: "acme", tags: [ "acme" ] } - - { role: "chat", tags: [ "chat" ] } diff --git a/git-ci.yaml b/git-ci.yaml index 4a53a08..711dac4 100644 --- a/git-ci.yaml +++ b/git-ci.yaml @@ -3,4 +3,4 @@ - hosts: git-ci roles: - { role: "common", tags: [ "common" ] } - - { role: "git_ci", tags: [ "git_ci" ] } + - { role: "git-ci", tags: [ "git-ci" ] } diff --git a/group_vars/all.yaml b/group_vars/all.yaml index 39de4c0..3deb227 100644 --- a/group_vars/all.yaml +++ b/group_vars/all.yaml @@ -36,6 +36,3 @@ mqtt_public_host: bitlair.nl debian_repourl: "http://deb.debian.org/debian/" debian_securityurl: "http://security.debian.org/debian-security" -deb_forgejo_repos: - - host: git.polyfloyd.net - owner: polyfloyd diff --git a/group_vars/chat.yaml b/group_vars/chat.yaml deleted file mode 100644 index 08a3480..0000000 --- a/group_vars/chat.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- - -root_access: - - blackdragon - - ak - - foobar - - polyfloyd - -nodejs_version: 22.x -thelounge_version: "4.4.3" -thelounge_ldap_url: ldaps://ldap.bitlair.nl -thelounge_ldap_filter: (objectClass=inetOrgPerson) -thelounge_ldap_base: ou=Members,dc=bitlair,dc=nl -chat_hostname: chat.bitlair.nl - -acme_domains: - - "{{ chat_hostname }}" - -nginx_sites: - - server_name: "{{ chat_hostname }}" - config: - - |- - location / { - proxy_pass http://127.0.0.1:9000/; - proxy_http_version 1.1; - proxy_set_header Connection "upgrade"; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - - # by default nginx times out connections in one minute - proxy_read_timeout 1d; - } - -group_nft_input: - - "tcp dport { http, https } accept # Allow web-traffic from world" diff --git a/inventory b/inventory index 86d1bea..c380b07 100644 --- a/inventory +++ b/inventory @@ -17,8 +17,7 @@ blockchain.bitlair.nl git.bitlair.nl [git-ci] -git-ci01.bitlair.nl -git-ci02.bitlair.nl +git-ci.bitlair.nl [pad] pad.bitlair.nl diff --git a/lint.sh b/lint.sh index bc0183d..296c955 100755 --- a/lint.sh +++ b/lint.sh @@ -1,5 +1,6 @@ #!/bin/bash j2lint `find ./ -type f -name '*.j2'` +yamllint -c .yamllint.yaml . ansible-lint bitlair.yaml diff --git a/monitoring.yaml b/monitoring.yaml index 202cb58..9e05df0 100644 --- a/monitoring.yaml +++ b/monitoring.yaml @@ -4,6 +4,5 @@ roles: - { role: "common", tags: [ "common" ] } - { role: "acme", tags: [ "acme" ] } - - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "nginx", tags: [ "nginx" ] } - { role: "monitoring", tags: [ "monitoring" ] } diff --git a/music.yaml b/music.yaml index 17666f3..e4ea70b 100644 --- a/music.yaml +++ b/music.yaml @@ -4,7 +4,6 @@ roles: - { role: "common", tags: [ "common" ] } - { role: "acme", tags: [ "acme" ] } - - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "go", tags: [ "go" ] } # - { role: "nginx", tags: [ "nginx" ] } - { role: "music", tags: [ "music" ] } diff --git a/roles/acme/handlers/main.yaml b/roles/acme/handlers/main.yaml index 7ff2509..3b4b5d1 100644 --- a/roles/acme/handlers/main.yaml +++ b/roles/acme/handlers/main.yaml @@ -1,9 +1,5 @@ --- -- name: update_contact_info - ansible.builtin.command: - cmd: dehydrated --account - - name: run dehydrated ansible.builtin.command: cmd: dehydrated --cron diff --git a/roles/bank-terminal/tasks/main.yaml b/roles/bank-terminal/tasks/main.yaml index 7a01ccb..d035da3 100644 --- a/roles/bank-terminal/tasks/main.yaml +++ b/roles/bank-terminal/tasks/main.yaml @@ -4,11 +4,11 @@ block: - name: Add user ansible.builtin.user: - name: bank-terminal - home: /home/{{ bank_terminal_user }} - shell: /home/{{ bank_terminal_user }}/login + name: "bank-terminal" + home: "/home/{{ bank_terminal_user }}" + shell: "/home/{{ bank_terminal_user }}/login" generate_ssh_key: yes - ssh_key_type: ed25519 + ssh_key_type: "ed25519" - name: Locate agetty ansible.builtin.command: @@ -16,34 +16,35 @@ register: agetty_location_cmd - name: Set agetty var - ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}" + ansible.builtin.set_fact: + agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}" - name: Install login script ansible.builtin.template: - src: login - dest: /home/{{ bank_terminal_user }}/login - owner: bank-terminal - group: bank-terminal - mode: 0755 + src: "login" + dest: "/home/{{ bank_terminal_user }}/login" + owner: "bank-terminal" + group: "bank-terminal" + mode: "0755" - name: Autologin User ansible.builtin.template: - src: tty_autologin.conf - dest: /etc/systemd/system/getty@tty1.service.d/override.conf - owner: root - group: root - mode: 0644 + src: "tty_autologin.conf" + dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" + owner: "root" + group: "root" + mode: "0644" notify: daemon_reload - name: Clear MOTD ansible.builtin.copy: content: "" - dest: /etc/motd + dest: "/etc/motd" # Set console font so the Revbank QR codes are rendered correctly. - name: Console setup ansible.builtin.lineinfile: - path: /etc/default/console-setup + path: "/etc/default/console-setup" line: '{{ item.k }}="{{ item.v }}"' regexp: "^#?{{ item.k }}" with_items: @@ -56,8 +57,8 @@ - name: Console Setup Management Note ansible.builtin.lineinfile: - path: /etc/default/console-setup - line: '# Managed by Ansible' + path: "/etc/default/console-setup" + line: "# Managed by Ansible" insertafter: "CONFIGURATION FILE" - name: Read pubkey diff --git a/roles/bank/tasks/login.yaml b/roles/bank/tasks/login.yaml index 7ed568e..029f826 100644 --- a/roles/bank/tasks/login.yaml +++ b/roles/bank/tasks/login.yaml @@ -41,14 +41,14 @@ - name: Create getty dir ansible.builtin.file: - path: /etc/systemd/system/getty@tty1.service.d + path: "/etc/systemd/system/getty@tty1.service.d" state: directory - name: Autologin User ansible.builtin.template: - src: tty_autologin.conf - dest: /etc/systemd/system/getty@tty1.service.d/override.conf - owner: root - group: root - mode: 0644 + src: "tty_autologin.conf" + dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" + owner: "root" + group: "root" + mode: "0644" notify: daemon reload diff --git a/roles/bank/tasks/revbank-deposit.yaml b/roles/bank/tasks/revbank-deposit.yaml index 1190a53..97c3593 100644 --- a/roles/bank/tasks/revbank-deposit.yaml +++ b/roles/bank/tasks/revbank-deposit.yaml @@ -23,18 +23,18 @@ ansible.builtin.template: src: revbank-deposit.conf dest: /etc/revbank-deposit.conf - owner: root - group: root - mode: 0600 + owner: "root" + group: "root" + mode: "0600" notify: Restart revbank-deposit - name: Install revbank-deposit service ansible.builtin.template: src: revbank-deposit.service dest: /etc/systemd/system/revbank-deposit.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart revbank-deposit - name: Start revbank-deposit @@ -44,4 +44,4 @@ state: started enabled: true -- meta: flush_handlers +- ansible.builtin.meta: flush_handlers diff --git a/roles/bank/tasks/revbank.yaml b/roles/bank/tasks/revbank.yaml index ec283d1..9ffb91c 100644 --- a/roles/bank/tasks/revbank.yaml +++ b/roles/bank/tasks/revbank.yaml @@ -26,7 +26,7 @@ state: touch owner: "{{ bank_user }}" group: "{{ bank_user }}" - mode: 0644 + mode: "0644" with_items: - revbank.accounts - revbank.market diff --git a/roles/bank/templates/git.cron b/roles/bank/templates/git.cron index b334260..b703657 100644 --- a/roles/bank/templates/git.cron +++ b/roles/bank/templates/git.cron @@ -1,4 +1,4 @@ SHELL=/bin/bash -#m h dom mon dow user command - */10 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) +#m h dom mon dow user command + 0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) diff --git a/roles/chat/defaults/main.yaml b/roles/chat/defaults/main.yaml deleted file mode 100644 index 4e52991..0000000 --- a/roles/chat/defaults/main.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -chat_user: thelounge -chat_group: thelounge -chat_configdir: "/etc/thelounge" diff --git a/roles/chat/handlers/main.yaml b/roles/chat/handlers/main.yaml deleted file mode 100644 index e03963e..0000000 --- a/roles/chat/handlers/main.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: Reload systemd - ansible.builtin.systemd: - daemon_reload: yes - -- name: Restart thelounge - ansible.builtin.systemd: - name: thelounge - state: restarted - enabled: true diff --git a/roles/chat/tasks/main.yaml b/roles/chat/tasks/main.yaml deleted file mode 100644 index 7b74982..0000000 --- a/roles/chat/tasks/main.yaml +++ /dev/null @@ -1,112 +0,0 @@ ---- - -- name: Install dependencies - ansible.builtin.apt: - state: present - pkg: - - gpg - - apt-transport-https - - build-essential - -- name: Import nodesource signing key - ansible.builtin.shell: - cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor - -o /usr/share/keyrings/nodesource.gpg - args: - creates: /usr/share/keyrings/nodesource.gpg - notify: Apt update - -- name: Ensure directories are present - ansible.builtin.file: - path: "{{ item.path }}" - owner: "{{ chat_user }}" - group: "{{ chat_group }}" - state: "{{ item.state | default('directory') }}" - mode: "{{ item.mode | default('0770') }}" - with_items: - - { path: "{{ chat_configdir }}" } - - { path: "/var/local/thelounge/users" } - - { path: "/var/local/thelounge/storage" } - notify: - - Restart thelounge - -- name: Configure templates - ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ item.owner | default( chat_user ) }}" - group: "{{ item.group | default( chat_group ) }}" - mode: "{{ item.mode | default('0640') }}" - with_items: - - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list", owner: root, group: root } - - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs", owner: root, group: root } - -- name: Install nodejs - ansible.builtin.apt: - name: nodejs - -- name: Install yarn - ansible.builtin.shell: - cmd: npm install --global yarn - -- stat: path=/opt/thelounge - register: src_path - -- name: Retreive thelounge source - block: - - name: Checkout source - ansible.builtin.git: - repo: 'https://github.com/revspace/thelounge.git' - dest: /opt/thelounge - version: 9d6dc83 - force: true - - - name: Copy patch - ansible.builtin.template: - src: thelounge-bitlair.patch - dest: /tmp/thelounge-bitlair.patch - - - name: Apply patch - ansible.builtin.shell: - chdir: /opt/thelounge - cmd: git apply /tmp/thelounge-bitlair.patch - when: not src_path.stat.exists - -- name: Build and install thelounge - ansible.builtin.shell: - chdir: /opt/thelounge - cmd: yarn add sharp --ignore-engines && yarn install --include-optional sharp && NODE_ENV=production yarn build && ln -sf $(pwd)/index.js /usr/local/bin/thelounge - notify: - - Restart thelounge - -- name: Ensure user thelounge is present - ansible.builtin.user: - name: thelounge - createhome: no - comment: The Lounge (IRC client) - system: yes - state: present - -- name: Ensure JS and JSON syntax checking packages are installed - yarn: - name: "{{ item }}" - global: yes - state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in - with_items: - - esprima - - jsonlint - changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in - -- name: Configure templates - ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ item.owner | default( chat_user ) }}" - group: "{{ item.group | default( chat_group ) }}" - mode: "{{ item.mode | default('0640') }}" - validate: "{{ item.validate | default([]) }}" - with_items: - - { src: "config.js.j2", dest: "/etc/thelounge/config.js", validate: 'esvalidate %s' } - - { src: "thelounge.service", dest: "/etc/systemd/system/thelounge.service", owner: root, group: root, notify: "Reload systemd" } - notify: "{{ item.notify | default('Restart thelounge') }}" - diff --git a/roles/chat/templates/config.js.j2 b/roles/chat/templates/config.js.j2 deleted file mode 100644 index 69b1727..0000000 --- a/roles/chat/templates/config.js.j2 +++ /dev/null @@ -1,59 +0,0 @@ -"use strict"; - -module.exports = { - public: false, - port: 9000, - bind: "0.0.0.0", - host: "127.0.0.1", - reverseProxy: true, - lockNetwork: true, - maxHistory: 10000, - leaveMessage: "Doei!", - defaults: { - name: "Smurfnet", - password: "", - rejectUnauthorized: true, - nick: "", - username: "", - realname: "", - join: "#bitlair", - }, - messageStorage: ["sqlite", "text"], - fileUpload: { - enable: true, - }, - networks: { - Smurfnet: { - host: "irc.smurfnet.ch", - port: 6697, - tls: true, - rejectUnauthorized: false, - }, - "Libera.Chat": { - host: "irc.libera.chat", - port: 6697, - tls: true, - rejectUnauthorized: true, - }, - OFTC: { - host: "irc.oftc.net", - port: 6697, - tls: true, - rejectUnauthorized: true, - }, - }, - identd: { - enable: false, - }, - ldap: { - enable: true, - url: "{{ thelounge_ldap_url }}", - primaryKey: "uid", - searchDN: { - rootDN: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN subkey=binddn') }}", - rootPassword: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN') }}", - filter: "{{ thelounge_ldap_filter }}", - base: "{{ thelounge_ldap_base }}", - }, - }, -}; diff --git a/roles/chat/templates/nodejs-apt-pref b/roles/chat/templates/nodejs-apt-pref deleted file mode 100644 index 6193912..0000000 --- a/roles/chat/templates/nodejs-apt-pref +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} - -Package: nodejs -Pin: origin deb.nodesource.com -Pin-Priority: 1000 diff --git a/roles/chat/templates/nodesource.list b/roles/chat/templates/nodesource.list deleted file mode 100644 index 6ac9322..0000000 --- a/roles/chat/templates/nodesource.list +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} - -deb [arch=amd64 signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main diff --git a/roles/chat/templates/thelounge-bitlair.patch b/roles/chat/templates/thelounge-bitlair.patch deleted file mode 100644 index fdfb795..0000000 --- a/roles/chat/templates/thelounge-bitlair.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff --git a/package.json b/package.json -index 2991a6ec..dac43f16 100644 ---- a/package.json -+++ b/package.json -@@ -84,9 +84,7 @@ - "ua-parser-js": "1.0.33", - "uuid": "8.3.2", - "web-push": "3.4.5", -- "yarn": "1.22.17" -- }, -- "optionalDependencies": { -+ "yarn": "1.22.17", - "sqlite3": "5.1.7" - }, - "devDependencies": { -diff --git a/server/plugins/auth/ldap.ts b/server/plugins/auth/ldap.ts -index e6093b0f..d30b9a1c 100644 ---- a/server/plugins/auth/ldap.ts -+++ b/server/plugins/auth/ldap.ts -@@ -134,7 +134,7 @@ const ldapAuth: AuthHandler = (manager, client, user, password, callback) => { - // auth plugin API - function callbackWrapper(valid: boolean) { - if (valid && !client) { -- manager.addUser(user, null, false); -+ manager.addUser(user, null, true); - } - - callback(valid); diff --git a/roles/chat/templates/thelounge.service b/roles/chat/templates/thelounge.service deleted file mode 100644 index 26a11ea..0000000 --- a/roles/chat/templates/thelounge.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=The Lounge (IRC client) -After=network-online.target -Wants=network-online.target - -[Service] -User={{ chat_user }} -Group={{ chat_group }} -Type=simple -Environment=THELOUNGE_HOME=/var/local/thelounge -ExecStart=/usr/local/bin/thelounge start -ProtectSystem=yes -ProtectHome=yes -PrivateTmp=yes - -[Install] -WantedBy=multi-user.target diff --git a/roles/common/handlers/main.yaml b/roles/common/handlers/main.yaml index b35b8d8..3f6d5b8 100644 --- a/roles/common/handlers/main.yaml +++ b/roles/common/handlers/main.yaml @@ -3,7 +3,7 @@ ansible.builtin.command: cmd: update-grub -- name: apt update +- name: Apt update ansible.builtin.apt: update_cache: true diff --git a/roles/common/tasks/debian-upgrade.yaml b/roles/common/tasks/debian-upgrade.yaml index f986713..b480bea 100644 --- a/roles/common/tasks/debian-upgrade.yaml +++ b/roles/common/tasks/debian-upgrade.yaml @@ -4,9 +4,9 @@ ansible.builtin.template: src: stable-sources.list dest: /etc/apt/sources.list - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" - name: Remove backports ansible.builtin.file: diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml index 29f7744..4f82e2f 100644 --- a/roles/common/tasks/main.yaml +++ b/roles/common/tasks/main.yaml @@ -30,7 +30,7 @@ ansible.builtin.template: src: authorized_keys.j2 dest: /root/.ssh/authorized_keys - mode: 0600 + mode: "0600" when: root_access is defined and root_access tags: authorized_keys diff --git a/roles/common/tasks/network.yaml b/roles/common/tasks/network.yaml index 7e2a75b..fae4ed5 100644 --- a/roles/common/tasks/network.yaml +++ b/roles/common/tasks/network.yaml @@ -28,9 +28,9 @@ ansible.builtin.template: src: network-interfaces dest: /etc/network/interfaces - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" when: network_br or network_dhcp or network_static - ansible.builtin.meta: flush_handlers diff --git a/roles/deb_forgejo/defaults/main.yaml b/roles/deb_forgejo/defaults/main.yaml deleted file mode 100644 index 21082e1..0000000 --- a/roles/deb_forgejo/defaults/main.yaml +++ /dev/null @@ -1 +0,0 @@ -deb_private_host: git.polyfloyd.net diff --git a/roles/deb_forgejo/handlers/default.yaml b/roles/deb_forgejo/handlers/default.yaml deleted file mode 100644 index e7a11ce..0000000 --- a/roles/deb_forgejo/handlers/default.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- ansible.builtin.import_tasks: - file: ../../common/handlers/main.yaml diff --git a/roles/deb_forgejo/tasks/main.yaml b/roles/deb_forgejo/tasks/main.yaml deleted file mode 100644 index 68c3c44..0000000 --- a/roles/deb_forgejo/tasks/main.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- tags: deb_forgejo - block: - - name: Install dependencies - apt: - name: apt-transport-https - state: present - - - name: Install packaging key - get_url: - url: https://{{ item.host }}/api/packages/{{ item.owner }}/debian/repository.key - dest: /etc/apt/keyrings/{{ item.host }}-{{ item.owner }}.asc - mode: "0644" - with_items: "{{ deb_forgejo_repos }}" - notify: apt update - - - name: Install sources.list - template: - src: sources.list - dest: /etc/apt/sources.list.d/deb-forgejo.list - owner: root - group: root - mode: "0644" - notify: apt update - - - meta: flush_handlers diff --git a/roles/deb_forgejo/templates/sources.list b/roles/deb_forgejo/templates/sources.list deleted file mode 100644 index 9400fd3..0000000 --- a/roles/deb_forgejo/templates/sources.list +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} - -{% for repo in deb_forgejo_repos %} -deb [signed-by=/etc/apt/keyrings/{{ repo.host }}-{{ repo.owner }}.asc] https://{{ repo.host }}/api/packages/{{ repo.owner }}/debian {{ repo.distro | default('stable') }} {{ repo.component | default('main') }} -{% endfor %} diff --git a/roles/etherpad/tasks/main.yaml b/roles/etherpad/tasks/main.yaml index 38dc4d3..c7b1521 100644 --- a/roles/etherpad/tasks/main.yaml +++ b/roles/etherpad/tasks/main.yaml @@ -15,25 +15,18 @@ -o /usr/share/keyrings/nodesource.gpg args: creates: /usr/share/keyrings/nodesource.gpg - notify: apt update + notify: Apt update - name: Install nodesource source list ansible.builtin.template: - src: nodesource.list - dest: /etc/apt/sources.list.d/nodesource.list - owner: root - group: root - mode: 0644 - notify: apt update - -- name: Install nodejs apt preference - ansible.builtin.template: - src: nodejs-apt-pref - dest: /etc/apt/preferences.d/nodejs - owner: root - group: root - mode: 0644 - notify: apt update + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default('root') }}" + group: "{{ item.group | default('root') }}" + with_items: + - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" } + - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" } + notify: Apt update - ansible.builtin.meta: flush_handlers @@ -67,17 +60,17 @@ ansible.builtin.file: path: /var/log/etherpad.log state: touch - owner: etherpad - group: etherpad - mode: 0644 + owner: "etherpad" + group: "etherpad" + mode: "0644" - name: Create source directory ansible.builtin.file: path: /opt/etherpad state: directory - owner: etherpad - group: etherpad - mode: 0755 + owner: "etherpad" + group: "etherpad" + mode: "0755" - name: Clone etherpad source become: yes @@ -94,18 +87,18 @@ ansible.builtin.template: src: settings.json dest: /opt/etherpad/settings.json - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart etherpad - name: Install etherpad service ansible.builtin.template: src: etherpad.service dest: /etc/systemd/system/etherpad.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart etherpad - name: Start etherpad @@ -119,8 +112,8 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/etherpad - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx diff --git a/roles/git-ci/defaults/main.yaml b/roles/git-ci/defaults/main.yaml new file mode 100644 index 0000000..2e805ee --- /dev/null +++ b/roles/git-ci/defaults/main.yaml @@ -0,0 +1,2 @@ +runner_wd: /var/lib/forgejo-runner +runner_version: 6.3.0 diff --git a/roles/git_ci/handlers/main.yaml b/roles/git-ci/handlers/main.yaml similarity index 85% rename from roles/git_ci/handlers/main.yaml rename to roles/git-ci/handlers/main.yaml index 05f3913..361ba38 100644 --- a/roles/git_ci/handlers/main.yaml +++ b/roles/git-ci/handlers/main.yaml @@ -3,6 +3,6 @@ file: ../../common/handlers/main.yaml - name: restart forgejo-runner - systemd: + ansible.builtin.systemd: name: forgejo-runner state: restarted diff --git a/roles/git-ci/tasks/main.yaml b/roles/git-ci/tasks/main.yaml new file mode 100644 index 0000000..ea688fa --- /dev/null +++ b/roles/git-ci/tasks/main.yaml @@ -0,0 +1,50 @@ +--- + +- name: Install dependencies + ansible.builtin.apt: + name: docker.io + +- name: Download forgejo-runner + ansible.builtin.get_url: + url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64" + dest: /usr/local/bin/forgejo-runner + mode: "0755" + notify: restart forgejo-runner + +- name: Create runner dir + ansible.builtin.file: + state: directory + path: "{{ runner_wd }}" + owner: "root" + group: "root" + mode: "0755" + +- name: Register runner + ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}" + args: + chdir: "{{ runner_wd }}" + creates: "{{ runner_wd }}/.runner" + +- name: Install service file + ansible.builtin.template: + src: forgejo-runner.service + dest: /etc/systemd/system/forgejo-runner.service + owner: "root" + group: "root" + mode: "0644" + notify: restart forgejo-runner + +- name: Enable service + ansible.builtin.systemd: + name: forgejo-runner + enabled: true + daemon_reload: true + +- name: Start service + ansible.builtin.systemd: + name: forgejo-runner + state: started + daemon_reload: true + +- name: Flush handlers + ansible.builtin.meta: flush_handlers diff --git a/roles/git_ci/templates/forgejo-runner.service b/roles/git-ci/templates/forgejo-runner.service similarity index 84% rename from roles/git_ci/templates/forgejo-runner.service rename to roles/git-ci/templates/forgejo-runner.service index 9cd5b5b..c9550d2 100644 --- a/roles/git_ci/templates/forgejo-runner.service +++ b/roles/git-ci/templates/forgejo-runner.service @@ -6,7 +6,7 @@ After=network.target [Service] ExecStart=/usr/local/bin/forgejo-runner daemon -WorkingDirectory={{ git_ci_runner_wd }} +WorkingDirectory={{ runner_wd }} Restart=on-failure RestartSec=10s diff --git a/roles/git-server/tasks/main.yaml b/roles/git-server/tasks/main.yaml index 5104ef5..847d850 100644 --- a/roles/git-server/tasks/main.yaml +++ b/roles/git-server/tasks/main.yaml @@ -11,9 +11,9 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/forgejo - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx - name: Enable nginx site @@ -36,7 +36,7 @@ path: /var/log/forgejo owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: 0755 + mode: "0755" # TODO: Install initial config @@ -44,9 +44,9 @@ ansible.builtin.template: src: forgejo.service dest: /etc/systemd/system/forgejo.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload forgejo - name: Install update script @@ -55,7 +55,7 @@ dest: "{{ git_server_working_dir }}/update.sh" owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: 0755 + mode: "0755" - name: Perform initial update ansible.builtin.command: "{{ git_server_working_dir }}/update.sh" diff --git a/roles/git_ci/defaults/main.yaml b/roles/git_ci/defaults/main.yaml deleted file mode 100644 index 2c54fd9..0000000 --- a/roles/git_ci/defaults/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ ---- -git_ci_runner_wd: /var/lib/forgejo-runner diff --git a/roles/git_ci/tasks/main.yaml b/roles/git_ci/tasks/main.yaml deleted file mode 100644 index c2c4002..0000000 --- a/roles/git_ci/tasks/main.yaml +++ /dev/null @@ -1,83 +0,0 @@ ---- -- tags: git_ci - block: - - name: Install dependencies - apt: - name: docker.io - - - name: Query latest forgejo-runner version - uri: - url: https://code.forgejo.org/api/v1/repos/forgejo/runner/tags - return_content: true - register: response - changed_when: false - check_mode: false - failed_when: "response is failed or 'json' not in response" - - - name: Format forgejo-runner latest version - set_fact: - forgejo_runner_version: "{{ response['json'][0]['name'] | trim('v') }}" - - - name: Detect installed forgejo-runner version - shell: - cmd: | - set -o pipefail - forgejo-runner --version | grep --color=never -Po '\d\.\d+(\.\d+)?' || echo none - executable: /bin/bash - register: forgejo_runner_installed_version_shell - changed_when: false - check_mode: false - - - name: Format installed forgejo-runner version - set_fact: - forgejo_runner_installed_version: "{{ forgejo_runner_installed_version_shell.stdout }}" - - - debug: - msg: - - "Forgejo Runner latest version: {{ forgejo_runner_version }}" - - "Forgejo Runner installed version: {{ forgejo_runner_installed_version }}" - - - name: Download forgejo-runner - get_url: - url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ forgejo_runner_version }}/forgejo-runner-{{ forgejo_runner_version }}-linux-amd64" - dest: /usr/local/bin/forgejo-runner - mode: "0755" - notify: restart forgejo-runner - when: forgejo_runner_installed_version != forgejo_runner_version - - - name: Create runner dir - file: - state: directory - path: "{{ git_ci_runner_wd }}" - owner: root - group: root - mode: "0755" - - - name: Register runner - command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}" - args: - chdir: "{{ git_ci_runner_wd }}" - creates: "{{ git_ci_runner_wd }}/.runner" - - - name: Install service file - template: - src: forgejo-runner.service - dest: /etc/systemd/system/forgejo-runner.service - owner: root - group: root - mode: "0644" - notify: restart forgejo-runner - - - name: Enable service - systemd: - name: forgejo-runner - enabled: true - daemon_reload: true - - - name: Start service - systemd: - name: forgejo-runner - state: started - daemon_reload: true - - - meta: flush_handlers diff --git a/roles/go/tasks/main.yaml b/roles/go/tasks/main.yaml index ab16901..ebd93c7 100644 --- a/roles/go/tasks/main.yaml +++ b/roles/go/tasks/main.yaml @@ -48,17 +48,17 @@ src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz dest: /usr/local remote_src: yes - owner: root - group: root + owner: "root" + group: "root" when: go_installed_version != go_latest_version - name: Configure Go environment ansible.builtin.template: src: go.profile dest: /etc/profile.d/go.sh - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" - name: Link go binary ansible.builtin.file: diff --git a/roles/monitoring/tasks/grafana.yaml b/roles/monitoring/tasks/grafana.yaml index 3e09b8f..974551b 100644 --- a/roles/monitoring/tasks/grafana.yaml +++ b/roles/monitoring/tasks/grafana.yaml @@ -21,9 +21,9 @@ ansible.builtin.template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart grafana with_items: - { src: grafana.ini, dest: /etc/grafana/grafana.ini } @@ -33,9 +33,9 @@ ansible.builtin.template: src: grafana-data-source.yml dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart grafana with_items: - name: Prometheus diff --git a/roles/monitoring/tasks/main.yaml b/roles/monitoring/tasks/main.yaml index 2017d5b..a2878a7 100644 --- a/roles/monitoring/tasks/main.yaml +++ b/roles/monitoring/tasks/main.yaml @@ -4,9 +4,9 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/monitoring - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx - name: Enable nginx site diff --git a/roles/monitoring/tasks/mqtt_exporter.yaml b/roles/monitoring/tasks/mqtt_exporter.yaml index 481d2c1..b0350f4 100644 --- a/roles/monitoring/tasks/mqtt_exporter.yaml +++ b/roles/monitoring/tasks/mqtt_exporter.yaml @@ -1,22 +1,47 @@ --- +- name: Clone source + ansible.builtin.git: + repo: https://github.com/polyfloyd/mqtt-exporter.git + version: main + dest: /opt/mqtt_exporter + accept_hostkey: yes + notify: restart mqtt_exporter + - name: Install apt dependencies ansible.builtin.apt: - name: mqtt-exporter + name: + - jq + - python3-paho-mqtt + - python3-prometheus-client + - python3-yaml state: present +- name: Install service + ansible.builtin.template: + src: mqtt_exporter.service + dest: /etc/systemd/system/mqtt_exporter.service + owner: "root" + group: "root" + mode: "0644" + notify: + - Daemon reload + - restart mqtt_exporter + - name: Install config file ansible.builtin.template: src: mqtt_exporter_config.yaml - dest: /etc/mqtt-exporter.yaml - owner: root - group: root - mode: 0644 - notify: restart mqtt_exporter + dest: /etc/mqtt_exporter.yaml + owner: "root" + group: "root" + mode: "0644" + notify: + - Daemon reload + - restart mqtt_exporter - ansible.builtin.meta: flush_handlers - name: Start service ansible.builtin.systemd: - name: mqtt-exporter + name: mqtt_exporter state: started enabled: true diff --git a/roles/monitoring/tasks/prometheus.yaml b/roles/monitoring/tasks/prometheus.yaml index 30522b5..3c86a0f 100644 --- a/roles/monitoring/tasks/prometheus.yaml +++ b/roles/monitoring/tasks/prometheus.yaml @@ -7,9 +7,9 @@ ansible.builtin.template: src: prometheus.yml dest: "{{ prometheus_config_dir }}/prometheus.yml" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart prometheus - name: Configure Prometheus args diff --git a/roles/mqtt/tasks/main.yaml b/roles/mqtt/tasks/main.yaml index 498f49c..727cca3 100644 --- a/roles/mqtt/tasks/main.yaml +++ b/roles/mqtt/tasks/main.yaml @@ -16,9 +16,9 @@ ansible.builtin.template: src: "{{ item }}" dest: "/etc/mosquitto/conf.d/{{ item }}" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart mosquitto with_items: - bambulab.conf diff --git a/roles/music/tasks/librespot.yaml b/roles/music/tasks/librespot.yaml index 2a8d19b..8b7ea51 100644 --- a/roles/music/tasks/librespot.yaml +++ b/roles/music/tasks/librespot.yaml @@ -18,9 +18,9 @@ ansible.builtin.template: src: librespot.service dest: /etc/systemd/system/librespot.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart librespot - name: Enable Librespot diff --git a/roles/music/tasks/main.yaml b/roles/music/tasks/main.yaml index e8a751c..c57393f 100644 --- a/roles/music/tasks/main.yaml +++ b/roles/music/tasks/main.yaml @@ -28,7 +28,7 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/trollibox - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx diff --git a/roles/music/tasks/mpd.yaml b/roles/music/tasks/mpd.yaml index eb88133..3e7abeb 100644 --- a/roles/music/tasks/mpd.yaml +++ b/roles/music/tasks/mpd.yaml @@ -13,18 +13,18 @@ ansible.builtin.template: src: mpd-volume-to-mqtt.sh dest: /opt/mpd-volume-to-mqtt.sh - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart mpd-volume-to-mqtt - name: Install mpd-volume-to-mqtt service ansible.builtin.template: src: mpd-volume-to-mqtt.service dest: /etc/systemd/system/mpd-volume-to-mqtt.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart mpd-volume-to-mqtt - name: Enable mpd-volume-to-mqtt @@ -46,9 +46,9 @@ ansible.builtin.template: src: skipbutton.service dest: /etc/systemd/system/skipbutton.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart skipbutton - name: Enable skipbutton diff --git a/roles/music/tasks/soundboard.yaml b/roles/music/tasks/soundboard.yaml index 1b72dbf..fa5ace0 100644 --- a/roles/music/tasks/soundboard.yaml +++ b/roles/music/tasks/soundboard.yaml @@ -1,25 +1,45 @@ --- - name: Install dependencies ansible.builtin.apt: - name: - - mqtt-soundboard - - mplayer + name: virtualenv state: present -- ansible.builtin.file: - path: "{{ item }}" - state: absent - with_items: - - /opt/soundboard - - /etc/systemd/system/soundboard.service +- name: Clone soundboard source + ansible.builtin.git: + repo: https://github.com/polyfloyd/mqtt-soundboard.git + version: main + dest: /opt/soundboard + accept_hostkey: yes + notify: Restart soundboard + +- name: Create virtualenv + ansible.builtin.command: + cmd: virtualenv /opt/soundboard/.venv + args: + creates: /opt/soundboard/.venv + +- name: Install Python dependencies + ansible.builtin.shell: + cmd: . .venv/bin/activate && pip install -r requirements.txt + args: + chdir: /opt/soundboard - name: Install soundboard config file ansible.builtin.template: src: soundboard.yaml dest: /etc/soundboard.yaml - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" + notify: Restart soundboard + +- name: Install soundboard service file + ansible.builtin.template: + src: soundboard.service + dest: /etc/systemd/system/soundboard.service + owner: "root" + group: "root" + mode: "0644" notify: Restart soundboard - name: Enable soundboard diff --git a/roles/music/tasks/trollibox.yaml b/roles/music/tasks/trollibox.yaml index 0b20b4a..717c235 100644 --- a/roles/music/tasks/trollibox.yaml +++ b/roles/music/tasks/trollibox.yaml @@ -3,8 +3,8 @@ ansible.builtin.template: src: trollibox.yaml dest: /etc/trollibox.yaml - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart trollibox @@ -32,8 +32,8 @@ ansible.builtin.template: src: trollibox.service dest: /etc/systemd/system/trollibox.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart trollibox diff --git a/roles/photos/tasks/bambulab-fetch.yaml b/roles/photos/tasks/bambulab-fetch.yaml index b050af9..dfcf3b5 100644 --- a/roles/photos/tasks/bambulab-fetch.yaml +++ b/roles/photos/tasks/bambulab-fetch.yaml @@ -5,28 +5,16 @@ - name: Install fetch script ansible.builtin.template: - src: bambulab-fetch.sh - dest: /opt/bambulab-fetch.sh - owner: root - group: root - mode: 0755 - -- name: Install service - ansible.builtin.template: - src: bambulab-fetch.service - dest: /etc/systemd/system/bambulab-fetch.service - owner: root - group: root - mode: 0644 - notify: daemon reload - -- name: Install timer - ansible.builtin.template: - src: bambulab-fetch.timer - dest: /etc/systemd/system/bambulab-fetch.timer - owner: root - group: root - mode: 0644 + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default('root') }}" + group: "{{ item.group | default('root') }}" + mode: "{{ item.mode | default('0644') }}" + force: "{{ item.force | default('yes') }}" + with_items: + - { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" } + - { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" } + - { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" } notify: daemon reload - name: Enable timer diff --git a/roles/photos/tasks/photo-gallery.yaml b/roles/photos/tasks/photo-gallery.yaml index 5a6cfff..95eb800 100644 --- a/roles/photos/tasks/photo-gallery.yaml +++ b/roles/photos/tasks/photo-gallery.yaml @@ -15,18 +15,18 @@ ansible.builtin.template: src: photo-gallery-config.json dest: /opt/photo-gallery/config.json - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart photo-gallery - name: Install photo-gallery service file ansible.builtin.template: src: photo-gallery.service dest: /etc/systemd/system/photo-gallery.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart photo-gallery - name: Start photo-gallery diff --git a/roles/photos/tasks/photos2mqtt.yaml b/roles/photos/tasks/photos2mqtt.yaml index d9f2e05..1fedc06 100644 --- a/roles/photos/tasks/photos2mqtt.yaml +++ b/roles/photos/tasks/photos2mqtt.yaml @@ -14,18 +14,18 @@ ansible.builtin.template: src: photos2mqtt.pl dest: /opt/photos2mqtt.pl - owner: root - group: root - mode: 0755 + owner: "root" + group: "root" + mode: "0755" notify: restart photos2mqtt - name: Install photos2mqtt service file ansible.builtin.template: src: photos2mqtt.service dest: /etc/systemd/system/photos2mqtt.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart photos2mqtt - name: Start photos2mqtt diff --git a/roles/services/tasks/discord_bot.yaml b/roles/services/tasks/discord_bot.yaml index 19a659f..7f64a01 100644 --- a/roles/services/tasks/discord_bot.yaml +++ b/roles/services/tasks/discord_bot.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/discord-bot.git + repo: https://github.com/bitlair/discord-bot.git version: main dest: /var/lib/discord-bot accept_hostkey: yes @@ -32,8 +32,8 @@ ansible.builtin.template: src: discord-bot.service dest: /etc/systemd/system/discord-bot.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart discord-bot diff --git a/roles/services/tasks/ircbot.yaml b/roles/services/tasks/ircbot.yaml index e635302..83a8f72 100644 --- a/roles/services/tasks/ircbot.yaml +++ b/roles/services/tasks/ircbot.yaml @@ -18,9 +18,9 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-bot.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" vars: description: Bitlair IRC bot exec: /bin/bash /var/lib/irc-bot/irc-bot @@ -42,18 +42,18 @@ ansible.builtin.template: src: irc-photos.sh dest: /var/lib/irc-helpers/photos.sh - owner: root - group: root - mode: 0755 + owner: "root" + group: "root" + mode: "0755" notify: Restart irc-photos - name: Install photos notification service ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-photos.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" vars: description: Bitlair IRC photos notification requires: irc-bot.service @@ -71,18 +71,18 @@ ansible.builtin.template: src: irc-doorduino.sh dest: /var/lib/irc-helpers/doorduino.sh - owner: root - group: root - mode: 0755 + owner: "root" + group: "root" + mode: "0755" notify: Restart irc-doorduino - name: Install doorduino notification service ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-doorduino.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" vars: description: Bitlair IRC doorduino notification requires: irc-bot.service diff --git a/roles/services/tasks/mastodon_spacestate.yaml b/roles/services/tasks/mastodon_spacestate.yaml index 9babbbd..8d2175a 100644 --- a/roles/services/tasks/mastodon_spacestate.yaml +++ b/roles/services/tasks/mastodon_spacestate.yaml @@ -7,7 +7,7 @@ - name: Clone source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git + repo: https://github.com/bitlair/mastodon-spacestate.git version: main dest: /var/lib/mastodon-spacestate accept_hostkey: yes @@ -18,18 +18,18 @@ ansible.builtin.template: src: mastodon-spacestate-config.py dest: /var/lib/mastodon-spacestate/config.py - owner: root - group: root - mode: 0655 + owner: "root" + group: "root" + mode: "0655" notify: Restart mastodon-spacestate - name: Install service file ansible.builtin.template: src: mastodon-spacestate.service dest: /etc/systemd/system/mastodon-spacestate.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart mastodon-spacestate - name: Start mastodon-spacestate diff --git a/roles/services/tasks/power_mqtt.yaml b/roles/services/tasks/power_mqtt.yaml index 5c18589..1ca1e7f 100644 --- a/roles/services/tasks/power_mqtt.yaml +++ b/roles/services/tasks/power_mqtt.yaml @@ -7,9 +7,9 @@ ansible.builtin.template: src: power-mqtt.py dest: /var/lib/power-mqtt.py - owner: root - group: root - mode: 0755 + owner: "root" + group: "root" + mode: "0755" notify: Restart power-mqtt - name: Remove old service @@ -21,9 +21,9 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/power-mqtt@.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" vars: description: "SMD630 to MQTT Probe" exec: "/var/lib/power-mqtt.py %i" diff --git a/roles/services/tasks/siahsd.yaml b/roles/services/tasks/siahsd.yaml index c7c3b0b..a1e59a9 100644 --- a/roles/services/tasks/siahsd.yaml +++ b/roles/services/tasks/siahsd.yaml @@ -16,8 +16,8 @@ ansible.builtin.template: src: siahsd.conf dest: /etc/siahsd.conf - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart siahsd @@ -25,8 +25,8 @@ ansible.builtin.template: src: siahsd.service dest: /etc/systemd/system/siahsd.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart siahsd diff --git a/roles/services/tasks/spacestated.yaml b/roles/services/tasks/spacestated.yaml index e35851e..8f22309 100644 --- a/roles/services/tasks/spacestated.yaml +++ b/roles/services/tasks/spacestated.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/spacestated.git + repo: https://github.com/bitlair/spacestated.git version: main dest: /var/lib/spacestated/spacestated accept_hostkey: yes @@ -32,9 +32,9 @@ ansible.builtin.template: src: spacestated.service dest: /etc/systemd/system/spacestated.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart spacestated - name: Start spacestated diff --git a/roles/services/tasks/wifi_mqtt.yaml b/roles/services/tasks/wifi_mqtt.yaml index d69aa34..1f10c64 100644 --- a/roles/services/tasks/wifi_mqtt.yaml +++ b/roles/services/tasks/wifi_mqtt.yaml @@ -8,7 +8,7 @@ - name: Clone source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git + repo: https://github.com/bitlair/wifi-mqtt.git version: main dest: /var/lib/wifi-mqtt accept_hostkey: yes @@ -19,8 +19,8 @@ ansible.builtin.template: src: wifi-mqtt.service dest: /etc/systemd/system/wifi-mqtt.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart wifi-mqtt diff --git a/roles/www/tasks/calendar.yaml b/roles/www/tasks/calendar.yaml index 16c027e..8f42b06 100644 --- a/roles/www/tasks/calendar.yaml +++ b/roles/www/tasks/calendar.yaml @@ -5,7 +5,7 @@ - name: Clone source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/wiki-calendar-exporter.git + repo: https://github.com/bitlair/calendar-parser.git version: main dest: /usr/local/src/bitlair-calendar accept_hostkey: yes @@ -19,6 +19,6 @@ ansible.builtin.template: src: calendar.cron dest: /etc/cron.d/bitlair-calendar - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" diff --git a/roles/www/tasks/mediawiki.yaml b/roles/www/tasks/mediawiki.yaml index 2eb69f4..0508e32 100644 --- a/roles/www/tasks/mediawiki.yaml +++ b/roles/www/tasks/mediawiki.yaml @@ -9,7 +9,7 @@ ansible.builtin.template: src: security.txt dest: /opt/security.txt - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" diff --git a/roles/www/tasks/mqtt.yaml b/roles/www/tasks/mqtt.yaml index 63d1dee..ed097d6 100644 --- a/roles/www/tasks/mqtt.yaml +++ b/roles/www/tasks/mqtt.yaml @@ -24,9 +24,9 @@ ansible.builtin.template: src: mqtt2web.service dest: /etc/systemd/system/mqtt2web.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: - Daemon reload - Restart mqtt2web diff --git a/roles/www/tasks/spaceapi.yaml b/roles/www/tasks/spaceapi.yaml index e6b7954..1c5c3ec 100644 --- a/roles/www/tasks/spaceapi.yaml +++ b/roles/www/tasks/spaceapi.yaml @@ -1,7 +1,7 @@ --- - name: Clone spaceapi source ansible.builtin.git: - repo: https://git.bitlair.nl/bitlair/spaceapi.git + repo: https://github.com/bitlair/spaceapi.git version: main dest: /opt/spaceapi accept_hostkey: true @@ -11,8 +11,8 @@ ansible.builtin.template: src: spaceapi.service dest: /etc/systemd/system/spaceapi.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart spaceapi