bitlair/ansible
6
0
Fork 1
Code Issues Pull requests Activity Actions

Linting

Browse source
This commit is contained in:
Mark Janssen 2025-04-19 16:42:53 +02:00
parent d0cd352b4a
commit 77c1732623
Signed by: foobar
GPG key ID: D8674D8FC4F69BD2
31 changed files with 127 additions and 149 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
roles/acme/handlers/main.yaml
View file

@ -1,9 +1,5 @@
---
- name: update_contact_info
ansible.builtin.command:
cmd: dehydrated --account
- name: run dehydrated
ansible.builtin.command:
cmd: dehydrated --cron

39
roles/bank-terminal/tasks/main.yaml
View file

@ -4,11 +4,11 @@
block:
- name: Add user
ansible.builtin.user:
name: bank-terminal
home: /home/{{ bank_terminal_user }}
shell: /home/{{ bank_terminal_user }}/login
name: "bank-terminal"
home: "/home/{{ bank_terminal_user }}"
shell: "/home/{{ bank_terminal_user }}/login"
generate_ssh_key: yes
ssh_key_type: ed25519
ssh_key_type: "ed25519"
- name: Locate agetty
ansible.builtin.command:
@ -16,34 +16,35 @@
register: agetty_location_cmd
- name: Set agetty var
ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}"
ansible.builtin.set_fact:
agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
- name: Install login script
ansible.builtin.template:
src: login
dest: /home/{{ bank_terminal_user }}/login
owner: bank-terminal
group: bank-terminal
mode: 0755
src: "login"
dest: "/home/{{ bank_terminal_user }}/login"
owner: "bank-terminal"
group: "bank-terminal"
mode: "0755"
- name: Autologin User
ansible.builtin.template:
src: tty_autologin.conf
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
owner: root
group: root
mode: 0644
src: "tty_autologin.conf"
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
owner: "root"
group: "root"
mode: "0644"
notify: daemon_reload
- name: Clear MOTD
ansible.builtin.copy:
content: ""
dest: /etc/motd
dest: "/etc/motd"
# Set console font so the Revbank QR codes are rendered correctly.
- name: Console setup
ansible.builtin.lineinfile:
path: /etc/default/console-setup
path: "/etc/default/console-setup"
line: '{{ item.k }}="{{ item.v }}"'
regexp: "^#?{{ item.k }}"
with_items:
@ -56,8 +57,8 @@
- name: Console Setup Management Note
ansible.builtin.lineinfile:
path: /etc/default/console-setup
line: '# Managed by Ansible'
path: "/etc/default/console-setup"
line: "# Managed by Ansible"
insertafter: "CONFIGURATION FILE"
- name: Read pubkey

12
roles/bank/tasks/login.yaml
View file

@ -41,14 +41,14 @@
- name: Create getty dir
ansible.builtin.file:
path: /etc/systemd/system/getty@tty1.service.d
path: "/etc/systemd/system/getty@tty1.service.d"
state: directory
- name: Autologin User
ansible.builtin.template:
src: tty_autologin.conf
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
owner: root
group: root
mode: 0644
src: "tty_autologin.conf"
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
owner: "root"
group: "root"
mode: "0644"
notify: daemon reload

4
roles/bank/tasks/revbank-deposit.yaml
View file

@ -25,7 +25,7 @@
dest: /etc/revbank-deposit.conf
owner: root
group: root
mode: 0600
mode: "0600"
notify: Restart revbank-deposit
- name: Install revbank-deposit service
@ -34,7 +34,7 @@
dest: /etc/systemd/system/revbank-deposit.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: Restart revbank-deposit
- name: Start revbank-deposit

2
roles/bank/tasks/revbank.yaml
View file

@ -26,7 +26,7 @@
state: touch
owner: "{{ bank_user }}"
group: "{{ bank_user }}"
mode: 0644
mode: "0644"
with_items:
- revbank.accounts
- revbank.market

2
roles/common/tasks/debian-upgrade.yaml
View file

@ -6,7 +6,7 @@
dest: /etc/apt/sources.list
owner: root
group: root
mode: 0644
mode: "0644"
- name: Remove backports
ansible.builtin.file:

2
roles/common/tasks/main.yaml
View file

@ -30,7 +30,7 @@
ansible.builtin.template:
src: authorized_keys.j2
dest: /root/.ssh/authorized_keys
mode: 0600
mode: "0600"
when: root_access is defined and root_access
tags: authorized_keys

2
roles/common/tasks/network.yaml
View file

@ -30,7 +30,7 @@
dest: /etc/network/interfaces
owner: root
group: root
mode: 0644
mode: "0644"
when: network_br or network_dhcp or network_static
- ansible.builtin.meta: flush_handlers

51
roles/etherpad/tasks/main.yaml
View file

@ -19,20 +19,13 @@
- name: Install nodesource source list
ansible.builtin.template:
src: nodesource.list
dest: /etc/apt/sources.list.d/nodesource.list
owner: root
group: root
mode: 0644
notify: Apt update
- name: Install nodejs apt preference
ansible.builtin.template:
src: nodejs-apt-pref
dest: /etc/apt/preferences.d/nodejs
owner: root
group: root
mode: 0644
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner | default('root') }}"
group: "{{ item.group | default('root') }}"
with_items:
- { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" }
- { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" }
notify: Apt update
- ansible.builtin.meta: flush_handlers
@ -67,17 +60,17 @@
ansible.builtin.file:
path: /var/log/etherpad.log
state: touch
owner: etherpad
group: etherpad
mode: 0644
owner: "etherpad"
group: "etherpad"
mode: "0644"
- name: Create source directory
ansible.builtin.file:
path: /opt/etherpad
state: directory
owner: etherpad
group: etherpad
mode: 0755
owner: "etherpad"
group: "etherpad"
mode: "0755"
- name: Clone etherpad source
become: yes
@ -94,18 +87,18 @@
ansible.builtin.template:
src: settings.json
dest: /opt/etherpad/settings.json
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart etherpad
- name: Install etherpad service
ansible.builtin.template:
src: etherpad.service
dest: /etc/systemd/system/etherpad.service
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart etherpad
- name: Start etherpad
@ -119,8 +112,8 @@
ansible.builtin.template:
src: nginx-site.conf
dest: /etc/nginx/sites-enabled/etherpad
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Reload nginx

6
roles/git-ci/tasks/main.yaml
View file

@ -8,7 +8,7 @@
ansible.builtin.get_url:
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64"
dest: /usr/local/bin/forgejo-runner
mode: 0755
mode: "0755"
notify: restart forgejo-runner
- name: Create runner dir
@ -17,7 +17,7 @@
path: "{{ runner_wd }}"
owner: root
group: root
mode: 0755
mode: "0755"
- name: Register runner
ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
@ -31,7 +31,7 @@
dest: /etc/systemd/system/forgejo-runner.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: restart forgejo-runner
- name: Enable service

8
roles/git-server/tasks/main.yaml
View file

@ -13,7 +13,7 @@
dest: /etc/nginx/sites-available/forgejo
owner: root
group: root
mode: 0644
mode: "0644"
notify: Reload nginx
- name: Enable nginx site
@ -36,7 +36,7 @@
path: /var/log/forgejo
owner: "{{ git_server_user }}"
group: "{{ git_server_user }}"
mode: 0755
mode: "0755"
# TODO: Install initial config
@ -46,7 +46,7 @@
dest: /etc/systemd/system/forgejo.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: Reload forgejo
- name: Install update script
@ -55,7 +55,7 @@
dest: "{{ git_server_working_dir }}/update.sh"
owner: "{{ git_server_user }}"
group: "{{ git_server_user }}"
mode: 0755
mode: "0755"
- name: Perform initial update
ansible.builtin.command: "{{ git_server_working_dir }}/update.sh"

10
roles/go/tasks/main.yaml
View file

@ -48,17 +48,17 @@
src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz
dest: /usr/local
remote_src: yes
owner: root
group: root
owner: "root"
group: "root"
when: go_installed_version != go_latest_version
- name: Configure Go environment
ansible.builtin.template:
src: go.profile
dest: /etc/profile.d/go.sh
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
- name: Link go binary
ansible.builtin.file:

12
roles/monitoring/tasks/grafana.yaml
View file

@ -21,9 +21,9 @@
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: restart grafana
with_items:
- { src: grafana.ini, dest: /etc/grafana/grafana.ini }
@ -33,9 +33,9 @@
ansible.builtin.template:
src: grafana-data-source.yml
dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml"
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: restart grafana
with_items:
- name: Prometheus

6
roles/monitoring/tasks/main.yaml
View file

@ -4,9 +4,9 @@
ansible.builtin.template:
src: nginx-site.conf
dest: /etc/nginx/sites-available/monitoring
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Reload nginx
- name: Enable nginx site

4
roles/monitoring/tasks/mqtt_exporter.yaml
View file

@ -22,7 +22,7 @@
dest: /etc/systemd/system/mqtt_exporter.service
owner: root
group: root
mode: 0644
mode: "0644"
notify:
- Daemon reload
- restart mqtt_exporter
@ -33,7 +33,7 @@
dest: /etc/mqtt_exporter.yaml
owner: root
group: root
mode: 0644
mode: "0644"
notify:
- Daemon reload
- restart mqtt_exporter

6
roles/monitoring/tasks/prometheus.yaml
View file

@ -7,9 +7,9 @@
ansible.builtin.template:
src: prometheus.yml
dest: "{{ prometheus_config_dir }}/prometheus.yml"
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: restart prometheus
- name: Configure Prometheus args

6
roles/mqtt/tasks/main.yaml
View file

@ -16,9 +16,9 @@
ansible.builtin.template:
src: "{{ item }}"
dest: "/etc/mosquitto/conf.d/{{ item }}"
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: restart mosquitto
with_items:
- bambulab.conf

6
roles/music/tasks/librespot.yaml
View file

@ -18,9 +18,9 @@
ansible.builtin.template:
src: librespot.service
dest: /etc/systemd/system/librespot.service
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart librespot
- name: Enable Librespot

6
roles/music/tasks/main.yaml
View file

@ -28,7 +28,7 @@
ansible.builtin.template:
src: nginx-site.conf
dest: /etc/nginx/sites-enabled/trollibox
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Reload nginx

18
roles/music/tasks/mpd.yaml
View file

@ -13,18 +13,18 @@
ansible.builtin.template:
src: mpd-volume-to-mqtt.sh
dest: /opt/mpd-volume-to-mqtt.sh
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart mpd-volume-to-mqtt
- name: Install mpd-volume-to-mqtt service
ansible.builtin.template:
src: mpd-volume-to-mqtt.service
dest: /etc/systemd/system/mpd-volume-to-mqtt.service
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart mpd-volume-to-mqtt
- name: Enable mpd-volume-to-mqtt
@ -46,9 +46,9 @@
ansible.builtin.template:
src: skipbutton.service
dest: /etc/systemd/system/skipbutton.service
owner: root
group: root
mode: 0644
owner: "root"
group: "root"
mode: "0644"
notify: Restart skipbutton
- name: Enable skipbutton

4
roles/music/tasks/soundboard.yaml
View file

@ -30,7 +30,7 @@
dest: /etc/soundboard.yaml
owner: root
group: root
mode: 0644
mode: "0644"
notify: Restart soundboard
- name: Install soundboard service file
@ -39,7 +39,7 @@
dest: /etc/systemd/system/soundboard.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: Restart soundboard
- name: Enable soundboard

32
roles/photos/tasks/bambulab-fetch.yaml
View file

@ -5,28 +5,16 @@
- name: Install fetch script
ansible.builtin.template:
src: bambulab-fetch.sh
dest: /opt/bambulab-fetch.sh
owner: root
group: root
mode: 0755
- name: Install service
ansible.builtin.template:
src: bambulab-fetch.service
dest: /etc/systemd/system/bambulab-fetch.service
owner: root
group: root
mode: 0644
notify: daemon reload
- name: Install timer
ansible.builtin.template:
src: bambulab-fetch.timer
dest: /etc/systemd/system/bambulab-fetch.timer
owner: root
group: root
mode: 0644
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner | default('root') }}"
group: "{{ item.group | default('root') }}"
mode: "{{ item.mode | default('0644') }}"
force: "{{ item.force | default('yes') }}"
with_items:
- { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" }
- { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" }
- { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" }
notify: daemon reload
- name: Enable timer

4
roles/photos/tasks/photo-gallery.yaml
View file

@ -17,7 +17,7 @@
dest: /opt/photo-gallery/config.json
owner: root
group: root
mode: 0644
mode: "0644"
notify: restart photo-gallery
- name: Install photo-gallery service file
@ -26,7 +26,7 @@
dest: /etc/systemd/system/photo-gallery.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: restart photo-gallery
- name: Start photo-gallery

4
roles/photos/tasks/photos2mqtt.yaml
View file

@ -16,7 +16,7 @@
dest: /opt/photos2mqtt.pl
owner: root
group: root
mode: 0755
mode: "0755"
notify: restart photos2mqtt
- name: Install photos2mqtt service file
@ -25,7 +25,7 @@
dest: /etc/systemd/system/photos2mqtt.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: restart photos2mqtt
- name: Start photos2mqtt

10
roles/services/tasks/ircbot.yaml
View file

@ -20,7 +20,7 @@
dest: /etc/systemd/system/irc-bot.service
owner: root
group: root
mode: 0644
mode: "0644"
vars:
description: Bitlair IRC bot
exec: /bin/bash /var/lib/irc-bot/irc-bot
@ -44,7 +44,7 @@
dest: /var/lib/irc-helpers/photos.sh
owner: root
group: root
mode: 0755
mode: "0755"
notify: Restart irc-photos
- name: Install photos notification service
@ -53,7 +53,7 @@
dest: /etc/systemd/system/irc-photos.service
owner: root
group: root
mode: 0644
mode: "0644"
vars:
description: Bitlair IRC photos notification
requires: irc-bot.service
@ -73,7 +73,7 @@
dest: /var/lib/irc-helpers/doorduino.sh
owner: root
group: root
mode: 0755
mode: "0755"
notify: Restart irc-doorduino
- name: Install doorduino notification service
@ -82,7 +82,7 @@
dest: /etc/systemd/system/irc-doorduino.service
owner: root
group: root
mode: 0644
mode: "0644"
vars:
description: Bitlair IRC doorduino notification
requires: irc-bot.service

4
roles/services/tasks/mastodon_spacestate.yaml
View file

@ -20,7 +20,7 @@
dest: /var/lib/mastodon-spacestate/config.py
owner: root
group: root
mode: 0655
mode: "0655"
notify: Restart mastodon-spacestate
- name: Install service file
@ -29,7 +29,7 @@
dest: /etc/systemd/system/mastodon-spacestate.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: Restart mastodon-spacestate
- name: Start mastodon-spacestate

4
roles/services/tasks/power_mqtt.yaml
View file

@ -9,7 +9,7 @@
dest: /var/lib/power-mqtt.py
owner: root
group: root
mode: 0755
mode: "0755"
notify: Restart power-mqtt
- name: Remove old service
@ -23,7 +23,7 @@
dest: /etc/systemd/system/power-mqtt@.service
owner: root
group: root
mode: 0644
mode: "0644"
vars:
description: "SMD630 to MQTT Probe"
exec: "/var/lib/power-mqtt.py %i"

2
roles/services/tasks/spacestated.yaml
View file

@ -34,7 +34,7 @@
dest: /etc/systemd/system/spacestated.service
owner: root
group: root
mode: 0644
mode: "0644"
notify: Restart spacestated
- name: Start spacestated

2
roles/www/tasks/calendar.yaml
View file

@ -21,4 +21,4 @@
dest: /etc/cron.d/bitlair-calendar
owner: root
group: root
mode: 0644
mode: "0644"

2
roles/www/tasks/mediawiki.yaml
View file

@ -11,5 +11,5 @@
dest: /opt/security.txt
owner: root
group: root
mode: 0644
mode: "0644"

2
roles/www/tasks/mqtt.yaml
View file

@ -26,7 +26,7 @@
dest: /etc/systemd/system/mqtt2web.service
owner: root
group: root
mode: 0644
mode: "0644"
notify:
- Daemon reload
- Restart mqtt2web