From d0cd352b4ab03e697d92d350a00bfcc1749a1e6f Mon Sep 17 00:00:00 2001 From: Mark Janssen Date: Sat, 19 Apr 2025 16:24:47 +0200 Subject: [PATCH 1/3] Linting --- .ansible-lint | 14 ++++++++++++++ .gitignore | 3 +++ .yamllint.yaml | 5 +++++ bitlair.yaml | 39 ++++++++++++++++++++++++++------------- lint.sh | 1 + 5 files changed, 49 insertions(+), 13 deletions(-) create mode 100644 .ansible-lint create mode 100644 .gitignore diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..c6123e8 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,14 @@ +#warn_list: # or 'skip_list' to silence them completely +skip_list: + - experimental + - var-naming[no-role-prefix] + - name +warn_list: + - '204' # Lines should be no longer than 160 chars + - no-handler + - ignore-errors + - fqcn-builtins + - fqcn + - partial-become[task] + - template-instead-of-copy +offline: true diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..781c027 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.password-store +.gitignore +.envrc diff --git a/.yamllint.yaml b/.yamllint.yaml index d932357..2d3284c 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -15,3 +15,8 @@ rules: max-spaces-after: -1 commas: max-spaces-after: -1 + comments: + min-spaces-from-content: 1 + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/bitlair.yaml b/bitlair.yaml index 48db717..d09757f 100644 --- a/bitlair.yaml +++ b/bitlair.yaml @@ -1,66 +1,79 @@ --- -- hosts: all +- name: common + hosts: all gather_facts: true roles: - { role: "common", tags: ["common"] } - { role: "nft", tags: ["nft"] } -- hosts: bank +- name: bank + hosts: bank roles: - { role: "bank", tags: ["bank"] } -- hosts: homeassistant +- name: homeassistant + hosts: homeassistant roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } -- hosts: raspi +- name: raspi + hosts: raspi roles: - { role: "raspi", tags: ["raspi"] } - { role: "bank-terminal", tags: ["bank-terminal"] } -- hosts: fotos +- name: fotos + hosts: fotos roles: - { role: "photos", tags: ["photos"] } -- hosts: git-ci +- name: CI + hosts: git-ci roles: - { role: "git-ci", tags: ["git-ci"] } -- hosts: git +- name: git + hosts: git roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "git-server", tags: ["git-server"] } -- hosts: monitoring +- name: monitoring + hosts: monitoring roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "monitoring", tags: ["monitoring"] } -- hosts: mqtt +- name: mqtt + hosts: mqtt roles: - { role: "mqtt", tags: ["mqtt"] } -- hosts: music +- name: music + hosts: music roles: - { role: "acme", tags: ["acme"] } - { role: "go", tags: ["go"] } - { role: "music", tags: ["music"] } -- hosts: pad +- name: pad + hosts: pad roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "etherpad", tags: ["etherpad"] } -- hosts: services +- name: services + hosts: services roles: - { role: "services", tags: ["services"] } -- hosts: wiki +- name: wiki + hosts: wiki roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } diff --git a/lint.sh b/lint.sh index bc0183d..296c955 100755 --- a/lint.sh +++ b/lint.sh @@ -1,5 +1,6 @@ #!/bin/bash j2lint `find ./ -type f -name '*.j2'` +yamllint -c .yamllint.yaml . ansible-lint bitlair.yaml From 77c1732623b70f36da401240c9fe33329d198fd1 Mon Sep 17 00:00:00 2001 From: Mark Janssen Date: Sat, 19 Apr 2025 16:42:53 +0200 Subject: [PATCH 2/3] Linting --- roles/acme/handlers/main.yaml | 4 -- roles/bank-terminal/tasks/main.yaml | 39 +++++++------- roles/bank/tasks/login.yaml | 12 ++--- roles/bank/tasks/revbank-deposit.yaml | 4 +- roles/bank/tasks/revbank.yaml | 2 +- roles/common/tasks/debian-upgrade.yaml | 2 +- roles/common/tasks/main.yaml | 2 +- roles/common/tasks/network.yaml | 2 +- roles/etherpad/tasks/main.yaml | 51 ++++++++----------- roles/git-ci/tasks/main.yaml | 6 +-- roles/git-server/tasks/main.yaml | 8 +-- roles/go/tasks/main.yaml | 10 ++-- roles/monitoring/tasks/grafana.yaml | 12 ++--- roles/monitoring/tasks/main.yaml | 6 +-- roles/monitoring/tasks/mqtt_exporter.yaml | 4 +- roles/monitoring/tasks/prometheus.yaml | 6 +-- roles/mqtt/tasks/main.yaml | 6 +-- roles/music/tasks/librespot.yaml | 6 +-- roles/music/tasks/main.yaml | 6 +-- roles/music/tasks/mpd.yaml | 18 +++---- roles/music/tasks/soundboard.yaml | 4 +- roles/photos/tasks/bambulab-fetch.yaml | 32 ++++-------- roles/photos/tasks/photo-gallery.yaml | 4 +- roles/photos/tasks/photos2mqtt.yaml | 4 +- roles/services/tasks/ircbot.yaml | 10 ++-- roles/services/tasks/mastodon_spacestate.yaml | 4 +- roles/services/tasks/power_mqtt.yaml | 4 +- roles/services/tasks/spacestated.yaml | 2 +- roles/www/tasks/calendar.yaml | 2 +- roles/www/tasks/mediawiki.yaml | 2 +- roles/www/tasks/mqtt.yaml | 2 +- 31 files changed, 127 insertions(+), 149 deletions(-) diff --git a/roles/acme/handlers/main.yaml b/roles/acme/handlers/main.yaml index 7ff2509..3b4b5d1 100644 --- a/roles/acme/handlers/main.yaml +++ b/roles/acme/handlers/main.yaml @@ -1,9 +1,5 @@ --- -- name: update_contact_info - ansible.builtin.command: - cmd: dehydrated --account - - name: run dehydrated ansible.builtin.command: cmd: dehydrated --cron diff --git a/roles/bank-terminal/tasks/main.yaml b/roles/bank-terminal/tasks/main.yaml index 7a01ccb..d035da3 100644 --- a/roles/bank-terminal/tasks/main.yaml +++ b/roles/bank-terminal/tasks/main.yaml @@ -4,11 +4,11 @@ block: - name: Add user ansible.builtin.user: - name: bank-terminal - home: /home/{{ bank_terminal_user }} - shell: /home/{{ bank_terminal_user }}/login + name: "bank-terminal" + home: "/home/{{ bank_terminal_user }}" + shell: "/home/{{ bank_terminal_user }}/login" generate_ssh_key: yes - ssh_key_type: ed25519 + ssh_key_type: "ed25519" - name: Locate agetty ansible.builtin.command: @@ -16,34 +16,35 @@ register: agetty_location_cmd - name: Set agetty var - ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}" + ansible.builtin.set_fact: + agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}" - name: Install login script ansible.builtin.template: - src: login - dest: /home/{{ bank_terminal_user }}/login - owner: bank-terminal - group: bank-terminal - mode: 0755 + src: "login" + dest: "/home/{{ bank_terminal_user }}/login" + owner: "bank-terminal" + group: "bank-terminal" + mode: "0755" - name: Autologin User ansible.builtin.template: - src: tty_autologin.conf - dest: /etc/systemd/system/getty@tty1.service.d/override.conf - owner: root - group: root - mode: 0644 + src: "tty_autologin.conf" + dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" + owner: "root" + group: "root" + mode: "0644" notify: daemon_reload - name: Clear MOTD ansible.builtin.copy: content: "" - dest: /etc/motd + dest: "/etc/motd" # Set console font so the Revbank QR codes are rendered correctly. - name: Console setup ansible.builtin.lineinfile: - path: /etc/default/console-setup + path: "/etc/default/console-setup" line: '{{ item.k }}="{{ item.v }}"' regexp: "^#?{{ item.k }}" with_items: @@ -56,8 +57,8 @@ - name: Console Setup Management Note ansible.builtin.lineinfile: - path: /etc/default/console-setup - line: '# Managed by Ansible' + path: "/etc/default/console-setup" + line: "# Managed by Ansible" insertafter: "CONFIGURATION FILE" - name: Read pubkey diff --git a/roles/bank/tasks/login.yaml b/roles/bank/tasks/login.yaml index 7ed568e..029f826 100644 --- a/roles/bank/tasks/login.yaml +++ b/roles/bank/tasks/login.yaml @@ -41,14 +41,14 @@ - name: Create getty dir ansible.builtin.file: - path: /etc/systemd/system/getty@tty1.service.d + path: "/etc/systemd/system/getty@tty1.service.d" state: directory - name: Autologin User ansible.builtin.template: - src: tty_autologin.conf - dest: /etc/systemd/system/getty@tty1.service.d/override.conf - owner: root - group: root - mode: 0644 + src: "tty_autologin.conf" + dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" + owner: "root" + group: "root" + mode: "0644" notify: daemon reload diff --git a/roles/bank/tasks/revbank-deposit.yaml b/roles/bank/tasks/revbank-deposit.yaml index 1190a53..672ba24 100644 --- a/roles/bank/tasks/revbank-deposit.yaml +++ b/roles/bank/tasks/revbank-deposit.yaml @@ -25,7 +25,7 @@ dest: /etc/revbank-deposit.conf owner: root group: root - mode: 0600 + mode: "0600" notify: Restart revbank-deposit - name: Install revbank-deposit service @@ -34,7 +34,7 @@ dest: /etc/systemd/system/revbank-deposit.service owner: root group: root - mode: 0644 + mode: "0644" notify: Restart revbank-deposit - name: Start revbank-deposit diff --git a/roles/bank/tasks/revbank.yaml b/roles/bank/tasks/revbank.yaml index ec283d1..9ffb91c 100644 --- a/roles/bank/tasks/revbank.yaml +++ b/roles/bank/tasks/revbank.yaml @@ -26,7 +26,7 @@ state: touch owner: "{{ bank_user }}" group: "{{ bank_user }}" - mode: 0644 + mode: "0644" with_items: - revbank.accounts - revbank.market diff --git a/roles/common/tasks/debian-upgrade.yaml b/roles/common/tasks/debian-upgrade.yaml index f986713..426a499 100644 --- a/roles/common/tasks/debian-upgrade.yaml +++ b/roles/common/tasks/debian-upgrade.yaml @@ -6,7 +6,7 @@ dest: /etc/apt/sources.list owner: root group: root - mode: 0644 + mode: "0644" - name: Remove backports ansible.builtin.file: diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml index 29f7744..4f82e2f 100644 --- a/roles/common/tasks/main.yaml +++ b/roles/common/tasks/main.yaml @@ -30,7 +30,7 @@ ansible.builtin.template: src: authorized_keys.j2 dest: /root/.ssh/authorized_keys - mode: 0600 + mode: "0600" when: root_access is defined and root_access tags: authorized_keys diff --git a/roles/common/tasks/network.yaml b/roles/common/tasks/network.yaml index 7e2a75b..63efa5a 100644 --- a/roles/common/tasks/network.yaml +++ b/roles/common/tasks/network.yaml @@ -30,7 +30,7 @@ dest: /etc/network/interfaces owner: root group: root - mode: 0644 + mode: "0644" when: network_br or network_dhcp or network_static - ansible.builtin.meta: flush_handlers diff --git a/roles/etherpad/tasks/main.yaml b/roles/etherpad/tasks/main.yaml index 0f4beb5..c7b1521 100644 --- a/roles/etherpad/tasks/main.yaml +++ b/roles/etherpad/tasks/main.yaml @@ -19,20 +19,13 @@ - name: Install nodesource source list ansible.builtin.template: - src: nodesource.list - dest: /etc/apt/sources.list.d/nodesource.list - owner: root - group: root - mode: 0644 - notify: Apt update - -- name: Install nodejs apt preference - ansible.builtin.template: - src: nodejs-apt-pref - dest: /etc/apt/preferences.d/nodejs - owner: root - group: root - mode: 0644 + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default('root') }}" + group: "{{ item.group | default('root') }}" + with_items: + - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" } + - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" } notify: Apt update - ansible.builtin.meta: flush_handlers @@ -67,17 +60,17 @@ ansible.builtin.file: path: /var/log/etherpad.log state: touch - owner: etherpad - group: etherpad - mode: 0644 + owner: "etherpad" + group: "etherpad" + mode: "0644" - name: Create source directory ansible.builtin.file: path: /opt/etherpad state: directory - owner: etherpad - group: etherpad - mode: 0755 + owner: "etherpad" + group: "etherpad" + mode: "0755" - name: Clone etherpad source become: yes @@ -94,18 +87,18 @@ ansible.builtin.template: src: settings.json dest: /opt/etherpad/settings.json - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart etherpad - name: Install etherpad service ansible.builtin.template: src: etherpad.service dest: /etc/systemd/system/etherpad.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart etherpad - name: Start etherpad @@ -119,8 +112,8 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/etherpad - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx diff --git a/roles/git-ci/tasks/main.yaml b/roles/git-ci/tasks/main.yaml index d677a61..d4e3a19 100644 --- a/roles/git-ci/tasks/main.yaml +++ b/roles/git-ci/tasks/main.yaml @@ -8,7 +8,7 @@ ansible.builtin.get_url: url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64" dest: /usr/local/bin/forgejo-runner - mode: 0755 + mode: "0755" notify: restart forgejo-runner - name: Create runner dir @@ -17,7 +17,7 @@ path: "{{ runner_wd }}" owner: root group: root - mode: 0755 + mode: "0755" - name: Register runner ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}" @@ -31,7 +31,7 @@ dest: /etc/systemd/system/forgejo-runner.service owner: root group: root - mode: 0644 + mode: "0644" notify: restart forgejo-runner - name: Enable service diff --git a/roles/git-server/tasks/main.yaml b/roles/git-server/tasks/main.yaml index 5104ef5..570406b 100644 --- a/roles/git-server/tasks/main.yaml +++ b/roles/git-server/tasks/main.yaml @@ -13,7 +13,7 @@ dest: /etc/nginx/sites-available/forgejo owner: root group: root - mode: 0644 + mode: "0644" notify: Reload nginx - name: Enable nginx site @@ -36,7 +36,7 @@ path: /var/log/forgejo owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: 0755 + mode: "0755" # TODO: Install initial config @@ -46,7 +46,7 @@ dest: /etc/systemd/system/forgejo.service owner: root group: root - mode: 0644 + mode: "0644" notify: Reload forgejo - name: Install update script @@ -55,7 +55,7 @@ dest: "{{ git_server_working_dir }}/update.sh" owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: 0755 + mode: "0755" - name: Perform initial update ansible.builtin.command: "{{ git_server_working_dir }}/update.sh" diff --git a/roles/go/tasks/main.yaml b/roles/go/tasks/main.yaml index ab16901..ebd93c7 100644 --- a/roles/go/tasks/main.yaml +++ b/roles/go/tasks/main.yaml @@ -48,17 +48,17 @@ src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz dest: /usr/local remote_src: yes - owner: root - group: root + owner: "root" + group: "root" when: go_installed_version != go_latest_version - name: Configure Go environment ansible.builtin.template: src: go.profile dest: /etc/profile.d/go.sh - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" - name: Link go binary ansible.builtin.file: diff --git a/roles/monitoring/tasks/grafana.yaml b/roles/monitoring/tasks/grafana.yaml index 3e09b8f..974551b 100644 --- a/roles/monitoring/tasks/grafana.yaml +++ b/roles/monitoring/tasks/grafana.yaml @@ -21,9 +21,9 @@ ansible.builtin.template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart grafana with_items: - { src: grafana.ini, dest: /etc/grafana/grafana.ini } @@ -33,9 +33,9 @@ ansible.builtin.template: src: grafana-data-source.yml dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart grafana with_items: - name: Prometheus diff --git a/roles/monitoring/tasks/main.yaml b/roles/monitoring/tasks/main.yaml index 2017d5b..a2878a7 100644 --- a/roles/monitoring/tasks/main.yaml +++ b/roles/monitoring/tasks/main.yaml @@ -4,9 +4,9 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/monitoring - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx - name: Enable nginx site diff --git a/roles/monitoring/tasks/mqtt_exporter.yaml b/roles/monitoring/tasks/mqtt_exporter.yaml index 0ae5d07..635c263 100644 --- a/roles/monitoring/tasks/mqtt_exporter.yaml +++ b/roles/monitoring/tasks/mqtt_exporter.yaml @@ -22,7 +22,7 @@ dest: /etc/systemd/system/mqtt_exporter.service owner: root group: root - mode: 0644 + mode: "0644" notify: - Daemon reload - restart mqtt_exporter @@ -33,7 +33,7 @@ dest: /etc/mqtt_exporter.yaml owner: root group: root - mode: 0644 + mode: "0644" notify: - Daemon reload - restart mqtt_exporter diff --git a/roles/monitoring/tasks/prometheus.yaml b/roles/monitoring/tasks/prometheus.yaml index 30522b5..3c86a0f 100644 --- a/roles/monitoring/tasks/prometheus.yaml +++ b/roles/monitoring/tasks/prometheus.yaml @@ -7,9 +7,9 @@ ansible.builtin.template: src: prometheus.yml dest: "{{ prometheus_config_dir }}/prometheus.yml" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart prometheus - name: Configure Prometheus args diff --git a/roles/mqtt/tasks/main.yaml b/roles/mqtt/tasks/main.yaml index 498f49c..727cca3 100644 --- a/roles/mqtt/tasks/main.yaml +++ b/roles/mqtt/tasks/main.yaml @@ -16,9 +16,9 @@ ansible.builtin.template: src: "{{ item }}" dest: "/etc/mosquitto/conf.d/{{ item }}" - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: restart mosquitto with_items: - bambulab.conf diff --git a/roles/music/tasks/librespot.yaml b/roles/music/tasks/librespot.yaml index 2a8d19b..8b7ea51 100644 --- a/roles/music/tasks/librespot.yaml +++ b/roles/music/tasks/librespot.yaml @@ -18,9 +18,9 @@ ansible.builtin.template: src: librespot.service dest: /etc/systemd/system/librespot.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart librespot - name: Enable Librespot diff --git a/roles/music/tasks/main.yaml b/roles/music/tasks/main.yaml index e8a751c..c57393f 100644 --- a/roles/music/tasks/main.yaml +++ b/roles/music/tasks/main.yaml @@ -28,7 +28,7 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/trollibox - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Reload nginx diff --git a/roles/music/tasks/mpd.yaml b/roles/music/tasks/mpd.yaml index eb88133..3e7abeb 100644 --- a/roles/music/tasks/mpd.yaml +++ b/roles/music/tasks/mpd.yaml @@ -13,18 +13,18 @@ ansible.builtin.template: src: mpd-volume-to-mqtt.sh dest: /opt/mpd-volume-to-mqtt.sh - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart mpd-volume-to-mqtt - name: Install mpd-volume-to-mqtt service ansible.builtin.template: src: mpd-volume-to-mqtt.service dest: /etc/systemd/system/mpd-volume-to-mqtt.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart mpd-volume-to-mqtt - name: Enable mpd-volume-to-mqtt @@ -46,9 +46,9 @@ ansible.builtin.template: src: skipbutton.service dest: /etc/systemd/system/skipbutton.service - owner: root - group: root - mode: 0644 + owner: "root" + group: "root" + mode: "0644" notify: Restart skipbutton - name: Enable skipbutton diff --git a/roles/music/tasks/soundboard.yaml b/roles/music/tasks/soundboard.yaml index a0ea558..6601611 100644 --- a/roles/music/tasks/soundboard.yaml +++ b/roles/music/tasks/soundboard.yaml @@ -30,7 +30,7 @@ dest: /etc/soundboard.yaml owner: root group: root - mode: 0644 + mode: "0644" notify: Restart soundboard - name: Install soundboard service file @@ -39,7 +39,7 @@ dest: /etc/systemd/system/soundboard.service owner: root group: root - mode: 0644 + mode: "0644" notify: Restart soundboard - name: Enable soundboard diff --git a/roles/photos/tasks/bambulab-fetch.yaml b/roles/photos/tasks/bambulab-fetch.yaml index b050af9..dfcf3b5 100644 --- a/roles/photos/tasks/bambulab-fetch.yaml +++ b/roles/photos/tasks/bambulab-fetch.yaml @@ -5,28 +5,16 @@ - name: Install fetch script ansible.builtin.template: - src: bambulab-fetch.sh - dest: /opt/bambulab-fetch.sh - owner: root - group: root - mode: 0755 - -- name: Install service - ansible.builtin.template: - src: bambulab-fetch.service - dest: /etc/systemd/system/bambulab-fetch.service - owner: root - group: root - mode: 0644 - notify: daemon reload - -- name: Install timer - ansible.builtin.template: - src: bambulab-fetch.timer - dest: /etc/systemd/system/bambulab-fetch.timer - owner: root - group: root - mode: 0644 + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default('root') }}" + group: "{{ item.group | default('root') }}" + mode: "{{ item.mode | default('0644') }}" + force: "{{ item.force | default('yes') }}" + with_items: + - { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" } + - { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" } + - { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" } notify: daemon reload - name: Enable timer diff --git a/roles/photos/tasks/photo-gallery.yaml b/roles/photos/tasks/photo-gallery.yaml index 5a6cfff..3f6df3d 100644 --- a/roles/photos/tasks/photo-gallery.yaml +++ b/roles/photos/tasks/photo-gallery.yaml @@ -17,7 +17,7 @@ dest: /opt/photo-gallery/config.json owner: root group: root - mode: 0644 + mode: "0644" notify: restart photo-gallery - name: Install photo-gallery service file @@ -26,7 +26,7 @@ dest: /etc/systemd/system/photo-gallery.service owner: root group: root - mode: 0644 + mode: "0644" notify: restart photo-gallery - name: Start photo-gallery diff --git a/roles/photos/tasks/photos2mqtt.yaml b/roles/photos/tasks/photos2mqtt.yaml index d9f2e05..cad0605 100644 --- a/roles/photos/tasks/photos2mqtt.yaml +++ b/roles/photos/tasks/photos2mqtt.yaml @@ -16,7 +16,7 @@ dest: /opt/photos2mqtt.pl owner: root group: root - mode: 0755 + mode: "0755" notify: restart photos2mqtt - name: Install photos2mqtt service file @@ -25,7 +25,7 @@ dest: /etc/systemd/system/photos2mqtt.service owner: root group: root - mode: 0644 + mode: "0644" notify: restart photos2mqtt - name: Start photos2mqtt diff --git a/roles/services/tasks/ircbot.yaml b/roles/services/tasks/ircbot.yaml index e635302..90d60c8 100644 --- a/roles/services/tasks/ircbot.yaml +++ b/roles/services/tasks/ircbot.yaml @@ -20,7 +20,7 @@ dest: /etc/systemd/system/irc-bot.service owner: root group: root - mode: 0644 + mode: "0644" vars: description: Bitlair IRC bot exec: /bin/bash /var/lib/irc-bot/irc-bot @@ -44,7 +44,7 @@ dest: /var/lib/irc-helpers/photos.sh owner: root group: root - mode: 0755 + mode: "0755" notify: Restart irc-photos - name: Install photos notification service @@ -53,7 +53,7 @@ dest: /etc/systemd/system/irc-photos.service owner: root group: root - mode: 0644 + mode: "0644" vars: description: Bitlair IRC photos notification requires: irc-bot.service @@ -73,7 +73,7 @@ dest: /var/lib/irc-helpers/doorduino.sh owner: root group: root - mode: 0755 + mode: "0755" notify: Restart irc-doorduino - name: Install doorduino notification service @@ -82,7 +82,7 @@ dest: /etc/systemd/system/irc-doorduino.service owner: root group: root - mode: 0644 + mode: "0644" vars: description: Bitlair IRC doorduino notification requires: irc-bot.service diff --git a/roles/services/tasks/mastodon_spacestate.yaml b/roles/services/tasks/mastodon_spacestate.yaml index 53f979e..a64d353 100644 --- a/roles/services/tasks/mastodon_spacestate.yaml +++ b/roles/services/tasks/mastodon_spacestate.yaml @@ -20,7 +20,7 @@ dest: /var/lib/mastodon-spacestate/config.py owner: root group: root - mode: 0655 + mode: "0655" notify: Restart mastodon-spacestate - name: Install service file @@ -29,7 +29,7 @@ dest: /etc/systemd/system/mastodon-spacestate.service owner: root group: root - mode: 0644 + mode: "0644" notify: Restart mastodon-spacestate - name: Start mastodon-spacestate diff --git a/roles/services/tasks/power_mqtt.yaml b/roles/services/tasks/power_mqtt.yaml index 5c18589..fe442b6 100644 --- a/roles/services/tasks/power_mqtt.yaml +++ b/roles/services/tasks/power_mqtt.yaml @@ -9,7 +9,7 @@ dest: /var/lib/power-mqtt.py owner: root group: root - mode: 0755 + mode: "0755" notify: Restart power-mqtt - name: Remove old service @@ -23,7 +23,7 @@ dest: /etc/systemd/system/power-mqtt@.service owner: root group: root - mode: 0644 + mode: "0644" vars: description: "SMD630 to MQTT Probe" exec: "/var/lib/power-mqtt.py %i" diff --git a/roles/services/tasks/spacestated.yaml b/roles/services/tasks/spacestated.yaml index 92a0ace..363397e 100644 --- a/roles/services/tasks/spacestated.yaml +++ b/roles/services/tasks/spacestated.yaml @@ -34,7 +34,7 @@ dest: /etc/systemd/system/spacestated.service owner: root group: root - mode: 0644 + mode: "0644" notify: Restart spacestated - name: Start spacestated diff --git a/roles/www/tasks/calendar.yaml b/roles/www/tasks/calendar.yaml index f6513a8..c034d81 100644 --- a/roles/www/tasks/calendar.yaml +++ b/roles/www/tasks/calendar.yaml @@ -21,4 +21,4 @@ dest: /etc/cron.d/bitlair-calendar owner: root group: root - mode: 0644 + mode: "0644" diff --git a/roles/www/tasks/mediawiki.yaml b/roles/www/tasks/mediawiki.yaml index 2eb69f4..de77057 100644 --- a/roles/www/tasks/mediawiki.yaml +++ b/roles/www/tasks/mediawiki.yaml @@ -11,5 +11,5 @@ dest: /opt/security.txt owner: root group: root - mode: 0644 + mode: "0644" diff --git a/roles/www/tasks/mqtt.yaml b/roles/www/tasks/mqtt.yaml index 63d1dee..10cc736 100644 --- a/roles/www/tasks/mqtt.yaml +++ b/roles/www/tasks/mqtt.yaml @@ -26,7 +26,7 @@ dest: /etc/systemd/system/mqtt2web.service owner: root group: root - mode: 0644 + mode: "0644" notify: - Daemon reload - Restart mqtt2web From a30d388422ddd53f70dbe265d6eda830a55cc066 Mon Sep 17 00:00:00 2001 From: Mark Janssen Date: Sat, 19 Apr 2025 16:45:08 +0200 Subject: [PATCH 3/3] Owner/group strings --- roles/bank/tasks/revbank-deposit.yaml | 10 +++++----- roles/common/tasks/debian-upgrade.yaml | 4 ++-- roles/common/tasks/network.yaml | 4 ++-- roles/git-ci/tasks/main.yaml | 8 ++++---- roles/git-server/tasks/main.yaml | 8 ++++---- roles/monitoring/tasks/mqtt_exporter.yaml | 8 ++++---- roles/music/tasks/soundboard.yaml | 8 ++++---- roles/music/tasks/trollibox.yaml | 8 ++++---- roles/photos/tasks/photo-gallery.yaml | 8 ++++---- roles/photos/tasks/photos2mqtt.yaml | 8 ++++---- roles/services/tasks/discord_bot.yaml | 4 ++-- roles/services/tasks/ircbot.yaml | 20 +++++++++---------- roles/services/tasks/mastodon_spacestate.yaml | 8 ++++---- roles/services/tasks/power_mqtt.yaml | 8 ++++---- roles/services/tasks/siahsd.yaml | 8 ++++---- roles/services/tasks/spacestated.yaml | 4 ++-- roles/services/tasks/wifi_mqtt.yaml | 4 ++-- roles/www/tasks/calendar.yaml | 4 ++-- roles/www/tasks/mediawiki.yaml | 4 ++-- roles/www/tasks/mqtt.yaml | 4 ++-- roles/www/tasks/spaceapi.yaml | 4 ++-- 21 files changed, 73 insertions(+), 73 deletions(-) diff --git a/roles/bank/tasks/revbank-deposit.yaml b/roles/bank/tasks/revbank-deposit.yaml index 672ba24..97c3593 100644 --- a/roles/bank/tasks/revbank-deposit.yaml +++ b/roles/bank/tasks/revbank-deposit.yaml @@ -23,8 +23,8 @@ ansible.builtin.template: src: revbank-deposit.conf dest: /etc/revbank-deposit.conf - owner: root - group: root + owner: "root" + group: "root" mode: "0600" notify: Restart revbank-deposit @@ -32,8 +32,8 @@ ansible.builtin.template: src: revbank-deposit.service dest: /etc/systemd/system/revbank-deposit.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart revbank-deposit @@ -44,4 +44,4 @@ state: started enabled: true -- meta: flush_handlers +- ansible.builtin.meta: flush_handlers diff --git a/roles/common/tasks/debian-upgrade.yaml b/roles/common/tasks/debian-upgrade.yaml index 426a499..b480bea 100644 --- a/roles/common/tasks/debian-upgrade.yaml +++ b/roles/common/tasks/debian-upgrade.yaml @@ -4,8 +4,8 @@ ansible.builtin.template: src: stable-sources.list dest: /etc/apt/sources.list - owner: root - group: root + owner: "root" + group: "root" mode: "0644" - name: Remove backports diff --git a/roles/common/tasks/network.yaml b/roles/common/tasks/network.yaml index 63efa5a..fae4ed5 100644 --- a/roles/common/tasks/network.yaml +++ b/roles/common/tasks/network.yaml @@ -28,8 +28,8 @@ ansible.builtin.template: src: network-interfaces dest: /etc/network/interfaces - owner: root - group: root + owner: "root" + group: "root" mode: "0644" when: network_br or network_dhcp or network_static diff --git a/roles/git-ci/tasks/main.yaml b/roles/git-ci/tasks/main.yaml index d4e3a19..ea688fa 100644 --- a/roles/git-ci/tasks/main.yaml +++ b/roles/git-ci/tasks/main.yaml @@ -15,8 +15,8 @@ ansible.builtin.file: state: directory path: "{{ runner_wd }}" - owner: root - group: root + owner: "root" + group: "root" mode: "0755" - name: Register runner @@ -29,8 +29,8 @@ ansible.builtin.template: src: forgejo-runner.service dest: /etc/systemd/system/forgejo-runner.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: restart forgejo-runner diff --git a/roles/git-server/tasks/main.yaml b/roles/git-server/tasks/main.yaml index 570406b..847d850 100644 --- a/roles/git-server/tasks/main.yaml +++ b/roles/git-server/tasks/main.yaml @@ -11,8 +11,8 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/forgejo - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Reload nginx @@ -44,8 +44,8 @@ ansible.builtin.template: src: forgejo.service dest: /etc/systemd/system/forgejo.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Reload forgejo diff --git a/roles/monitoring/tasks/mqtt_exporter.yaml b/roles/monitoring/tasks/mqtt_exporter.yaml index 635c263..b0350f4 100644 --- a/roles/monitoring/tasks/mqtt_exporter.yaml +++ b/roles/monitoring/tasks/mqtt_exporter.yaml @@ -20,8 +20,8 @@ ansible.builtin.template: src: mqtt_exporter.service dest: /etc/systemd/system/mqtt_exporter.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: - Daemon reload @@ -31,8 +31,8 @@ ansible.builtin.template: src: mqtt_exporter_config.yaml dest: /etc/mqtt_exporter.yaml - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: - Daemon reload diff --git a/roles/music/tasks/soundboard.yaml b/roles/music/tasks/soundboard.yaml index 6601611..fa5ace0 100644 --- a/roles/music/tasks/soundboard.yaml +++ b/roles/music/tasks/soundboard.yaml @@ -28,8 +28,8 @@ ansible.builtin.template: src: soundboard.yaml dest: /etc/soundboard.yaml - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart soundboard @@ -37,8 +37,8 @@ ansible.builtin.template: src: soundboard.service dest: /etc/systemd/system/soundboard.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart soundboard diff --git a/roles/music/tasks/trollibox.yaml b/roles/music/tasks/trollibox.yaml index 0b20b4a..717c235 100644 --- a/roles/music/tasks/trollibox.yaml +++ b/roles/music/tasks/trollibox.yaml @@ -3,8 +3,8 @@ ansible.builtin.template: src: trollibox.yaml dest: /etc/trollibox.yaml - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart trollibox @@ -32,8 +32,8 @@ ansible.builtin.template: src: trollibox.service dest: /etc/systemd/system/trollibox.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart trollibox diff --git a/roles/photos/tasks/photo-gallery.yaml b/roles/photos/tasks/photo-gallery.yaml index 3f6df3d..95eb800 100644 --- a/roles/photos/tasks/photo-gallery.yaml +++ b/roles/photos/tasks/photo-gallery.yaml @@ -15,8 +15,8 @@ ansible.builtin.template: src: photo-gallery-config.json dest: /opt/photo-gallery/config.json - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: restart photo-gallery @@ -24,8 +24,8 @@ ansible.builtin.template: src: photo-gallery.service dest: /etc/systemd/system/photo-gallery.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: restart photo-gallery diff --git a/roles/photos/tasks/photos2mqtt.yaml b/roles/photos/tasks/photos2mqtt.yaml index cad0605..1fedc06 100644 --- a/roles/photos/tasks/photos2mqtt.yaml +++ b/roles/photos/tasks/photos2mqtt.yaml @@ -14,8 +14,8 @@ ansible.builtin.template: src: photos2mqtt.pl dest: /opt/photos2mqtt.pl - owner: root - group: root + owner: "root" + group: "root" mode: "0755" notify: restart photos2mqtt @@ -23,8 +23,8 @@ ansible.builtin.template: src: photos2mqtt.service dest: /etc/systemd/system/photos2mqtt.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: restart photos2mqtt diff --git a/roles/services/tasks/discord_bot.yaml b/roles/services/tasks/discord_bot.yaml index 1889db4..7f64a01 100644 --- a/roles/services/tasks/discord_bot.yaml +++ b/roles/services/tasks/discord_bot.yaml @@ -32,8 +32,8 @@ ansible.builtin.template: src: discord-bot.service dest: /etc/systemd/system/discord-bot.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart discord-bot diff --git a/roles/services/tasks/ircbot.yaml b/roles/services/tasks/ircbot.yaml index 90d60c8..83a8f72 100644 --- a/roles/services/tasks/ircbot.yaml +++ b/roles/services/tasks/ircbot.yaml @@ -18,8 +18,8 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-bot.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" vars: description: Bitlair IRC bot @@ -42,8 +42,8 @@ ansible.builtin.template: src: irc-photos.sh dest: /var/lib/irc-helpers/photos.sh - owner: root - group: root + owner: "root" + group: "root" mode: "0755" notify: Restart irc-photos @@ -51,8 +51,8 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-photos.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" vars: description: Bitlair IRC photos notification @@ -71,8 +71,8 @@ ansible.builtin.template: src: irc-doorduino.sh dest: /var/lib/irc-helpers/doorduino.sh - owner: root - group: root + owner: "root" + group: "root" mode: "0755" notify: Restart irc-doorduino @@ -80,8 +80,8 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-doorduino.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" vars: description: Bitlair IRC doorduino notification diff --git a/roles/services/tasks/mastodon_spacestate.yaml b/roles/services/tasks/mastodon_spacestate.yaml index a64d353..8d2175a 100644 --- a/roles/services/tasks/mastodon_spacestate.yaml +++ b/roles/services/tasks/mastodon_spacestate.yaml @@ -18,8 +18,8 @@ ansible.builtin.template: src: mastodon-spacestate-config.py dest: /var/lib/mastodon-spacestate/config.py - owner: root - group: root + owner: "root" + group: "root" mode: "0655" notify: Restart mastodon-spacestate @@ -27,8 +27,8 @@ ansible.builtin.template: src: mastodon-spacestate.service dest: /etc/systemd/system/mastodon-spacestate.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart mastodon-spacestate diff --git a/roles/services/tasks/power_mqtt.yaml b/roles/services/tasks/power_mqtt.yaml index fe442b6..1ca1e7f 100644 --- a/roles/services/tasks/power_mqtt.yaml +++ b/roles/services/tasks/power_mqtt.yaml @@ -7,8 +7,8 @@ ansible.builtin.template: src: power-mqtt.py dest: /var/lib/power-mqtt.py - owner: root - group: root + owner: "root" + group: "root" mode: "0755" notify: Restart power-mqtt @@ -21,8 +21,8 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/power-mqtt@.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" vars: description: "SMD630 to MQTT Probe" diff --git a/roles/services/tasks/siahsd.yaml b/roles/services/tasks/siahsd.yaml index c7c3b0b..a1e59a9 100644 --- a/roles/services/tasks/siahsd.yaml +++ b/roles/services/tasks/siahsd.yaml @@ -16,8 +16,8 @@ ansible.builtin.template: src: siahsd.conf dest: /etc/siahsd.conf - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart siahsd @@ -25,8 +25,8 @@ ansible.builtin.template: src: siahsd.service dest: /etc/systemd/system/siahsd.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart siahsd diff --git a/roles/services/tasks/spacestated.yaml b/roles/services/tasks/spacestated.yaml index 363397e..8f22309 100644 --- a/roles/services/tasks/spacestated.yaml +++ b/roles/services/tasks/spacestated.yaml @@ -32,8 +32,8 @@ ansible.builtin.template: src: spacestated.service dest: /etc/systemd/system/spacestated.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart spacestated diff --git a/roles/services/tasks/wifi_mqtt.yaml b/roles/services/tasks/wifi_mqtt.yaml index 8bb8353..1f10c64 100644 --- a/roles/services/tasks/wifi_mqtt.yaml +++ b/roles/services/tasks/wifi_mqtt.yaml @@ -19,8 +19,8 @@ ansible.builtin.template: src: wifi-mqtt.service dest: /etc/systemd/system/wifi-mqtt.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart wifi-mqtt diff --git a/roles/www/tasks/calendar.yaml b/roles/www/tasks/calendar.yaml index c034d81..8f42b06 100644 --- a/roles/www/tasks/calendar.yaml +++ b/roles/www/tasks/calendar.yaml @@ -19,6 +19,6 @@ ansible.builtin.template: src: calendar.cron dest: /etc/cron.d/bitlair-calendar - owner: root - group: root + owner: "root" + group: "root" mode: "0644" diff --git a/roles/www/tasks/mediawiki.yaml b/roles/www/tasks/mediawiki.yaml index de77057..0508e32 100644 --- a/roles/www/tasks/mediawiki.yaml +++ b/roles/www/tasks/mediawiki.yaml @@ -9,7 +9,7 @@ ansible.builtin.template: src: security.txt dest: /opt/security.txt - owner: root - group: root + owner: "root" + group: "root" mode: "0644" diff --git a/roles/www/tasks/mqtt.yaml b/roles/www/tasks/mqtt.yaml index 10cc736..ed097d6 100644 --- a/roles/www/tasks/mqtt.yaml +++ b/roles/www/tasks/mqtt.yaml @@ -24,8 +24,8 @@ ansible.builtin.template: src: mqtt2web.service dest: /etc/systemd/system/mqtt2web.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: - Daemon reload diff --git a/roles/www/tasks/spaceapi.yaml b/roles/www/tasks/spaceapi.yaml index 7c8a494..1c5c3ec 100644 --- a/roles/www/tasks/spaceapi.yaml +++ b/roles/www/tasks/spaceapi.yaml @@ -11,8 +11,8 @@ ansible.builtin.template: src: spaceapi.service dest: /etc/systemd/system/spaceapi.service - owner: root - group: root + owner: "root" + group: "root" mode: "0644" notify: Restart spaceapi