thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Merge pull request #405 from spk/ansible-lint 

Ansible lint
Allen Riddell 10 years ago
parent
72a19d8c19 21e0110684
commit
7260d59f31
14 changed files with 50 additions and 26 deletions
Unified View Show Diff Stats
  1. 2
    1
      .travis.yml
  2. 1
    1
      roles/blog/tasks/blog.yml
  3. 3
    2
      roles/common/tasks/google_auth.yml
  4. 1
    1
      roles/common/tasks/security.yml
  5. 4
    4
      roles/git/tasks/cgit.yml
  6. 3
    1
      roles/ircbouncer/tasks/znc.yml
  7. 7
    1
      roles/mailserver/tasks/z-push.yml
  8. 6
    4
      roles/monitoring/tasks/collectd.yml
  9. 2
    1
      roles/news/tasks/selfoss.yml
  10. 1
    1
      roles/owncloud/tasks/owncloud.yml
  11. 9
    5
      roles/readlater/tasks/wallabag.yml
  12. 3
    1
      roles/tarsnap/tasks/tarsnap.yml
  13. 2
    0
      roles/vpn/tasks/openvpn.yml
  14. 6
    3
      roles/webmail/tasks/roundcube.yml

+ 2
- 1
.travis.yml View File

1 
 language: python
 1 
 language: python
2 
 python: "2.7"
 2 
 python: "2.7"
3 
 install:
 3 
 install:
4 
-  - pip install ansible
4 
+  - pip install ansible ansible-lint
5 
 script:
 5 
 script:
6 
   - ansible-playbook --syntax-check -i hosts site.yml
 6 
   - ansible-playbook --syntax-check -i hosts site.yml
7 
+  - ansible-lint site.yml

+ 1
- 1
roles/blog/tasks/blog.yml View File

5 
   command: mv /etc/apache2/sites-available/{{ domain }} /etc/apache2/sites-available/{{ domain }}.conf removes=/etc/apache2/sites-available/{{ domain }}
 5 
   command: mv /etc/apache2/sites-available/{{ domain }} /etc/apache2/sites-available/{{ domain }}.conf removes=/etc/apache2/sites-available/{{ domain }}
6
6
7 
 - name: Remove old sites-enabled/{{ domain }} symlink (new one will be created by a2ensite)
 7 
 - name: Remove old sites-enabled/{{ domain }} symlink (new one will be created by a2ensite)
8 
-  command: rm /etc/apache2/sites-enabled/{{ domain }} removes=/etc/apache2/sites-enabled/{{ domain }}
8 
+  file: path=/etc/apache2/sites-enabled/{{ domain }} state=absent
9
9
10 
 - name: Configure the Apache HTTP server for the blog
 10 
 - name: Configure the Apache HTTP server for the blog
11 
   template: src=etc_apache2_sites-available_blog.j2 dest=/etc/apache2/sites-available/{{ domain }}.conf group=root owner=root
 11 
   template: src=etc_apache2_sites-available_blog.j2 dest=/etc/apache2/sites-available/{{ domain }}.conf group=root owner=root

+ 3
- 2
roles/common/tasks/google_auth.yml View File

15 
            dest=/root/libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
 15 
            dest=/root/libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
16
16
17 
 - name: Extract Google authenticator
 17 
 - name: Extract Google authenticator
18 
-  command: tar xjf libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
19 
-           chdir=/root creates=/root/libpam-google-authenticator-{{ google_auth_version }}
18 
+  unarchive: src=/root/libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
19 
+             creates=/root/libpam-google-authenticator-{{ google_auth_version }}
20 
+             dest=/root copy=no
20
21
21 
 - name: Install Google authenticator
 22 
 - name: Install Google authenticator
22 
   command: make install
 23 
   command: make install

+ 1
- 1
roles/common/tasks/security.yml View File

21 
 - name: Update sshd config for PFS and more secure defaults
 21 
 - name: Update sshd config for PFS and more secure defaults
22 
   template: src=etc_ssh_sshd_config.j2 dest=/etc/ssh/sshd_config
 22 
   template: src=etc_ssh_sshd_config.j2 dest=/etc/ssh/sshd_config
23 
   notify: restart ssh
 23 
   notify: restart ssh
24 
-
24 
+
25 
 - name: Update ssh config for more secure defaults
 25 
 - name: Update ssh config for more secure defaults
26 
   template: src=etc_ssh_ssh_config.j2 dest=/etc/ssh/ssh_config
 26 
   template: src=etc_ssh_ssh_config.j2 dest=/etc/ssh/ssh_config
27
27

+ 4
- 4
roles/git/tasks/cgit.yml View File

19 
            dest=/root/cgit-{{ cgit_version }}.tar.xz
 19 
            dest=/root/cgit-{{ cgit_version }}.tar.xz
20
20
21 
 - name: Decompress cgit source
 21 
 - name: Decompress cgit source
22 
-  command: tar xvfJ /root/cgit-{{ cgit_version }}.tar.xz
23 
-           chdir=/root
24 
-           creates=/root/cgit-{{ cgit_version }}/configure
22 
+  unarchive: src=/root/cgit-{{ cgit_version }}.tar.xz
23 
+             dest=/root copy=no
24 
+             creates=/root/cgit-{{ cgit_version }}/configure
25
25
26 
 - name: Build and install cgit
 26 
 - name: Build and install cgit
27 
   shell: make get-git ; make ; make install
 27 
   shell: make get-git ; make ; make install
38 
   command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit
 38 
   command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit
39
39
40 
 - name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite)
 40 
 - name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite)
41 
-  command: rm /etc/apache2/sites-enabled/cgit removes=/etc/apache2/sites-enabled/cgit
41 
+  file: path=/etc/apache2/sites-enabled/cgit state=absent
42
42
43 
 - name: Configure the Apache HTTP server for cgit
 43 
 - name: Configure the Apache HTTP server for cgit
44 
   template: src=etc_apache2_sites-available_cgit.j2
 44 
   template: src=etc_apache2_sites-available_cgit.j2

+ 3
- 1
roles/ircbouncer/tasks/znc.yml View File

22 
   get_url: url=http://znc.in/releases/archive/znc-{{ znc_version }}.tar.gz dest=/root/znc-{{ znc_version }}.tar.gz
 22 
   get_url: url=http://znc.in/releases/archive/znc-{{ znc_version }}.tar.gz dest=/root/znc-{{ znc_version }}.tar.gz
23
23
24 
 - name: Decompress znc source
 24 
 - name: Decompress znc source
25 
-  command: tar xzf /root/znc-{{ znc_version }}.tar.gz chdir=/root creates=/root/znc-{{ znc_version }}/configure
25 
+  unarchive: src=/root/znc-{{ znc_version }}.tar.gz
26 
+             dest=/root copy=no
27 
+             creates=/root/znc-{{ znc_version }}/configure
26
28
27 
 - name: Build and install znc
 29 
 - name: Build and install znc
28 
   shell: ./configure --enable-python && make && make install executable=/bin/bash chdir=/root/znc-{{ znc_version }} creates=/usr/local/bin/znc
 30 
   shell: ./configure --enable-python && make && make install executable=/bin/bash chdir=/root/znc-{{ znc_version }} creates=/usr/local/bin/znc

+ 7
- 1
roles/mailserver/tasks/z-push.yml View File

14 
     dest=/root/z-push-{{ zpush_version }}.tar.gz
 14 
     dest=/root/z-push-{{ zpush_version }}.tar.gz
15
15
16 
 - name: Decompress z-push source
 16 
 - name: Decompress z-push source
17 
-  command: tar xzf z-push-{{ zpush_version }}.tar.gz chdir=/root creates=/root/z-push-{{ zpush_version }}
17 
+  unarchive: src=/root/z-push-{{ zpush_version }}.tar.gz
18 
+             dest=/root copy=no
19 
+             creates=/root/z-push-{{ zpush_version }}
18
20
19 
 - name: Create /usr/share/z-push
 21 
 - name: Create /usr/share/z-push
20 
   file: state=directory path=/usr/share/z-push
 22 
   file: state=directory path=/usr/share/z-push
21
23
22 
 - name: Copy z-push source files to /usr/share/z-push
 24 
 - name: Copy z-push source files to /usr/share/z-push
23 
   shell: cp -R z-push-{{ zpush_version }}/* /usr/share/z-push/ chdir=/root
 25 
   shell: cp -R z-push-{{ zpush_version }}/* /usr/share/z-push/ chdir=/root
26 
+  tags:
27 
+    - skip_ansible_lint
24
28
25 
 - name: Remove downloaded, temporary z-push source files
 29 
 - name: Remove downloaded, temporary z-push source files
26 
   shell: rm -rf z-push* chdir=/root
 30 
   shell: rm -rf z-push* chdir=/root
31 
+  tags:
32 
+    - skip_ansible_lint
27
33
28 
 - name: Ensure z-push state and log directories are in place
 34 
 - name: Ensure z-push state and log directories are in place
29 
   file: state=directory path={{ item }} owner=www-data group=www-data mode=755
 35 
   file: state=directory path={{ item }} owner=www-data group=www-data mode=755

+ 6
- 4
roles/monitoring/tasks/collectd.yml View File

29 
            dest=/root/collectd-{{collectd_version}}.tar.gz
 29 
            dest=/root/collectd-{{collectd_version}}.tar.gz
30
30
31 
 - name: Extract collectd
 31 
 - name: Extract collectd
32 
-  command: tar xzf collectd-{{collectd_version}}.tar.gz
33 
-           chdir=/root creates=/root/collectd-{{collectd_version}}
32 
+  unarchive: src=/root/collectd-{{collectd_version}}.tar.gz
33 
+             dest=/root copy=no
34 
+             creates=/root/collectd-{{collectd_version}}
34
35
35 
 - name: Build and install collectd
 36 
 - name: Build and install collectd
36 
   shell: ./configure ; make all ; make install
 37 
   shell: ./configure ; make all ; make install
47 
   when: collectd_librato_email|length > 0
 48 
   when: collectd_librato_email|length > 0
48
49
49 
 - name: Extract collectd-librato plugin
 50 
 - name: Extract collectd-librato plugin
50 
-  command: tar xzf collectd-librato-{{collectd_librato_version}}.tar.gz
51 
-           chdir=/root creates=/root/collectd-librato-{{collectd_librato_version}}
51 
+  unarchive: src=/root/collectd-librato-{{collectd_librato_version}}.tar.gz
52 
+             dest=/root copy=no
53 
+             creates=/root/collectd-librato-{{collectd_librato_version}}
52 
   when: collectd_librato_email|length > 0
 54 
   when: collectd_librato_email|length > 0
53
55
54 
 - name: Install collectd-librato plugin
 56 
 - name: Install collectd-librato plugin

+ 2
- 1
roles/news/tasks/selfoss.yml View File

2 
   git: repo=https://github.com/SSilence/selfoss.git
 2 
   git: repo=https://github.com/SSilence/selfoss.git
3 
        dest=/var/www/selfoss
 3 
        dest=/var/www/selfoss
4 
        accept_hostkey=yes
 4 
        accept_hostkey=yes
5 
+       version=master
5
6
6 
 - name: Set selfoss ownership
 7 
 - name: Set selfoss ownership
7 
   action: file owner=root group=www-data path=/var/www/selfoss recurse=yes state=directory
 8 
   action: file owner=root group=www-data path=/var/www/selfoss recurse=yes state=directory
51 
   command: mv /etc/apache2/sites-available/selfoss /etc/apache2/sites-available/selfoss.conf removes=/etc/apache2/sites-available/selfoss
 52 
   command: mv /etc/apache2/sites-available/selfoss /etc/apache2/sites-available/selfoss.conf removes=/etc/apache2/sites-available/selfoss
52
53
53 
 - name: Remove old sites-enabled/selfoss symlink (new one will be created by a2ensite)
 54 
 - name: Remove old sites-enabled/selfoss symlink (new one will be created by a2ensite)
54 
-  command: rm /etc/apache2/sites-enabled/selfoss removes=/etc/apache2/sites-enabled/selfoss
55 
+  file: path=/etc/apache2/sites-enabled/selfoss state=absent
55
56
56 
 - name: Configure the Apache HTTP server for selfoss
 57 
 - name: Configure the Apache HTTP server for selfoss
57 
   template: src=etc_apache2_sites-available_selfoss.j2 dest=/etc/apache2/sites-available/selfoss.conf group=root owner=root
 58 
   template: src=etc_apache2_sites-available_selfoss.j2 dest=/etc/apache2/sites-available/selfoss.conf group=root owner=root

+ 1
- 1
roles/owncloud/tasks/owncloud.yml View File

96 
   command: mv /etc/apache2/sites-available/owncloud /etc/apache2/sites-available/owncloud.conf removes=/etc/apache2/sites-available/owncloud
 96 
   command: mv /etc/apache2/sites-available/owncloud /etc/apache2/sites-available/owncloud.conf removes=/etc/apache2/sites-available/owncloud
97
97
98 
 - name: Remove old sites-enabled/owncloud symlink (new one will be created by a2ensite)
 98 
 - name: Remove old sites-enabled/owncloud symlink (new one will be created by a2ensite)
99 
-  command: rm /etc/apache2/sites-enabled/owncloud removes=/etc/apache2/sites-enabled/owncloud
99 
+  file: path=/etc/apache2/sites-enabled/owncloud state=absent
100
100
101 
 - name: Configure the Apache HTTP server for ownCloud
 101 
 - name: Configure the Apache HTTP server for ownCloud
102 
   template: src=etc_apache2_sites-available_owncloud.j2 dest=/etc/apache2/sites-available/owncloud.conf group=root owner=root
 102 
   template: src=etc_apache2_sites-available_owncloud.j2 dest=/etc/apache2/sites-available/owncloud.conf group=root owner=root

+ 9
- 5
roles/readlater/tasks/wallabag.yml View File

40 
                  owner={{ wallabag_db_username }}
 40 
                  owner={{ wallabag_db_username }}
41 
   notify: import wallabag sql
 41 
   notify: import wallabag sql
42
42
43 
-- name: Build Composer
44 
-  shell: curl -sS https://getcomposer.org/installer | php
45 
-         chdir=/root
46 
-         creates=/root/composer.phar
43 
+- name: Get Composer installer
44 
+  get_url: url=https://getcomposer.org/installer
45 
+           dest=/tmp/composer-installer
46 
+
47 
+- name: Install Composer
48 
+  command: php /tmp/composer-installer
49 
+           chdir=/root
50 
+           creates=/root/composer.phar
47
51
48 
 - name: Initialize composer
 52 
 - name: Initialize composer
49 
   command: php /root/composer.phar install
 53 
   command: php /root/composer.phar install
77 
   command: mv /etc/apache2/sites-available/wallabag /etc/apache2/sites-available/wallabag.conf removes=/etc/apache2/sites-available/wallabag
 81 
   command: mv /etc/apache2/sites-available/wallabag /etc/apache2/sites-available/wallabag.conf removes=/etc/apache2/sites-available/wallabag
78
82
79 
 - name: Remove old sites-enabled/wallabag symlink (new one will be created by a2ensite)
 83 
 - name: Remove old sites-enabled/wallabag symlink (new one will be created by a2ensite)
80 
-  command: rm /etc/apache2/sites-enabled/wallabag removes=/etc/apache2/sites-enabled/wallabag
84 
+  file: path=/etc/apache2/sites-enabled/wallabag state=absent
81
85
82 
 - name: Configure the Apache HTTP server for wallabag
 86 
 - name: Configure the Apache HTTP server for wallabag
83 
   template: src=etc_apache2_sites-available_wallabag.j2
 87 
   template: src=etc_apache2_sites-available_wallabag.j2

+ 3
- 1
roles/tarsnap/tasks/tarsnap.yml View File

57
57
58 
 - name: Decompress Tarsnap source
 58 
 - name: Decompress Tarsnap source
59 
   when: tarnsap_installed|failed
 59 
   when: tarnsap_installed|failed
60 
-  command: tar xzf /root/tarsnap-autoconf-{{ tarsnap_version }}.tgz chdir=/root creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/COPYING
60 
+  unarchive: src=/root/tarsnap-autoconf-{{ tarsnap_version }}.tgz
61 
+             dest=/root copy=no
62 
+             creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/COPYING
61
63
62 
 - name: Configure Tarsnap for local build
 64 
 - name: Configure Tarsnap for local build
63 
   when: tarnsap_installed|failed
 65 
   when: tarnsap_installed|failed

+ 2
- 0
roles/vpn/tasks/openvpn.yml View File

154
154
155 
 - name: Copy the ca.crt and ta.key files that clients will need in order to connect to the OpenVPN server
 155 
 - name: Copy the ca.crt and ta.key files that clients will need in order to connect to the OpenVPN server
156 
   command: cp {{ openvpn_path }}/{{ item[1] }} {{ openvpn_path }}/{{ item[0] }}
 156 
   command: cp {{ openvpn_path }}/{{ item[1] }} {{ openvpn_path }}/{{ item[0] }}
157 
+  tags:
158 
+    - skip_ansible_lint
157 
   with_nested:
 159 
   with_nested:
158 
     - openvpn_clients
 160 
     - openvpn_clients
159 
     - ["ca.crt", "ta.key"]
 161 
     - ["ca.crt", "ta.key"]

+ 6
- 3
roles/webmail/tasks/roundcube.yml View File

3 
   when: ansible_distribution_release == 'wheezy'
 3 
   when: ansible_distribution_release == 'wheezy'
4 
   tags:
 4 
   tags:
5 
     - dependencies
 5 
     - dependencies
6 
-
6 
+
7 
 - name: Update apt cache for backports
 7 
 - name: Update apt cache for backports
8 
   apt: update_cache=yes
 8 
   apt: update_cache=yes
9 
   tags:
 9 
   tags:
42 
     dest=/root/carddav_{{ carddav_version }}.tar.gz
 42 
     dest=/root/carddav_{{ carddav_version }}.tar.gz
43
43
44 
 - name: Decompress carddav plugin source
 44 
 - name: Decompress carddav plugin source
45 
-  command: tar xzf carddav_{{ carddav_version }}.tar.gz chdir=/root creates=/root/rcmcarddav-carddav_{{ carddav_version }}
45 
+  unarchive: src=/root/carddav_{{ carddav_version }}.tar.gz
46 
+             dest=/root copy=no
47 
+             creates=/root/rcmcarddav-carddav_{{ carddav_version }}
46
48
47 
 - name: Move carddav plugin files to /usr/share/roundcube/plugins/carddav
 49 
 - name: Move carddav plugin files to /usr/share/roundcube/plugins/carddav
48 
   command: mv rcmcarddav-carddav_{{ carddav_version }} /usr/share/roundcube/plugins/carddav chdir=/root creates=/usr/share/roundcube/plugins/carddav
 50 
   command: mv rcmcarddav-carddav_{{ carddav_version }} /usr/share/roundcube/plugins/carddav chdir=/root creates=/usr/share/roundcube/plugins/carddav
51 
   git: repo=https://github.com/alexandregz/twofactor_gauthenticator.git
 53 
   git: repo=https://github.com/alexandregz/twofactor_gauthenticator.git
52 
        dest=/usr/share/roundcube/plugins/twofactor_gauthenticator
 54 
        dest=/usr/share/roundcube/plugins/twofactor_gauthenticator
53 
        accept_hostkey=yes
 55 
        accept_hostkey=yes
56 
+       version=master
54
57
55 
 - name: Link plugins into /var/lib/roundcube/plugins
 58 
 - name: Link plugins into /var/lib/roundcube/plugins
56 
   file: state=link src=/usr/share/roundcube/plugins/{{ item }} dest=/var/lib/roundcube/plugins/{{ item }} force=yes
 59 
   file: state=link src=/usr/share/roundcube/plugins/{{ item }} dest=/var/lib/roundcube/plugins/{{ item }} force=yes
62 
   command: mv /etc/apache2/sites-available/roundcube /etc/apache2/sites-available/roundcube.conf removes=/etc/apache2/sites-available/roundcube
 65 
   command: mv /etc/apache2/sites-available/roundcube /etc/apache2/sites-available/roundcube.conf removes=/etc/apache2/sites-available/roundcube
63
66
64 
 - name: Remove old sites-enabled/roundcube symlink (new one will be created by a2ensite)
 67 
 - name: Remove old sites-enabled/roundcube symlink (new one will be created by a2ensite)
65 
-  command: rm /etc/apache2/sites-enabled/roundcube removes=/etc/apache2/sites-enabled/roundcube
68 
+  file: path=/etc/apache2/sites-enabled/roundcube state=absent
66
69
67 
 - name: Configure the Apache HTTP server for roundcube
 70 
 - name: Configure the Apache HTTP server for roundcube
68 
   template: src=etc_apache2_sites-available_roundcube.j2 dest=/etc/apache2/sites-available/roundcube.conf group=root owner=root force=yes
 71 
   template: src=etc_apache2_sites-available_roundcube.j2 dest=/etc/apache2/sites-available/roundcube.conf group=root owner=root force=yes

Write Preview
Loading…
Cancel
Save