From 7d54844d9fedaa367f3c7e20971bd09c0d4de459 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Thu, 13 Dec 2018 20:03:40 +0100
Subject: [PATCH] lint yaml files
---
.yamllint | 19 ++++
client/defaults/main.yml | 4 +-
client/handlers/main.yml | 1 -
client/tasks/configuration.yml | 43 ++++++--
client/tasks/kde.yml | 51 ++++++----
client/tasks/network.yml | 9 +-
client/tasks/proprietary.yml | 16 ++-
client/tasks/software.yml | 167 ++++++++++++++++---------------
guest-overlay/tasks/main.yml | 50 ++++-----
pyxtrlock/tasks/main.yml | 18 +++-
terminalserver/handlers/main.yml | 5 +
terminalserver/tasks/x2go.yml | 37 +++----
12 files changed, 259 insertions(+), 161 deletions(-)
create mode 100644 .yamllint
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000..cca80e2
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,19 @@
+---
+
+extends: default
+
+rules:
+ comments-indentation:
+ level: warning
+ document-start:
+ level: error
+ empty-lines:
+ max: 1
+ empty-values:
+ forbid-in-flow-mappings: true
+ forbid-in-block-mappings: true
+ line-length:
+ level: warning
+ octal-values:
+ forbid-implicit-octal: true
+ level: warning
diff --git a/client/defaults/main.yml b/client/defaults/main.yml
index 6da3b5c..4804617 100644
--- a/client/defaults/main.yml
+++ b/client/defaults/main.yml
@@ -1,4 +1,4 @@
---
-client_use_proprietary_google_apps: False
-client_provision_mozilla: True
+client_use_proprietary_google_apps: false
+client_provision_mozilla: true
diff --git a/client/handlers/main.yml b/client/handlers/main.yml
index 76b51a7..4db8f48 100644
--- a/client/handlers/main.yml
+++ b/client/handlers/main.yml
@@ -9,4 +9,3 @@
- name: reload systemd service files
systemd: daemon_reload=yes
-
diff --git a/client/tasks/configuration.yml b/client/tasks/configuration.yml
index bf01588..c00ff97 100644
--- a/client/tasks/configuration.yml
+++ b/client/tasks/configuration.yml
@@ -2,33 +2,60 @@
# file: roles/client/tasks/desktop.yml
- name: ensure i3 is able to lock the screen
-# copy: src=i3lock dest=/usr/local/bin/i3lock owner=root group=root mode=0755
+ # copy: src=i3lock dest=/usr/local/bin/i3lock owner=root group=root mode=0755
file:
src: /usr/lib/x86_64-linux-gnu/libexec/kscreenlocker_greet
dest: /usr/local/bin/i3lock
state: link
owner: root
group: root
- mode: 0755
+ mode: '0755'
- name: ensure a sane default web browser
- alternatives: name=x-www-browser path=/usr/bin/firefox
+ alternatives:
+ name: x-www-browser
+ path: /usr/bin/firefox
- name: ensure we have the correct printer
- template: src=lpoptions.j2 dest=/etc/cups/lpoptions owner=root group=root mode=0644
+ template:
+ src: lpoptions.j2
+ dest: /etc/cups/lpoptions
+ owner: root
+ group: root
+ mode: '0644'
- name: grant user access to soundcard
- copy: src=udev_audio-perm.rules dest=/etc/udev/rules.d/50-audio-perm.rules owner=root group=root mode=0644
+ copy:
+ src: udev_audio-perm.rules
+ dest: /etc/udev/rules.d/50-audio-perm.rules
+ owner: root
+ group: root
+ mode: '0644'
- name: ensure RWTH fonts are available
- copy: src={{ item }} dest=/usr/local/share/fonts/ owner=root group=root mode=0644
+ copy:
+ src: "{{ item }}"
+ dest: /usr/local/share/fonts/
+ owner: root
+ group: root
+ mode: '0644'
with_fileglob:
- fonts/*
- name: ensure firefox default profile stuff is installed
- copy: src=mozilla/firefox/ dest=/usr/lib/firefox-esr/ owner=root group=root mode=0644
+ copy:
+ src: mozilla/firefox/
+ dest: /usr/lib/firefox-esr/
+ owner: root
+ group: root
+ mode: '0644'
when: client_provision_mozilla
- name: ensure thunderbird default profile stuff is installed
- copy: src=mozilla/thunderbird/ dest=/usr/lib/thunderbird/ owner=root group=root mode=0644
+ copy:
+ src: mozilla/thunderbird/
+ dest: /usr/lib/thunderbird/
+ owner: root
+ group: root
+ mode: '0644'
when: client_provision_mozilla
diff --git a/client/tasks/kde.yml b/client/tasks/kde.yml
index 5570963..6a67e10 100644
--- a/client/tasks/kde.yml
+++ b/client/tasks/kde.yml
@@ -1,10 +1,9 @@
---
# file: roles/client/tasks/kde.yml
-
-- name: ensure reasonable subset of kde-baseapps is installed
+- name: ensure reasonable subset of kde-baseapps is installed
apt:
- name:
+ name:
- dolphin
- kde-baseapps-bin
- konsole
@@ -107,29 +106,45 @@
- desktop
- name: ensure kde nepomuk is disabled
- file: path=/usr/share/autostart/nepomukserver.desktop state=absent
-
+ file:
+ path: /usr/share/autostart/nepomukserver.desktop
+ state: absent
+
- name: ensure we got a properly configured sddm
- copy: src=sddm.conf dest=/etc/sddm.conf owner=root group=root mode=0644
- notify: restart sddm
+ copy:
+ src: sddm.conf
+ dest: /etc/sddm.conf
+ owner: root
+ group: root
+ mode: '0644'
+ notify: restart sddm
- name: ensure the sddm default session is plasma
- file: state=link src=/usr/share/xsessions/plasma.desktop dest=/usr/share/xsessions/default.desktop
+ file:
+ state: link
+ src: /usr/share/xsessions/plasma.desktop
+ dest: /usr/share/xsessions/default.desktop
notify: restart sddm
- name: ensure there is a x11 config folder
- file: path=/etc/X11/xorg.conf.d state=directory owner=root group=root mode=775
+ file:
+ path: /etc/X11/xorg.conf.d
+ state: directory
+ owner: root
+ group: root
+ mode: '0775'
- name: ensure sddm has the correct keymap
- copy: src=00-keyboard.conf dest=/etc/X11/xorg.conf.d/00-keyboard.conf owner=root group=root mode=0644
+ copy:
+ src: 00-keyboard.conf
+ dest: /etc/X11/xorg.conf.d/00-keyboard.conf
+ owner: root
+ group: root
+ mode: '0644'
notify: restart sddm
-#- name: ensure deployment of a nice kdm theme
-# copy: src=kdm/fsmpi_theme/ dest=/usr/share/kde4/apps/kdm/themes/fsmpi owner=root group=root mode=0644
-#
- name: ensure sddm is running
- service: name=sddm state=started enabled=yes
-
-#- name: ensure deployment of kde provisioning
-# copy: src=kde/ dest=/etc/kde4 owner=root group=root mode=0644
-
+ service:
+ name: sddm
+ state: started
+ enabled: true
diff --git a/client/tasks/network.yml b/client/tasks/network.yml
index ee0f761..a6e1c45 100644
--- a/client/tasks/network.yml
+++ b/client/tasks/network.yml
@@ -6,7 +6,7 @@
state: directory
owner: root
group: root
- mode: 0644
+ mode: '0644'
- name: ensure ansible's copy module does not bullshit us (pt2)
file:
@@ -14,7 +14,7 @@
state: directory
owner: root
group: root
- mode: 0644
+ mode: '0644'
- name: ensure sddm waits for network to be online
copy:
@@ -22,7 +22,7 @@
dest: /etc/systemd/system/sddm.service.d/network.conf
owner: root
group: root
- mode: 0644
+ mode: '0644'
notify:
- reload systemd service files
@@ -32,7 +32,6 @@
dest: /etc/systemd/system/rpc-svcgssd.service.d/network.conf
owner: root
group: root
- mode: 0644
+ mode: '0644'
notify:
- reload systemd service files
-
diff --git a/client/tasks/proprietary.yml b/client/tasks/proprietary.yml
index bf7eaa2..22baf84 100644
--- a/client/tasks/proprietary.yml
+++ b/client/tasks/proprietary.yml
@@ -1,19 +1,27 @@
---
- name: ensure apt got the key to verify the google repo
- apt_key: data="{{ lookup('file', 'google.gpg') }}" state=present
+ apt_key:
+ data: "{{ lookup('file', 'google.gpg') }}"
+ state: present
notify:
- update apt cache
- name: ensure apt knows about the google repo
- apt_repository: repo='deb http://dl.google.com/linux/chrome/deb/ stable main' state=present
+ apt_repository:
+ repo: 'deb http://dl.google.com/linux/chrome/deb/ stable main'
+ state: present
notify:
- update apt cache
- name: ensure google does not install its repo
- file: state=touch path=/etc/default/google-chrome
+ file:
+ state: touch
+ path: /etc/default/google-chrome
- meta: flush_handlers
- name: ensure proprietary google applications are installed
- apt: name=google-chrome-stable state=present
+ apt:
+ name: google-chrome-stable
+ state: present
diff --git a/client/tasks/software.yml b/client/tasks/software.yml
index f19fe26..86d1983 100644
--- a/client/tasks/software.yml
+++ b/client/tasks/software.yml
@@ -4,7 +4,7 @@
- name: ensure office applications are installed
apt:
name:
- - libreoffice # this is a meta-package
+ - libreoffice # this is a meta-package
- libreoffice-help-de
- libreoffice-l10n-de
- texstudio
@@ -124,98 +124,109 @@
state: present
- name: ensure google applications are installed
- apt: name={{ item }} state=present
- with_items:
- - chromium
- - chromium-l10n
+ apt:
+ state: present
+ name:
+ - chromium
+ - chromium-l10n
- name: ensure chat applications are installed
- apt: name={{ item }} state=present
- with_items:
- - pidgin
- - pidgin-otr
- - pidgin-themes
- - pidgin-plugin-pack
- - irssi
- - weechat
+ apt:
+ state: present
+ name:
+ - pidgin
+ - pidgin-otr
+ - pidgin-themes
+ - pidgin-plugin-pack
+ - irssi
+ - weechat
- name: ensure remote session applications are installed
- apt: name={{ item }} state=present
- with_items:
- - rdesktop
- - x2goclient
- - freerdp-x11
- - x11vnc
- - filezilla
+ apt:
+ state: present
+ name:
+ - rdesktop
+ - x2goclient
+ - freerdp-x11
+ - x11vnc
+ - filezilla
- name: ensure audio environment is installed
- apt: name={{ item }} state=present
- with_items:
- - alsa-utils
- - pulseaudio
- - pulseaudio-utils
- - pavucontrol
+ apt:
+ state: present
+ name:
+ - alsa-utils
+ - pulseaudio
+ - pulseaudio-utils
+ - pavucontrol
- name: ensure multimedia applications are installed
- apt: name={{ item }} state=present
- with_items:
- - vlc
- - mplayer
- - smplayer
- - ffmpeg
+ apt:
+ state: present
+ name:
+ - vlc
+ - mplayer
+ - smplayer
+ - ffmpeg
- name: ensure password managers are installed
- apt: name={{ item }} state=present
- with_items:
- - pass
- - keepassx
+ apt:
+ state: present
+ name:
+ - pass
+ - keepassx
- name: ensure non-desktop-environment applications are installed
- apt: name={{ item }} state=present
- with_items:
- - i3-wm
- - i3status
- - dunst
- - suckless-tools
- - arandr
- - rxvt-unicode
- - mutt
- - imapfilter
- - offlineimap
- - tnef
- - w3m
- - away
- - gnupg
- - scdaemon
+ apt:
+ state: present
+ name:
+ - i3-wm
+ - i3status
+ - dunst
+ - suckless-tools
+ - arandr
+ - rxvt-unicode
+ - mutt
+ - imapfilter
+ - offlineimap
+ - tnef
+ - w3m
+ - away
+ - gnupg
+ - scdaemon
- name: ensure dictionaries and spell checkers are installed
- apt: name={{ item }} state=present
- with_items:
- - aspell-de
- - manpages-de
- - ingerman
- - wngerman
- - hunspell-de-de
- - hyphen-de
- - mythes-de
+ apt:
+ state: present
+ name:
+ - aspell-de
+ - manpages-de
+ - ingerman
+ - wngerman
+ - hunspell-de-de
+ - hyphen-de
+ - mythes-de
- name: ensure additional fonts are installed
- apt: name={{ item }} state=present
- with_items:
- - ttf-mscorefonts-installer
- - ttf-opensymbol
- - fonts-unfonts-core
- - fonts-ipafont-gothic
- - fonts-ipafont-mincho
- - fonts-arphic-ukai
- - fonts-arphic-uming
+ apt:
+ state: present
+ name:
+ - ttf-mscorefonts-installer
+ - ttf-opensymbol
+ - fonts-unfonts-core
+ - fonts-ipafont-gothic
+ - fonts-ipafont-mincho
+ - fonts-arphic-ukai
+ - fonts-arphic-uming
- name: ensure unwanted applications are uninstalled
- apt: name={{ item }} state=absent
- with_items:
- - network-manager
- - update-manager-core
- - update-manager-gnome
- - popularity-contest
- - konqueror
- - lirc
+ apt:
+ state: absent
+ purge: true
+ name:
+ - network-manager
+ - update-manager-core
+ - update-manager-gnome
+ - popularity-contest
+ - konqueror
+ - lirc
diff --git a/guest-overlay/tasks/main.yml b/guest-overlay/tasks/main.yml
index 4ae63c4..69bdc96 100644
--- a/guest-overlay/tasks/main.yml
+++ b/guest-overlay/tasks/main.yml
@@ -1,27 +1,28 @@
---
-#file: main.yml
+# file: main.yml
- name: ensure we have our guest group
- group: name=gast gid=1000 state=present
+ group:
+ name: gast
+ gid: 1000
+ state: present
tags:
- - groups
- guest-overlay
- name: ensure we have our guest user
- user:
- name: gast
- uid: 1000
- createhome: no
- home: "/guests/home/gast"
- group: gast
+ user:
+ name: gast
+ uid: 1000
+ createhome: false
+ home: "/guests/home/gast"
+ group: gast
+ # yamllint disable-line rule:line-length
password: $6$F03ruuLNpygmNPj0$fYWL/GFUowsCFxn1kH6rEG1CgdX99jTCWhDpkd4fLBWAQtEsp2PudDHUUUvNaM3MO9kfW4fONSy5ui61hwidc.
shell: "/bin/bash"
state: present
tags:
- - users
- guest-overlay
-
- name: ensure aufs and pam-mount are available
apt:
name:
@@ -33,7 +34,10 @@
- packages
- name: ensure aufs mountpoints are available
- file: path=/guests/{{ item }} state=directory recurse=yes
+ file:
+ path: "/guests/{{ item }}"
+ state: directory
+ recurse: true
with_items:
- home
- provision
@@ -43,34 +47,32 @@
- mount
- name: ensure the squasfs is created
- local_action: command mksquashfs "{{ role_path }}/files/provision" "{{ role_path }}/files/provision.squashfs" -force-uid 1000 -force-gid 1000
- run_once: True
+ # yamllint disable-line rule:line-length
+ command: mksquashfs "{{ role_path }}/files/provision" "{{ role_path }}/files/provision.squashfs" -force-uid 1000 -force-gid 1000
+ run_once: true
+ delegate_to: 'localhost'
tags:
- guest-overlay
- squashfs
- mount
- name: ensure the guest's home directory is provisioned
- copy:
+ copy:
src: provision.squashfs
dest: /guests/provision.squashfs
owner: root
group: root
- mode: 0644
- tags:
+ mode: '0644'
+ tags:
- guest-overlay
- - mount
- provision
- squashfs
- name: deployment of our pam-mount config
- copy: src=pam_mount.conf.xml dest=/etc/security/pam_mount.conf.xml
+ copy:
+ src: pam_mount.conf.xml
+ dest: /etc/security/pam_mount.conf.xml
notify:
- restart sddm
tags:
- guest-overlay
- - config
-
-
-
-
diff --git a/pyxtrlock/tasks/main.yml b/pyxtrlock/tasks/main.yml
index 9d0f774..c959382 100644
--- a/pyxtrlock/tasks/main.yml
+++ b/pyxtrlock/tasks/main.yml
@@ -2,20 +2,30 @@
# file: roles/client/tasks/pyxtrlock.yml
- name: ensure we got some virtualenv
- pip: virtualenv=/opt/pyxtrlock virtualenv_command="virtualenv -p /usr/bin/python3" name={{ item }}
+ pip:
+ virtualenv: /opt/pyxtrlock
+ virtualenv_command: "virtualenv -p /usr/bin/python3"
+ name: "{{ item }}"
with_items:
- simplepam
- pyxdg
tags: pyxtrlock
- name: ensure we got a copy of pyxtrlock
- git: repo=git://github.com/leonnnn/pyxtrlock.git dest=/opt/pyxtrlock/pyxtrlock accept_hostkey=yes
+ git:
+ repo: git://github.com/leonnnn/pyxtrlock.git
+ dest: /opt/pyxtrlock/pyxtrlock
+ accept_hostkey: true
tags: pyxtrlock
- name: ensure there is no mouse symbol
- command: ../bin/python make_empty_lock.py chdir=/opt/pyxtrlock/pyxtrlock
+ command: ../bin/python make_empty_lock.py
+ args:
+ chdir: /opt/pyxtrlock/pyxtrlock
tags: pyxtrlock
- name: ensure setup of pyxtrlock
- command: ../bin/python setup.py install chdir=/opt/pyxtrlock/pyxtrlock
+ command: ../bin/python setup.py install
+ args:
+ chdir: /opt/pyxtrlock/pyxtrlock
tags: pyxtrlock
diff --git a/terminalserver/handlers/main.yml b/terminalserver/handlers/main.yml
index 5ed7f98..327005c 100644
--- a/terminalserver/handlers/main.yml
+++ b/terminalserver/handlers/main.yml
@@ -1,5 +1,10 @@
+---
+
- name: Reload systemd
systemd: daemon-reload=yes
- name: Restart cron
systemd: name=cron state=restarted
+
+- name: update apt cache
+ apt: update_cache=yes
diff --git a/terminalserver/tasks/x2go.yml b/terminalserver/tasks/x2go.yml
index adebcd5..526ac99 100644
--- a/terminalserver/tasks/x2go.yml
+++ b/terminalserver/tasks/x2go.yml
@@ -2,34 +2,36 @@
# file: roles/portal/tasks/x2go.yml
- name: ensure apt key for x2go is present
- apt_key: keyserver=keys.gnupg.net id=E1F958385BFE2B6E state=present
+ apt_key:
+ keyserver: keys.gnupg.net
+ id: E1F958385BFE2B6E
+ state: present
tags:
- x2go
- repos
- name: ensure repository for x2go is in apt sources
- apt_repository: repo='deb http://packages.x2go.org/debian {{debian_version}} main' state=present
+ apt_repository:
+ repo: 'deb http://packages.x2go.org/debian {{debian_version}} main'
+ state: present
+ notify:
+ - update apt cache
tags:
- x2go
- repos
-- name: ensure apt cache is updated
- apt: update_cache=yes
- tags:
- - x2go
- - packages
+- meta: flush_handlers
- name: ensure x2go keyring is installed
- apt: name=x2go-keyring state=present
+ apt:
+ name: x2go-keyring
+ state: present
+ notify:
+ - update apt cache
tags:
- x2go
- - packages
-- name: ensure apt cache is updated again
- apt: update_cache=yes
- tags:
- - x2go
- - packages
+- meta: flush_handlers
- name: ensure x2go server is installed
apt:
@@ -39,10 +41,11 @@
state: present
tags:
- x2go
- - packages
- name: ensure x2go server is running and enabled
- service: name=x2goserver state=started enabled=yes
+ service:
+ name: x2goserver
+ state: started
+ enabled: true
tags:
- x2go
- - service
--
GitLab