From 247455202a85279b14bf413dd8730194ca274fc1 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Thu, 13 Dec 2018 14:50:47 +0100
Subject: [PATCH] lint yaml files
---
.yamllint | 19 +++++++++
apcupsd/handlers/main.yml | 1 -
apcupsd/tasks/main.yml | 46 +++++++++++++++-------
apticron/tasks/main.yml | 15 ++++---
baremetal/handlers/main.yml | 1 -
baremetal/tasks/main.yml | 4 +-
branding/handlers/main.yml | 1 -
branding/tasks/main.yml | 15 ++++---
cups-client/tasks/main.yml | 22 +++++++----
custom-sudoers/tasks/main.yml | 10 +++--
debian-updates/tasks/main.yml | 24 ++++++------
management/handlers/main.yml | 1 -
management/tasks/main.yml | 10 ++---
nullmailer/tasks/main.yml | 72 ++++++++++++++++------------------
texlive/tasks/main.yml | 74 ++++++++++++-----------------------
15 files changed, 166 insertions(+), 149 deletions(-)
create mode 100644 .yamllint
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000..cca80e2
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,19 @@
+---
+
+extends: default
+
+rules:
+ comments-indentation:
+ level: warning
+ document-start:
+ level: error
+ empty-lines:
+ max: 1
+ empty-values:
+ forbid-in-flow-mappings: true
+ forbid-in-block-mappings: true
+ line-length:
+ level: warning
+ octal-values:
+ forbid-implicit-octal: true
+ level: warning
diff --git a/apcupsd/handlers/main.yml b/apcupsd/handlers/main.yml
index 1b6bc76..e317d28 100644
--- a/apcupsd/handlers/main.yml
+++ b/apcupsd/handlers/main.yml
@@ -2,4 +2,3 @@
- name: restart apcupsd
service: name=apcupsd state=restarted
-
diff --git a/apcupsd/tasks/main.yml b/apcupsd/tasks/main.yml
index 013af18..f2691e9 100644
--- a/apcupsd/tasks/main.yml
+++ b/apcupsd/tasks/main.yml
@@ -2,59 +2,75 @@
# file: roles/baremetal/tasks/apcupsd.yml
- name: ensure apcupsd is installed
- apt: state=present name=apcupsd
+ apt:
+ state: present
+ name: apcupsd
notify:
- restart apcupsd
tags:
- usv
- - packages
- name: ensure apcupsd is configured
- template: src=apcupsd.conf.j2 dest=/etc/apcupsd/apcupsd.conf owner=root group=root mode=0644
+ template:
+ src: apcupsd.conf.j2
+ dest: /etc/apcupsd/apcupsd.conf
+ owner: root
+ group: root
+ mode: '0644'
notify:
- restart apcupsd
tags:
- usv
- - config
- name: gather apcupsd killpower files
local_action: stat path=apcupsd/killpower/{{ ansible_hostname }}
register: killpower
tags:
- usv
- - config
- name: ensure apcupsd killpower is configured
- copy: src=apcupsd/killpower/{{ ansible_hostname }} dest=/etc/apcupsd/killpower owner=root group=root mode=0755
+ copy:
+ src: apcupsd/killpower/{{ ansible_hostname }}
+ dest: /etc/apcupsd/killpower
+ owner: root
+ group: root
+ mode: '0755'
when: killpower.stat.exists
tags:
- usv
- - config
- name: gather apcupsd onbattery files
local_action: stat path=apcupsd/onbattery/{{ ansible_hostname }}
register: onbattery
tags:
- usv
- - config
- name: ensure apcupsd onbattery is configured
- copy: src=apcupsd/onbattery/{{ ansible_hostname }} dest=/etc/apcupsd/onbattery owner=root group=root mode=0755
+ copy:
+ src: apcupsd/onbattery/{{ ansible_hostname }}
+ dest: /etc/apcupsd/onbattery
+ owner: root
+ group: root
+ mode: '0755'
when: onbattery.stat.exists
tags:
- usv
- - config
- name: ensure on vm hosts there is our fancy onbattery script
- copy: src=apcupsd/vm-onbattery.py dest=/etc/apcupsd/onbattery.py owner=root group=root mode=0755
+ copy:
+ src: apcupsd/vm-onbattery.py
+ dest: /etc/apcupsd/onbattery.py
+ owner: root
+ group: root
+ mode: '0755'
when: "'vm' in ansible_hostname"
tags:
- usv
- - config
- name: ensure apcupsd is enabled and running
- service: name=apcupsd state=started enabled=yes
+ service:
+ name: apcupsd
+ state: started
+ enabled: true
tags:
- usv
- - service
-
diff --git a/apticron/tasks/main.yml b/apticron/tasks/main.yml
index c590e6f..4cdf16e 100644
--- a/apticron/tasks/main.yml
+++ b/apticron/tasks/main.yml
@@ -2,15 +2,18 @@
# file: roles/server/tasks/apticron.yml
- name: ensure apticron is installed
- apt: name=apticron state=latest
+ apt:
+ name: apticron
+ state: present
tags:
- - packages
- - server
- apticron
- name: ensure our apticron config is deployed
- template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf owner=root group=root mode=0644
+ template:
+ src: apticron.conf.j2
+ dest: /etc/apticron/apticron.conf
+ owner: root
+ group: root
+ mode: '0644'
tags:
- - config
- - server
- apticron
diff --git a/baremetal/handlers/main.yml b/baremetal/handlers/main.yml
index bba3ef7..87cc545 100644
--- a/baremetal/handlers/main.yml
+++ b/baremetal/handlers/main.yml
@@ -5,4 +5,3 @@
service:
name: lldpd
state: restarted
-
diff --git a/baremetal/tasks/main.yml b/baremetal/tasks/main.yml
index 2ff7227..9532e9d 100644
--- a/baremetal/tasks/main.yml
+++ b/baremetal/tasks/main.yml
@@ -20,7 +20,7 @@
dest: /etc/default/lldpd
owner: root
group: root
- mode: 0644
+ mode: '0644'
notify:
- restart lldpd
tags:
@@ -30,7 +30,7 @@
service:
name: lldpd
state: started
- enabled: yes
+ enabled: true
tags:
- baremetal
diff --git a/branding/handlers/main.yml b/branding/handlers/main.yml
index bb8554c..aff3f50 100644
--- a/branding/handlers/main.yml
+++ b/branding/handlers/main.yml
@@ -2,4 +2,3 @@
- name: update apt cache
apt: update_cache=yes
-
diff --git a/branding/tasks/main.yml b/branding/tasks/main.yml
index ca9a69f..477bed3 100644
--- a/branding/tasks/main.yml
+++ b/branding/tasks/main.yml
@@ -7,7 +7,7 @@
dest: /etc/motd
owner: root
group: root
- mode: 0644
+ mode: '0644'
when:
- branding_motd is defined
- branding_motd != ""
@@ -21,7 +21,7 @@
dest: /etc/issue.net
owner: root
group: root
- mode: 0644
+ mode: '0644'
when:
- branding_issuenet is defined
- branding_issuenet != ""
@@ -35,20 +35,20 @@
dest: /root/.gitconfig
owner: root
group: root
- mode: 0640
+ mode: '0640'
tags:
- branding
- shell
- root
-
+
- name: ensure dir for CA certs exisits
file:
path: /etc/ssl/certs
state: directory
owner: root
group: root
- mode: 0755
- recurse: yes
+ mode: '0755'
+ recurse: true
tags:
- branding
- tls
@@ -59,7 +59,7 @@
dest: "/etc/ssl/certs/{{ item|basename }}"
owner: root
group: root
- mode: 0644
+ mode: '0644'
with_items: "{{ branding_cacerts }}"
when: branding_cacerts is defined
tags:
@@ -101,4 +101,3 @@
tags:
- branding
- repos
-
diff --git a/cups-client/tasks/main.yml b/cups-client/tasks/main.yml
index 7965918..a9d1379 100644
--- a/cups-client/tasks/main.yml
+++ b/cups-client/tasks/main.yml
@@ -9,27 +9,35 @@
state: latest
tags:
- cups-client
- - packages
- name: ensure there is a cups folder
- file: path=/etc/cups state=directory
+ file:
+ path: /etc/cups
+ state: directory
tags:
- cups-client
- - packages
- name: ensure cups-client is properly configured
- template: src=cups-client.conf.j2 dest=/etc/cups/client.conf owner=root group=root mode=0644
+ template:
+ src: cups-client.conf.j2
+ dest: /etc/cups/client.conf
+ owner: root
+ group: root
+ mode: '0644'
tags:
- cups-client
- - config
# currently this is fsmpi-only
- name: ensure we got a usable shell printing interface
- copy: src=drucken.py dest=/usr/local/bin/drucken owner=root group=root mode=0755
+ copy:
+ src: drucken.py
+ dest: /usr/local/bin/drucken
+ owner: root
+ group: root
+ mode: '0755'
when: domain == "fsmpi.rwth-aachen.de"
tags:
- cups-client
- fsmpi
- - software
- meta: flush_handlers
diff --git a/custom-sudoers/tasks/main.yml b/custom-sudoers/tasks/main.yml
index 0a8c8d9..7b6fa3e 100644
--- a/custom-sudoers/tasks/main.yml
+++ b/custom-sudoers/tasks/main.yml
@@ -2,14 +2,16 @@
# file: roles/custom-sudoers/tasks/main.yml
- name: ensure deployment of customized sudoers
- template: src=sudoers.j2 dest=/etc/sudoers.d/custom owner=root group=root mode=0440
+ template:
+ src: sudoers.j2
+ dest: /etc/sudoers.d/custom
+ owner: root
+ group: root
+ mode: '0440'
tags:
- sudo
- - config
- name: check whole sudo config
command: visudo -q -c -f /etc/sudoers
tags:
- sudo
- - test
-
diff --git a/debian-updates/tasks/main.yml b/debian-updates/tasks/main.yml
index e111da5..053f02b 100644
--- a/debian-updates/tasks/main.yml
+++ b/debian-updates/tasks/main.yml
@@ -26,17 +26,17 @@
dest: /root/.ssh/debian_updates
owner: root
group: root
- mode: 0600
+ mode: '0600'
tags:
- debian-updates
# https://github.com/ansible/ansible/issues/27699
-- name: ensure fucking git module is able to clone
+- name: ensure git module is able to clone
command: mount -o remount,exec /tmp
tags:
- debian-updates
-- name: ensure the git is at the current revision
+- name: ensure git is at the current revision
git:
repo: git@git.fsmpi.rwth-aachen.de:larsb/debian-updates.git
dest: /opt/debian-updates
@@ -45,7 +45,7 @@
tags:
- debian-updates
-- name: ensure fucking git module is not able to clone anymore
+- name: ensure git module is not able to clone anymore
command: mount -o remount,noexec /tmp
tags:
- debian-updates
@@ -54,22 +54,22 @@
copy:
src: /opt/debian-updates/apticron.json.example
dest: /opt/debian-updates/apticron.json
- mode: 0666 # mail is delivered by nobody
+ mode: '0666' # mail is delivered by nobody
owner: root
group: root
- remote_src: True
- force: False
+ remote_src: true
+ force: false
tags:
- debian-updates
- name: ensure the lock file exists
copy:
- content: "" # no, the file module is not sufficient
+ content: "" # no, the file module is not sufficient
dest: /opt/debian-updates/.json-sync.lock
owner: root
group: root
- mode: 0666 # mail is delivered by nobody
- force: False
+ mode: '0666' # mail is delivered by nobody
+ force: false
tags:
- debian-updates
@@ -77,7 +77,7 @@
template:
src: config.py.j2
dest: /opt/debian-updates/config.py
- mode: 0644
+ mode: '0644'
owner: root
group: root
tags:
@@ -93,6 +93,7 @@
- name: ensure apticron messages are retrieved
lineinfile:
+ # yamllint disable-line rule:line-length
line: '{{ apticron_to|regex_replace("@.*$") }}:"|/opt/debian-updates/receive.py"'
path: /etc/aliases
state: present
@@ -100,4 +101,3 @@
- rebuild alias database
tags:
- debian-updates
-
diff --git a/management/handlers/main.yml b/management/handlers/main.yml
index 08544cd..49a1cac 100644
--- a/management/handlers/main.yml
+++ b/management/handlers/main.yml
@@ -9,4 +9,3 @@
command: python setup.py egg_info
args:
chdir: /opt/ansible
-
diff --git a/management/tasks/main.yml b/management/tasks/main.yml
index d03f7c3..659cec7 100644
--- a/management/tasks/main.yml
+++ b/management/tasks/main.yml
@@ -7,10 +7,10 @@
- python-jinja2
- python-paramiko
- python-cryptography
- - python-sphinx # documentation
+ - python-sphinx # documentation
- python-packaging
- - asciidoc # documentation
- - squashfs-tools # needed for guest-overlay
+ - asciidoc # documentation
+ - squashfs-tools # needed for guest-overlay
state: present
tags:
- management
@@ -19,7 +19,7 @@
- name: ensure ansible is up to date
git:
dest: /opt/ansible
- recursive: yes
+ recursive: true
repo: https://github.com/ansible/ansible.git
version: "{{ mgmt_ansible_version }}"
notify:
@@ -35,7 +35,7 @@
dest: /etc/profile.d/ansible.sh
owner: root
group: root
- mode: 0644
+ mode: '0644'
tags:
- management
- ansible
diff --git a/nullmailer/tasks/main.yml b/nullmailer/tasks/main.yml
index 7d5ad37..bbfa66b 100644
--- a/nullmailer/tasks/main.yml
+++ b/nullmailer/tasks/main.yml
@@ -2,17 +2,18 @@
# file: roles/nullmailer/tasks/main.yml
- name: ensure nullmailer is installed
- apt: name=nullmailer state=latest
+ apt:
+ name: nullmailer
+ state: present
notify:
- restart nullmailer
tags:
- - packages
- nullmailer
- name: ensure other smtp daemons are uninstalled
apt:
state: absent
- purge: yes
+ purge: true
name:
- exim4
- postfix
@@ -30,67 +31,62 @@
- exim4-daemon-heavy
- exim4-daemon-light
tags:
- - packages
- nullmailer
- name: ensure nullmailer got a hostname
- template: src=me.j2 dest=/etc/nullmailer/me owner=root group=root mode=0644
+ template:
+ src: "{{ item }}.j2"
+ dest: "/etc/nullmailer/{{ item }}"
+ owner: root
+ group: root
+ mode: '0644'
+ with_items:
+ - me
+ - defaultdomain
+ - defaulthost
+ - remotes
notify:
- restart nullmailer
tags:
- - config
- - nullmailer
-
-- name: ensure nullmailer got a default domain
- template: src=defaultdomain.j2 dest=/etc/nullmailer/defaultdomain owner=root group=root mode=0644
- notify:
- - restart nullmailer
- tags:
- - config
- nullmailer
- name: ensure the system got a default domain
- template: src=defaultdomain.j2 dest=/etc/mailname owner=root group=root mode=0644
+ template:
+ src: defaultdomain.j2
+ dest: /etc/mailname
+ owner: root
+ group: root
+ mode: '0644'
notify:
- restart nullmailer
tags:
- - config
- - nullmailer
-
-- name: ensure nullmailer got a default mailhost suffix
- template: src=defaulthost.j2 dest=/etc/nullmailer/defaulthost owner=root group=root mode=0644
- notify:
- - restart nullmailer
- tags:
- - config
- nullmailer
- name: ensure nullmailer has no admin address
- file: state=absent path=/etc/nullmailer/adminaddr
+ file:
+ state: absent
+ path: /etc/nullmailer/adminaddr
notify:
- restart nullmailer
tags:
- - config
- nullmailer
- name: ensure we got some aliases in case they are needed
- template: src=aliases.j2 dest=/etc/aliases owner=root group=root mode=0644
- tags:
- - config
- - nullmailer
-
-- name: ensure nullmailer got some remotes to send mail to
- template: src=remotes.j2 dest=/etc/nullmailer/remotes owner=root group=root mode=0644
- notify:
- - restart nullmailer
+ template:
+ src: aliases.j2
+ dest: /etc/aliases
+ owner: root
+ group: root
+ mode: '0644'
tags:
- - config
- nullmailer
- name: ensure nullmailer is enabled and running
- service: name=nullmailer state=started enabled=yes
+ service:
+ name: nullmailer
+ state: started
+ enabled: true
tags:
- - service
- nullmailer
- meta: flush_handlers
diff --git a/texlive/tasks/main.yml b/texlive/tasks/main.yml
index 8a5272e..868635d 100644
--- a/texlive/tasks/main.yml
+++ b/texlive/tasks/main.yml
@@ -1,7 +1,6 @@
---
# file: roles/texlive/tasks/main.yml
-
# this should be a real subset of texlive-full but not more than necessary
- name: ensure texlive is installed
apt:
@@ -20,31 +19,30 @@
- texlive-bibtex-extra
- biber
state: present
- install_recommends: no
+ install_recommends: false
tags:
- texlive
- - packages
-- name: ensure some texlive recommandations are installed
+- name: ensure some texlive recommendations are installed
apt:
name:
- - ghostscript
- - lmodern
- - texlive-fonts-recommended-doc
+ - ghostscript
+ - lmodern
+ - texlive-fonts-recommended-doc
- tex-gyre
- - texlive-humanities-doc
- - texlive-latex-base-doc
+ - texlive-humanities-doc
+ - texlive-latex-base-doc
- texlive-latex-extra-doc
- prosper
- - texlive-latex-recommended-doc
- - texlive-pictures-doc
- - prerex
- - texlive-publishers-doc
+ - texlive-latex-recommended-doc
+ - texlive-pictures-doc
+ - prerex
+ - texlive-publishers-doc
- texlive-science-doc
- - libfile-mimeinfo-perl
- - libnet-dbus-perl
- - libx11-protocol-perl
- - x11-utils
+ - libfile-mimeinfo-perl
+ - libnet-dbus-perl
+ - libx11-protocol-perl
+ - x11-utils
- x11-xserver-utils
- texlive-lang-greek
- fonts-cmu
@@ -52,44 +50,24 @@
- texlive-fonts-extra
- texlive-generic-extra
state: present
- install_recommends: no
+ install_recommends: false
tags:
- texlive
- - packages
-- name: ensure some texlive recommandations are installed for jessie
- apt: name=fonts-droid state=latest install_recommends=no
+- name: ensure some texlive recommendations are installed for jessie
+ apt:
+ name: fonts-droid
+ state: present
+ install_recommends: false
when: ansible_distribution_release == "jessie"
tags:
- texlive
- - packages
-- name: ensure some texlive recommandations are installed for stretch
- apt: name=fonts-droid-fallback state=latest install_recommends=no
+- name: ensure some texlive recommendations are installed for stretch
+ apt:
+ name: fonts-droid-fallback
+ state: present
+ install_recommends: false
when: ansible_distribution_release == "stretch"
tags:
- texlive
- - packages
-
-#- name: figure out if texlive is installed
-# command: dpkg -L texlive-full
-# failed_when: False
-# changed_when: False
-# register: texlive_installed
-# tags:
-# - texlive
-# - packages
-
-# we do not check here for unmet dependencies because apt and dpkg do not let
-# us know about stuff easily for a single package, also apt wants to correct,
-# if any. because install actions fail with apt when there are broken deps and
-# we got some update everything tasks, this should be handled anyway.
-
-#- name: ensure texlive is installed
-# apt: name=texlive-full state=latest
-# when: texlive_installed.rc == 1
-# tags:
-# - texlive
-# - packages
-
-#- meta: flush_handlers
--
GitLab