From 2b2bd06512eb479e8d9c64b006773b4fd6645a2b Mon Sep 17 00:00:00 2001
From: Frederik Schwan <frederik.schwan@linux.com>
Date: Fri, 12 Jun 2020 21:55:13 +0200
Subject: [PATCH] fix E206 'Variables should have spaces before and after: {{
var_name }}'
---
playbooks/luna.yml | 4 ++--
playbooks/rsync.net.yml | 2 +-
playbooks/tasks/fetch-borg-keys.yml | 12 ++++++------
playbooks/tasks/pacman-website.yml | 12 ++++++------
playbooks/vostok.yml | 2 +-
roles/arch32_mirror/tasks/main.yml | 2 +-
roles/archbuild/tasks/main.yml | 2 +-
roles/archusers/tasks/main.yml | 6 +++---
roles/archwiki/handlers/main.yml | 4 ++--
roles/archwiki/tasks/main.yml | 4 +---
roles/certbot/tasks/main.yml | 2 +-
roles/conf.archlinux.org/tasks/main.yml | 6 +++---
roles/dbscripts/tasks/main.yml | 6 +++---
roles/docker-image/tasks/main.yml | 4 ++--
roles/dovecot/tasks/main.yml | 2 +-
roles/fail2ban/tasks/main.yml | 4 ++--
roles/firewalld/tasks/main.yml | 4 ++--
roles/flyspray/tasks/main.yml | 2 --
roles/kanboard/tasks/main.yml | 8 ++++----
roles/mariadb/tasks/main.yml | 2 +-
roles/matrix/tasks/main.yml | 2 +-
roles/nginx/tasks/main.yml | 2 +-
roles/opendkim/tasks/main.yml | 8 ++++----
roles/postfix/handlers/main.yml | 2 +-
roles/postfix/tasks/main.yml | 18 +++++++++---------
roles/postgres/tasks/main.yml | 4 ++--
roles/public_html/tasks/main.yml | 2 +-
roles/spampd/tasks/main.yml | 4 ++--
roles/syncrepo/tasks/main.yml | 2 +-
29 files changed, 65 insertions(+), 69 deletions(-)
diff --git a/playbooks/luna.yml b/playbooks/luna.yml
index 7c1602f83..8a9f4b740 100644
--- a/playbooks/luna.yml
+++ b/playbooks/luna.yml
@@ -5,7 +5,7 @@
remote_user: root
tasks:
- name: open firewall holes for services
- firewalld: service={{item}} permanent=true state=enabled immediate=yes
+ firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- zabbix-agent
- http
@@ -18,7 +18,7 @@
- firewall
- name: open firewall holes for ports
- firewalld: port={{item}} permanent=true state=enabled immediate=yes
+ firewalld: port={{ item }} permanent=true state=enabled immediate=yes
with_items:
- 6969/tcp
- 4949/tcp
diff --git a/playbooks/rsync.net.yml b/playbooks/rsync.net.yml
index ef8e05519..b0946c072 100644
--- a/playbooks/rsync.net.yml
+++ b/playbooks/rsync.net.yml
@@ -4,4 +4,4 @@
hosts: ch-s012.rsync.net
gather_facts: False
roles:
- - { role: rsync_net, backup_dir: "backup", backup_clients: "{{groups['borg_clients']}}", tags: ["borg"] }
+ - { role: rsync_net, backup_dir: "backup", backup_clients: "{{ groups['borg_clients'] }}", tags: ["borg"] }
diff --git a/playbooks/tasks/fetch-borg-keys.yml b/playbooks/tasks/fetch-borg-keys.yml
index 8064bb19c..7b870140c 100644
--- a/playbooks/tasks/fetch-borg-keys.yml
+++ b/playbooks/tasks/fetch-borg-keys.yml
@@ -17,15 +17,15 @@
register: borg_offsite_key
- name: save borg key
- shell: gpg --batch --armor --encrypt --output - >"{{playbook_dir}}/../../borg-keys/{{inventory_hostname}}.gpg" {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %}
+ shell: gpg --batch --armor --encrypt --output - >"{{ playbook_dir }}/../../borg-keys/{{ inventory_hostname }}.gpg" {% for userid in root_gpgkeys %}--recipient {{ userid }} {% endfor %}
args:
- stdin: "{{borg_key.stdout}}"
- chdir: "{{playbook_dir}}/../.."
+ stdin: "{{ borg_key.stdout }}"
+ chdir: "{{ playbook_dir }}/../.."
delegate_to: localhost
- name: save borg offsite key
- shell: gpg --batch --armor --encrypt --output - >"{{playbook_dir}}/../../borg-keys/{{inventory_hostname}}-offsite.gpg" {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %}
+ shell: gpg --batch --armor --encrypt --output - >"{{ playbook_dir }}/../../borg-keys/{{ inventory_hostname }}-offsite.gpg" {% for userid in root_gpgkeys %}--recipient {{ userid }} {% endfor %}
args:
- stdin: "{{borg_offsite_key.stdout}}"
- chdir: "{{playbook_dir}}/../.."
+ stdin: "{{ borg_offsite_key.stdout }}"
+ chdir: "{{ playbook_dir }}/../.."
delegate_to: localhost
diff --git a/playbooks/tasks/pacman-website.yml b/playbooks/tasks/pacman-website.yml
index 3309e382f..24f59021e 100644
--- a/playbooks/tasks/pacman-website.yml
+++ b/playbooks/tasks/pacman-website.yml
@@ -11,21 +11,21 @@
register: tempdir
- name: fetch pacman tarball
- get_url: url=https://sources.archlinux.org/other/pacman/pacman-{{pacman_version}}.tar.gz dest={{tempdir.path}}/pacman.tar.gz
+ get_url: url=https://sources.archlinux.org/other/pacman/pacman-{{ pacman_version }}.tar.gz dest={{ tempdir.path }}/pacman.tar.gz
- name: create extraction dir
- file: path={{tempdir.path}}/pacman state=directory
+ file: path={{ tempdir.path }}/pacman state=directory
- name: unpack tarball
- unarchive: src={{tempdir.path}}/pacman.tar.gz dest={{tempdir.path}}/pacman/
+ unarchive: src={{ tempdir.path }}/pacman.tar.gz dest={{ tempdir.path }}/pacman/
- name: configure
- shell: ./configure chdir={{tempdir.path}}/pacman/pacman-{{pacman_version}}
+ shell: ./configure chdir={{ tempdir.path }}/pacman/pacman-{{ pacman_version }}
- name: make
- make: chdir={{tempdir.path}}/pacman/pacman-{{pacman_version}}/doc target=website
+ make: chdir={{ tempdir.path }}/pacman/pacman-{{ pacman_version }}/doc target=website
- name: upload website
- unarchive: src={{tempdir.path}}/pacman/pacman-{{pacman_version}}/doc/website.tar.gz dest={{archweb_dir}}/archlinux.org/pacman mode=0644
+ unarchive: src={{ tempdir.path }}/pacman/pacman-{{ pacman_version }}/doc/website.tar.gz dest={{ archweb_dir }}/archlinux.org/pacman mode=0644
delegate_to: apollo.archlinux.org
diff --git a/playbooks/vostok.yml b/playbooks/vostok.yml
index 2ea36aabc..db01d3193 100644
--- a/playbooks/vostok.yml
+++ b/playbooks/vostok.yml
@@ -9,4 +9,4 @@
- { role: sshd, tags: ['sshd'] }
- { role: unbound }
- { role: root_ssh, tags: ['root_ssh'] }
- - { role: borg-server, backup_dir: "/backup", backup_clients: "{{groups['borg_clients']}}", tags: ["borg"] }
+ - { role: borg-server, backup_dir: "/backup", backup_clients: "{{ groups['borg_clients'] }}", tags: ["borg"] }
diff --git a/roles/arch32_mirror/tasks/main.yml b/roles/arch32_mirror/tasks/main.yml
index 5697661eb..c420a87f8 100644
--- a/roles/arch32_mirror/tasks/main.yml
+++ b/roles/arch32_mirror/tasks/main.yml
@@ -1,7 +1,7 @@
---
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ arch32_mirror_domain }}' creates='/etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ arch32_mirror_domain }}' creates='/etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem'
when: 'arch32_mirror_domain is defined'
- name: install rsync
diff --git a/roles/archbuild/tasks/main.yml b/roles/archbuild/tasks/main.yml
index 83d570999..d4837e02b 100644
--- a/roles/archbuild/tasks/main.yml
+++ b/roles/archbuild/tasks/main.yml
@@ -59,7 +59,7 @@
- mkpkg@.service
- name: start and enable archbuild mounts
- service: name={{ item }} enabled={{"yes" if archbuild_fs == 'tmpfs' else "no"}} state={{"started" if archbuild_fs == 'tmpfs' else "stopped"}}
+ service: name={{ item }} enabled={{ "yes" if archbuild_fs == 'tmpfs' else "no" }} state={{ "started" if archbuild_fs == 'tmpfs' else "stopped" }}
with_items:
- var-lib-archbuild.mount
diff --git a/roles/archusers/tasks/main.yml b/roles/archusers/tasks/main.yml
index e0f4c7a54..c15335b6c 100644
--- a/roles/archusers/tasks/main.yml
+++ b/roles/archusers/tasks/main.yml
@@ -17,16 +17,16 @@
with_dict: "{{ arch_users }}"
- name: create .ssh directory
- file: path=/home/{{item.key}}/.ssh state=directory owner={{item.key}} group=users mode=0700
+ file: path=/home/{{ item.key }}/.ssh state=directory owner={{ item.key }} group=users mode=0700
with_dict: "{{ arch_users }}"
- name: configure ssh keys
- template: src=authorized_keys.j2 dest=/home/{{item.key}}/.ssh/authorized_keys owner={{item.key}} group=users mode=0600
+ template: src=authorized_keys.j2 dest=/home/{{ item.key }}/.ssh/authorized_keys owner={{ item.key }} group=users mode=0600
when: item.value.ssh_key is defined
with_dict: "{{ arch_users }}"
- name: remove ssh keys if undefined
- file: path=/home/{{item.key}}/.ssh/authorized_keys state=absent
+ file: path=/home/{{ item.key }}/.ssh/authorized_keys state=absent
when: item.value.ssh_key is not defined
with_dict: "{{ arch_users }}"
diff --git a/roles/archwiki/handlers/main.yml b/roles/archwiki/handlers/main.yml
index 149ae2ab5..f171ee7d4 100644
--- a/roles/archwiki/handlers/main.yml
+++ b/roles/archwiki/handlers/main.yml
@@ -7,6 +7,6 @@
service: name=php-fpm@{{ archwiki_user }} state=restarted
- name: run wiki updatescript
- command: php {{archwiki_dir}}/public/maintenance/update.php --quick
+ command: php {{ archwiki_dir }}/public/maintenance/update.php --quick
become: true
- become_user: "{{archwiki_user}}"
+ become_user: "{{ archwiki_user }}"
diff --git a/roles/archwiki/tasks/main.yml b/roles/archwiki/tasks/main.yml
index b7b4bf9db..b0beeb43f 100644
--- a/roles/archwiki/tasks/main.yml
+++ b/roles/archwiki/tasks/main.yml
@@ -88,8 +88,6 @@
- name: install systemd services/timers
template: src="{{item}}.j2" dest="/etc/systemd/system/{{item}}" owner=root group=root mode=0644
- notify:
- - daemon reload
loop:
- archwiki-runjobs.service
- archwiki-runjobs-wait.service
@@ -115,7 +113,7 @@
service: name=archwiki-memcached.service enabled=yes state=started
- name: ensure question answer file exists and set permissions
- file: state=file path="{{archwiki_question_answer_file}}" owner=root group=root mode=0644
+ file: state=file path="{{ archwiki_question_answer_file }}" owner=root group=root mode=0644
- name: create pacman.d hooks dir
file: state=directory owner=root group=root path=/etc/pacman.d/hooks
diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
index cff18ad5b..fe74a707b 100644
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -21,7 +21,7 @@
service: name=certbot-renewal.timer enabled=yes state=started
- name: open firewall holes for certbot standalone authenticator
- firewalld: service={{item}} permanent=true state=enabled immediate=yes
+ firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- http
when: configure_firewall
diff --git a/roles/conf.archlinux.org/tasks/main.yml b/roles/conf.archlinux.org/tasks/main.yml
index 6652c1fa5..8b663e672 100644
--- a/roles/conf.archlinux.org/tasks/main.yml
+++ b/roles/conf.archlinux.org/tasks/main.yml
@@ -23,14 +23,14 @@
command: hugo
become_user: "{{conference_user}}"
args:
- chdir: "{{conference_dir}}"
+ chdir: "{{ conference_dir }}"
when: release.changed
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ conference_domain }}' creates='/etc/letsencrypt/live/{{ conference_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ conference_domain }}' creates='/etc/letsencrypt/live/{{ conference_domain }}/fullchain.pem'
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ static_conference_domain }}' creates='/etc/letsencrypt/live/{{ static_conference_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ static_conference_domain }}' creates='/etc/letsencrypt/live/{{ static_conference_domain }}/fullchain.pem'
- name: make nginx log dir
file: path=/var/log/nginx/{{ conference_domain }} state=directory owner=root group=root mode=0755
diff --git a/roles/dbscripts/tasks/main.yml b/roles/dbscripts/tasks/main.yml
index 976623cc3..72125503c 100644
--- a/roles/dbscripts/tasks/main.yml
+++ b/roles/dbscripts/tasks/main.yml
@@ -19,7 +19,7 @@
copy: src=sudoers.d dest=/etc/sudoers.d/dbscripts owner=root group=root mode=0600
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ repos_domain }}' creates='/etc/letsencrypt/live/{{ repos_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ repos_domain }}' creates='/etc/letsencrypt/live/{{ repos_domain }}/fullchain.pem'
- name: make nginx log dir
file: path=/var/log/nginx/{{ repos_domain }} state=directory owner=root group=root mode=0755
@@ -41,7 +41,7 @@
name: "{{ item.key }}"
group: users
groups: "{{ item.value.groups | join(',') }}"
- comment: "{{ item.value.name}}"
+ comment: "{{ item.value.name }}"
state: present
with_dict: "{{ arch_users }}"
@@ -62,7 +62,7 @@
pathtmpl: '/home/{user}/staging/{dirname}'
permissions: 755
directories: ['', 'core', 'extra', 'testing', 'staging', 'community', 'community-staging', 'community-testing', 'multilib', 'multilib-staging', 'multilib-testing']
- users: "{{arch_users.keys() | list}}"
+ users: "{{ arch_users.keys() | list }}"
group: users
tags: ["archusers"]
diff --git a/roles/docker-image/tasks/main.yml b/roles/docker-image/tasks/main.yml
index 60b240ae5..155432359 100644
--- a/roles/docker-image/tasks/main.yml
+++ b/roles/docker-image/tasks/main.yml
@@ -8,8 +8,8 @@
- name: clone archlinux-docker repository
become: yes
- become_user: "{{docker_image_user}}"
- git: repo="{{docker_image_git_remote}}" version="{{ docker_image_git_tag }}" dest="{{ docker_image_git_dir }}" force=yes
+ become_user: "{{ docker_image_user }}"
+ git: repo="{{ docker_image_git_remote }}" version="{{ docker_image_git_tag }}" dest="{{ docker_image_git_dir }}" force=yes
- name: install sudoers file
template: src=sudoers.d.j2 dest=/etc/sudoers.d/docker-image
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 9d9f220fe..57b9662ee 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -21,7 +21,7 @@
service: name=dovecot enabled=yes state=started
- name: open firewall holes
- firewalld: service={{item}} permanent=true state=enabled immediate=yes
+ firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- pop3
- pop3s
diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml
index 7bfdcfa95..f73059441 100644
--- a/roles/fail2ban/tasks/main.yml
+++ b/roles/fail2ban/tasks/main.yml
@@ -23,8 +23,8 @@
- name: install local config files
template:
- src: "{{item}}.j2"
- dest: "/etc/fail2ban/{{item}}"
+ src: "{{ item }}.j2"
+ dest: "/etc/fail2ban/{{ item }}"
owner: "root"
group: "root"
mode: 0644
diff --git a/roles/firewalld/tasks/main.yml b/roles/firewalld/tasks/main.yml
index 5bec7463b..39de6c741 100644
--- a/roles/firewalld/tasks/main.yml
+++ b/roles/firewalld/tasks/main.yml
@@ -13,8 +13,8 @@
- name: start and enable firewalld
service:
name: firewalld
- enabled: "{{configure_firewall}}"
- state: "{{configure_firewall | ternary('started', 'stopped') }}"
+ enabled: "{{ configure_firewall }}"
+ state: "{{ configure_firewall | ternary('started', 'stopped') }}"
- name: disable default dhcpv6-client rule
firewalld:
diff --git a/roles/flyspray/tasks/main.yml b/roles/flyspray/tasks/main.yml
index 79514a5fc..aaadecbad 100644
--- a/roles/flyspray/tasks/main.yml
+++ b/roles/flyspray/tasks/main.yml
@@ -81,7 +81,5 @@
tags:
- fail2ban
-
-
- name: start and enable systemd socket
service: name=php-fpm@flyspray.socket state=started enabled=true
diff --git a/roles/kanboard/tasks/main.yml b/roles/kanboard/tasks/main.yml
index 9b300674b..a41f72358 100644
--- a/roles/kanboard/tasks/main.yml
+++ b/roles/kanboard/tasks/main.yml
@@ -7,7 +7,7 @@
user: name=kanboard shell=/bin/false home="{{ kanboard_dir }}" createhome=no
- name: clone kanboard git repo
- git: repo=https://github.com/kanboard/kanboard.git dest="{{kanboard_dir}}" version={{kanboard_version}}
+ git: repo=https://github.com/kanboard/kanboard.git dest="{{ kanboard_dir }}" version={{ kanboard_version }}
- name: install nginx config
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/kanboard.conf owner=root group=root mode=644
@@ -19,7 +19,7 @@
file: path=/var/log/nginx/{{ kanboard_domain }} state=directory owner=root group=root mode=0755
- name: make dirs for webuser
- file: path="{{kanboard_dir}}/{{item}}" owner=kanboard mode=700 state=directory
+ file: path="{{ kanboard_dir }}/{{ item }}" owner=kanboard mode=700 state=directory
with_items:
- data
@@ -30,13 +30,13 @@
become_method: su
- name: create kanboard db
- postgresql_db: db="{{kanboard_db}}"
+ postgresql_db: db="{{ kanboard_db }}"
become: yes
become_user: postgres
become_method: su
- name: install kanboard config
- template: src=config.php.j2 dest="{{kanboard_dir}}/config.php" owner=root group=kanboard mode=640
+ template: src=config.php.j2 dest="{{ kanboard_dir }}/config.php" owner=root group=kanboard mode=640
- name: configure php-fpm
template:
diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml
index 121bae973..820cbd523 100644
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -40,7 +40,7 @@
no_log: true
- name: configure zabbix-agent user
- mysql_user: user={{zabbix_agent_mysql_user}} host=localhost password={{vault_mariadb_users.zabbix_agent}}
+ mysql_user: user={{ zabbix_agent_mysql_user }} host=localhost password={{ vault_mariadb_users.zabbix_agent }}
# TODO: implement in ansible: grant process on *.* to 'zabbix_agent'@'localhost';
diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml
index 507b51960..ca6f7460f 100644
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -1,7 +1,7 @@
---
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ matrix_domain }}' creates='/etc/letsencrypt/live/{{ matrix_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ matrix_domain }}' creates='/etc/letsencrypt/live/{{ matrix_domain }}/fullchain.pem'
when: 'matrix_domain is defined'
- name: install packages
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 50a3801a2..9e15b7107 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -56,7 +56,7 @@
service: name=nginx enabled=yes
- name: open firewall holes
- firewalld: service={{item}} permanent=true state=enabled immediate=yes
+ firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- http
- https
diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml
index 513aff0b6..4a0a15f7a 100644
--- a/roles/opendkim/tasks/main.yml
+++ b/roles/opendkim/tasks/main.yml
@@ -17,15 +17,15 @@
- file: path="/etc/opendkim/private" state=directory owner=root group=root mode=0700
-- name: generate DKIM key for {{dkim_selector}}
- command: opendkim-genkey -r -s {{dkim_selector}} -d archlinux.org --bits=4096
+- name: generate DKIM key for {{ dkim_selector }}
+ command: opendkim-genkey -r -s {{ dkim_selector }} -d archlinux.org --bits=4096
args:
- creates: /etc/opendkim/private/{{dkim_selector}}.private
+ creates: /etc/opendkim/private/{{ dkim_selector }}.private
chdir: /etc/opendkim/private
# see README.md for instruction on how to add the key to DNS. This will fail unless the key in DNS is correct!
- name: verify key in dns
- command: opendkim-testkey -d archlinux.org -s {{dkim_selector}} -k /etc/opendkim/private/{{dkim_selector}}.private -vvv
+ command: opendkim-testkey -d archlinux.org -s {{ dkim_selector }} -k /etc/opendkim/private/{{ dkim_selector }}.private -vvv
tags:
- dkimverify
diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml
index c4994803d..1e403f440 100644
--- a/roles/postfix/handlers/main.yml
+++ b/roles/postfix/handlers/main.yml
@@ -9,7 +9,7 @@
command: postfix reload
- name: postmap additional files
- command: postmap /etc/postfix/{{item}}
+ command: postmap /etc/postfix/{{ item }}
with_items:
- access_client
- access_sender
diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml
index 12ca15e91..ff4b657f6 100644
--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@@ -4,7 +4,7 @@
pacman: name=postfix state=present
- name: install template configs
- template: src={{item}}.j2 dest=/etc/postfix/{{item}} owner=root group=root mode=0644
+ template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
with_items:
- main.cf
- master.cf
@@ -19,7 +19,7 @@
- update aliases db
- name: install additional files
- copy: src={{item}} dest=/etc/postfix/{{item}} owner=root group=root mode=0644
+ copy: src={{ item }} dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
with_items:
- access_client
- access_sender
@@ -49,7 +49,7 @@
when: postfix_smtpd_public
- name: install bouncehandler config
- template: src=wiki-bouncehandler.conf.j2 dest={{postfix_wiki_bounce_config}} owner={{postfix_wiki_bounce_user}} group=root mode=0600
+ template: src=wiki-bouncehandler.conf.j2 dest={{ postfix_wiki_bounce_config }} owner={{ postfix_wiki_bounce_user }} group=root mode=0600
when: postfix_server
- name: install packages for bounce handler
@@ -57,17 +57,17 @@
when: postfix_server
- name: install bouncehandler script
- copy: src=bouncehandler.pl dest={{postfix_wiki_bounce_mail_handler}} owner=root group=root mode=0755
+ copy: src=bouncehandler.pl dest={{ postfix_wiki_bounce_mail_handler }} owner=root group=root mode=0755
when: postfix_server
- name: make bouncehandler user
- user: name={{postfix_wiki_bounce_user}} shell=/bin/false skeleton=/var/empty state={{"present" if postfix_server else "absent"}}
+ user: name={{ postfix_wiki_bounce_user }} shell=/bin/false skeleton=/var/empty state={{ "present" if postfix_server else "absent" }}
- name: start and enable postfix
service: name=postfix enabled=yes state=started
- name: remove old files
- file: path={{item}} state=absent
+ file: path={{ item }} state=absent
with_items:
- compat_maps
- compat_maps.db
@@ -93,8 +93,8 @@
delegate_to: orion.archlinux.org
when: postfix_relayhost != ""
user:
- name: "{{inventory_hostname_short}}"
- comment: "SMTP Relay Account for {{inventory_hostname}}"
+ name: "{{ inventory_hostname_short }}"
+ comment: "SMTP Relay Account for {{ inventory_hostname }}"
group: nobody
password: "{{ postfix_relay_password | password_hash('sha512') }}"
shell: /sbin/nologin
@@ -103,7 +103,7 @@
create_home: no
- name: open firewall holes
- firewalld: service={{item}} permanent=true state=enabled immediate=yes
+ firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- smtp
- smtp-submission
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
index 3c363102a..73636577b 100644
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -67,7 +67,7 @@
- name: open firewall holes to known postgresql ipv4 clients
firewalld: permanent=true state=enabled immediate=yes
- rich_rule="rule family=ipv4 source address={{item}} port protocol=tcp port=5432 accept"
+ rich_rule="rule family=ipv4 source address={{ item }} port protocol=tcp port=5432 accept"
with_items: "{{ postgres_ssl_hosts4 }}"
when: configure_firewall
tags:
@@ -75,7 +75,7 @@
- name: open firewall holes to known postgresql ipv6 clients
firewalld: permanent=true state=enabled immediate=yes
- rich_rule="rule family=ipv6 source address={{item}} port protocol=tcp port=5432 accept"
+ rich_rule="rule family=ipv6 source address={{ item }} port protocol=tcp port=5432 accept"
with_items: "{{ postgres_ssl_hosts6 }}"
when: configure_firewall
tags:
diff --git a/roles/public_html/tasks/main.yml b/roles/public_html/tasks/main.yml
index 415c116e3..81db39fd1 100644
--- a/roles/public_html/tasks/main.yml
+++ b/roles/public_html/tasks/main.yml
@@ -1,7 +1,7 @@
---
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ public_domain }}' creates='/etc/letsencrypt/live/{{ public_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ public_domain }}' creates='/etc/letsencrypt/live/{{ public_domain }}/fullchain.pem'
- name: copy webroot files
copy: src=public_html dest=/srv owner=root group=root mode=0644 directory_mode=0755
diff --git a/roles/spampd/tasks/main.yml b/roles/spampd/tasks/main.yml
index c2dba9fbc..d17fdf2e1 100644
--- a/roles/spampd/tasks/main.yml
+++ b/roles/spampd/tasks/main.yml
@@ -35,13 +35,13 @@
file: path=/etc/mail/spamassassin/sa-update-keys mode=700 owner=root group=root state=directory
- name: add gpg keys to SA keyring
- command: /usr/bin/vendor_perl/sa-update --import "/etc/mail/spamassassin/{{item}}"
+ command: /usr/bin/vendor_perl/sa-update --import "/etc/mail/spamassassin/{{ item }}"
with_items:
- yerp.gpg.key
- zmi.gpg.key
- name: install SA configs
- template: src={{item}}.j2 dest=/etc/mail/spamassassin/{{item}} owner=root group=root mode=0644
+ template: src={{ item }}.j2 dest=/etc/mail/spamassassin/{{ item }} owner=root group=root mode=0644
notify:
restart spampd
loop:
diff --git a/roles/syncrepo/tasks/main.yml b/roles/syncrepo/tasks/main.yml
index e9ff487e7..9afaf36b3 100644
--- a/roles/syncrepo/tasks/main.yml
+++ b/roles/syncrepo/tasks/main.yml
@@ -1,7 +1,7 @@
---
- name: create ssl cert
- command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ mirror_domain }}' creates='/etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem'
+ command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ mirror_domain }}' creates='/etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem'
when: 'mirror_domain is defined'
- name: install rsync
--
GitLab