Skip to content
Snippets Groups Projects
Commit bede1044 authored by Evangelos Foutras's avatar Evangelos Foutras :smiley_cat:
Browse files

Merge branch 'ansible-lint-6.6.0' into 'master'

Fix lint warnings and errors with ansible-lint 6.6.0

See merge request !631
parents 1ae3a815 08712c79
No related branches found
No related tags found
1 merge request!631Fix lint warnings and errors with ansible-lint 6.6.0
Pipeline #30169 passed
Showing
with 68 additions and 38 deletions
......@@ -2,7 +2,7 @@ image: "archlinux:latest"
ansible-lint:
before_script:
- pacman -Syu --needed --noconfirm ansible-lint ansible
- pacman -Syu --needed --noconfirm ansible-lint ansible python-jmespath
script:
# Fix weird ansible bug: https://github.com/trailofbits/algo/issues/1637
# This probably happens due to gitlab-runner mounting the git repo into the container
......
......@@ -8,7 +8,7 @@
with_dict: "{{ arch_users }}"
- name: Create Arch Linux-specific users
user:
ansible.builtin.user:
name: "{{ item.key }}"
group: users
groups: "{{ item.value.groups | join(',') }}"
......
......@@ -20,28 +20,28 @@
- name: Set archweb groups
user: name=archweb groups=uwsgi
when: archweb_site|bool
when: archweb_site | bool
- name: Create ssl cert
include_role:
name: certificate
vars:
domains: "{{ [archweb_domain] + archweb_alternate_domains }}"
when: archweb_site|bool and maintenance is not defined
when: archweb_site | bool and maintenance is not defined
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archweb_nginx_conf }}" owner=root group=root mode=644
notify: Reload nginx
when: archweb_site|bool and maintenance is not defined
when: archweb_site | bool and maintenance is not defined
tags: ['nginx']
- name: Make nginx log dir
file: path=/var/log/nginx/{{ archweb_domain }} state=directory owner=root group=root mode=0755
when: archweb_site|bool
when: archweb_site | bool
- name: Make rsync iso dir
file: path={{ archweb_rsync_iso_dir }} state=directory owner=archweb group=archweb mode=0755
when: archweb_site|bool
when: archweb_site | bool
- name: Clone archweb repo
git: >
......@@ -67,7 +67,7 @@
- name: Create media dir
file: state=directory owner=archweb group=archweb mode=0755 path="{{ archweb_dir }}/media"
when: archweb_site|bool
when: archweb_site | bool
- name: Fix home permissions
file: state=directory owner=archweb group=archweb mode=0755 path="{{ archweb_dir }}"
......@@ -211,7 +211,7 @@
template: src="archweb-memcached.service.j2" dest="/etc/systemd/system/archweb-memcached.service" owner=root group=root mode=0644
notify:
- Daemon reload
when: archweb_site|bool
when: archweb_site | bool
- name: Install archweb rsync iso service and timer
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
......@@ -220,11 +220,11 @@
- archweb-rsync_iso.timer
notify:
- Daemon reload
when: archweb_site|bool
when: archweb_site | bool
- name: Deploy archweb
template: src=archweb.ini.j2 dest=/etc/uwsgi/vassals/archweb.ini owner=archweb group=http mode=0640
when: archweb_site|bool
when: archweb_site | bool
- name: Deploy new release
file: path=/etc/uwsgi/vassals/archweb.ini state=touch owner=archweb group=http mode=0640
......@@ -240,7 +240,7 @@
with_items:
- archweb-memcached.service
- archweb-rsync_iso.timer
when: archweb_site|bool
when: archweb_site | bool
- name: Start and enable archweb reporead service
service: name="archweb-reporead.service" enabled=yes state=started
......@@ -288,7 +288,7 @@
- name: Create retro dir
file: state=directory owner=archweb group=archweb mode=0755 path="{{ archweb_retro_dir }}"
when: archweb_site|bool
when: archweb_site | bool
- name: Clone archweb-retro repo
git:
......@@ -297,4 +297,4 @@
version: "{{ archweb_retro_commit_hash }}"
become: true
become_user: archweb
when: archweb_site|bool
when: archweb_site | bool
galaxy_info:
description: archwiki role
standalone: false
dependencies:
- role: nginx
......@@ -2,7 +2,7 @@
pacman: name=borg state=present
- name: Create borg user
user:
ansible.builtin.user:
name: borg
home: "{{ backup_dir }}"
......
......@@ -39,7 +39,7 @@
- nginx
- name: Create Arch Linux-specific users
user:
ansible.builtin.user:
name: "{{ item.key }}"
group: users
groups: "{{ item.value.groups | join(',') }}"
......
galaxy_info:
description: geo_dns role
standalone: false
dependencies:
- role: geoipupdate
vars:
......
......@@ -31,7 +31,7 @@
register: tempfile
- name: Fill tempfile
copy: content="{{ lookup('template', 'authorized_keys.j2') }}" dest="{{ tempfile.path }}" mode=preserve
template: src=authorized_keys.j2 dest={{ tempfile.path }} mode=preserve
no_log: true
- name: Upload authorized_keys for Arch DevOps
......@@ -83,7 +83,7 @@
- name: Update list of sub-accounts
set_fact:
subaccounts: "{{ subaccounts + [item.json.subaccount | combine({'comment':item.invocation.module_args.body.comment})] }}"
subaccounts: "{{ subaccounts + [item.json.subaccount | combine({'comment': item.invocation.module_args.body.comment})] }}"
loop: "{{ new_subaccounts_raw.results }}"
loop_control:
label: "{{ item.invocation.module_args.body.comment }}"
......
- name: Fill tempfile
copy: content="{{ lookup('template', 'authorized_keys_client.j2') }}" dest="{{ tempfile.path }}" mode=preserve
template: src=authorized_keys_client.j2 dest={{ tempfile.path }} mode=preserve
no_log: true
- name: Upload authorized_keys file to {{ backup_dir }}/{{ item.item }}
......
......@@ -27,11 +27,11 @@
- name: Partition and format the disks (btrfs RAID)
command: mkfs.btrfs -f -L root -d {{ raid_level | default('raid1') }} -m {{ raid_level | default('raid1') }} -O no-holes {{ system_disks | map('regex_replace', '^(.*)$', '\g<1>p2' if 'nvme' in system_disks[0] else '\g<1>2') | join(' ') }}
when: filesystem == "btrfs" and system_disks|length >= 2
when: filesystem == "btrfs" and system_disks | length >= 2
- name: Partition and format the disks (btrfs single)
command: mkfs.btrfs -f -L root -d single -m single -O no-holes {{ system_disks[0] }}{{ 'p2' if 'nvme' in system_disks[0] else '2' }}
when: filesystem == "btrfs" and system_disks|length == 1
when: filesystem == "btrfs" and system_disks | length == 1
- name: Mount the filesystem (btrfs)
mount: src="{{ system_disks[0] }}{{ 'p2' if 'nvme' in system_disks[0] else '2' }}" path=/mnt state=mounted fstype=btrfs opts="compress-force=zstd,space_cache=v2"
......
......@@ -45,11 +45,17 @@ lists:
arch-general:
description: General Discussion about Arch Linux
display_name: Arch-general
info: "This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here.\n\nYou must be subscribed to the list in order to post to it."
info: |
This mailing list hosts general discusson about the Arch Linux distribution. Questions, problems, and new development ideas can be posted here.
You must be subscribed to the list in order to post to it.
arch-mirrors-announce:
description: List for mirror admins to send announcements (like downtime notifications) to our users
display_name: Arch-mirrors-announce
info: "This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror.\r\n\r\nThis list also accepts mails from non-subscribers."
info: |
This list is intended for admins of Arch Linux mirrors that want to notify our users about downtime of their mirror.
This list also accepts mails from non-subscribers.
arch-mirrors:
description: Arch Linux Mirroring Discussion and Announcements
display_name: Arch-mirrors
......@@ -67,7 +73,12 @@ lists:
arch-projects:
description: Arch Linux projects development discussion
display_name: Arch-projects
info: "Announcements, development discussion, patches and pull requests for the Arch Linux projects:<ul><li><a target=\"blank\" href=\"https://github.com/archlinux/archweb/\">archweb</a> (patches preferably on Github as pull requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/arch-release-promotion/\">arch-release-promotion</a> (patches only on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/dbscripts/\">dbscripts</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/devtools/\">devtools</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://github.com/archlinux/mkinitcpio/\">mkinitcpio</a> (patches preferably on Github as pull requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/namcap/\">namcap</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/netctl/\">netctl</a> (patches preferably on the mailing list)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/pyalpm/\">pyalpm</a> (patches preferably on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/repod/\">repod</a> (patches only on GitLab as merge requests)</li><li><a target=\"blank\" href=\"https://gitlab.archlinux.org/archlinux/shim-signed/\">shim-signed</a> (contributions preferably on GitLab as merge requests)</li></ul>\r\nPlease begin the email subject with the name of a project in square brackets (e.g. <code>[devtools]</code>). If no project matches, use <code>[projects]</code>.\r\n\r\nNote: No user discussion!"
info: |
Announcements, development discussion, patches and pull requests for the Arch Linux projects:<ul><li><a target="blank" href="https://github.com/archlinux/archweb/">archweb</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/arch-release-promotion/">arch-release-promotion</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/dbscripts/">dbscripts</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/devtools/">devtools</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://github.com/archlinux/mkinitcpio/">mkinitcpio</a> (patches preferably on Github as pull requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/namcap/">namcap</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/netctl/">netctl</a> (patches preferably on the mailing list)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/pyalpm/">pyalpm</a> (patches preferably on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/repod/">repod</a> (patches only on GitLab as merge requests)</li><li><a target="blank" href="https://gitlab.archlinux.org/archlinux/shim-signed/">shim-signed</a> (contributions preferably on GitLab as merge requests)</li></ul>
Please begin the email subject with the name of a project in square brackets (e.g. <code>[devtools]</code>). If no project matches, use <code>[projects]</code>.
Note: No user discussion!
arch-releng:
description: Arch Linux Release Engineering
display_name: Arch-releng
......@@ -91,7 +102,10 @@ lists:
arch-women:
description: Mailing list for the Arch Women project
display_name: Arch-women
info: "<a href=\"https://archwomen.org/\">Arch Women</a> is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS.\r\n\r\nMailing list graciously hosted by the Arch Linux™ project."
info: |
<a href="https://archwomen.org/">Arch Women</a> is an all inclusive organization of Arch Linux enthusiasts with a focus on helping more women become involved in the Arch Linux community and FOSS.
Mailing list graciously hosted by the Arch Linux™ project.
aur-dev:
description: Arch User Repository (AUR) Development
display_name: Aur-dev
......
......@@ -69,7 +69,7 @@
- mailman3-notify.timer
- uwsgi@mailman\x2dweb.service
- name: update list configurations
- name: Update list configurations
uri:
url: http://localhost:8001/3.1/lists/{{ item }}.lists.archlinux.org/config
user: "{{ vault_mailman_admin_user }}"
......
......@@ -6,7 +6,7 @@
- name: Create the service http root dir
file: path={{ maintenance_http_dir }}/{{ service_domain }} state=directory owner=root group=root mode=0755
when: maintenance is defined and maintenance|bool
when: maintenance is defined and maintenance | bool
- name: Set up nginx maintenance mode
template:
......@@ -16,7 +16,7 @@
group: root
mode: 0644
notify: Reload nginx
when: service_nginx_template is not defined and maintenance is defined and maintenance|bool
when: service_nginx_template is not defined and maintenance is defined and maintenance | bool
- name: Set up custom nginx maintenance mode
template:
......@@ -26,7 +26,7 @@
group: root
mode: 0644
notify: Reload nginx
when: service_nginx_template is defined and maintenance is defined and maintenance|bool
when: service_nginx_template is defined and maintenance is defined and maintenance | bool
- name: Create the 503 html file
template:
......@@ -35,7 +35,7 @@
owner: root
group: root
mode: 0644
when: maintenance is defined and maintenance|bool
when: maintenance is defined and maintenance | bool
- name: Force reload nginx
meta: flush_handlers
......@@ -229,7 +229,7 @@
notify:
- Restart synapse
- name: Install signing key
- name: Install signing key # noqa template-instead-of-copy
copy:
content: '{{ vault_matrix_secrets.signing_key }}'
dest: /etc/synapse/{{ matrix_server_name }}.signing.key
......@@ -237,7 +237,7 @@
group: synapse
mode: 0640
- name: Install ircpass key
- name: Install ircpass key # noqa template-instead-of-copy
copy:
content: '{{ vault_matrix_secrets.ircpass_key }}'
dest: /etc/synapse/{{ matrix_server_name }}.ircpass.key
......
......@@ -12,8 +12,8 @@
copy: src=dns.conf dest={{ chroot_path }}/etc/systemd/network/10-static-ethernet.network.d/dns.conf owner=root group=root mode=0644
notify:
- Restart networkd
when: static_dns|default(true)
when: not dhcp|default(false)
when: static_dns | default(true)
when: not dhcp | default(false)
- name: Configure network (dhcp)
block:
......@@ -29,8 +29,8 @@
copy: src=dns.conf dest={{ chroot_path }}/etc/systemd/network/10-dhcp-ethernet.network.d/dns.conf owner=root group=root mode=0644
notify:
- Restart networkd
when: static_dns|default(false)
when: dhcp|default(false)
when: static_dns | default(false)
when: dhcp | default(false)
- name: Create symlink to resolv.conf
file: src=/run/systemd/resolve/stub-resolv.conf dest={{ chroot_path }}/etc/resolv.conf state=link force=yes follow=no owner=root group=root
......
galaxy_info:
description: postfix_null role
standalone: false
dependencies:
- role: postfwd
delegate_to: mail.archlinux.org
......@@ -11,7 +11,7 @@
- name: Create user account on mail to relay with
delegate_to: mail.archlinux.org
user:
ansible.builtin.user:
name: "{{ inventory_hostname_short }}"
comment: "SMTP Relay Account for {{ inventory_hostname }}"
group: nobody
......
galaxy_info:
description: rspamd role
standalone: false
dependencies:
- role: redis
......@@ -18,7 +18,7 @@
register: tempfile
- name: Fill tempfile # noqa risky-file-permissions
copy: content="{{ lookup('template', 'authorized_keys.j2') }}" dest="{{ tempfile.path }}" mode=0644
template: src=authorized_keys.j2 dest={{ tempfile.path }} mode=0644
- name: Upload authorized_keys file
expect:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment