fix E502 'all tasks should be named'

f7529414 · Frederik Schwan · Sven-Hendrik Haase · 2b2bd065 · f7529414 · f7529414
Commit f7529414 authored Jun 12, 2020 by Frederik Schwan Committed by Sven-Hendrik Haase Jun 12, 2020
--- a/playbooks/apollo.yml
+++ b/playbooks/apollo.yml
@@ -3,15 +3,17 @@
 - name: "prepare postgres ssl hosts list"
  hosts: apollo.archlinux.org
  tasks:
-      - set_fact: postgres_ssl_hosts4="{{ [orion4] + detected_ips}}"
+      - name: assign ipv4 addresses to fact postgres_ssl_hosts4
+        set_fact: postgres_ssl_hosts4="{{ [orion4] + detected_ips }}"
        vars:
            orion4: "{{ hostvars['orion.archlinux.org']['ipv4_address'] }}/32"
-            detected_ips: "{{ groups['mirrors'] | map('extract', hostvars, ['ipv4_address']) | select() | map('regex_replace', '^(.+)$', '\\1/32') | list}}"
+            detected_ips: "{{ groups['mirrors'] | map('extract', hostvars, ['ipv4_address']) | select() | map('regex_replace', '^(.+)$', '\\1/32') | list }}"
        tags: ["postgres", "firewall"]
-      - set_fact: postgres_ssl_hosts6="{{ [orion6] + detected_ips}}"
+      - name: assign ipv6 addresses to fact postgres_ssl_hosts6
+        set_fact: postgres_ssl_hosts6="{{ [orion6] + detected_ips }}"
        vars:
            orion6: "{{ hostvars['orion.archlinux.org']['ipv6_address'] }}/128"
-            detected_ips: "{{ groups['mirrors'] | map('extract', hostvars, ['ipv6_address']) | select() | map('regex_replace', '^(.+)$', '\\1/128') | list}}"
+            detected_ips: "{{ groups['mirrors'] | map('extract', hostvars, ['ipv6_address']) | select() | map('regex_replace', '^(.+)$', '\\1/128') | list }}"
        tags: ["postgres", "firewall"]

 - name: setup apollo

--- a/playbooks/tasks/fetch-borg-keys.yml
+++ b/playbooks/tasks/fetch-borg-keys.yml
@@ -3,7 +3,8 @@
 - name: prepare local storage directory
  hosts: 127.0.0.1
  tasks:
-      - file: path="{{playbook_dir}}/../../borg-keys/" state=directory
+      - name: create borg-keys directory
+        file: path="{{ playbook_dir }}/../../borg-keys/" state=directory

 - name: fetch borg keys
  hosts: borg_clients

--- a/playbooks/tasks/reencrypt-vault-key.yml
+++ b/playbooks/tasks/reencrypt-vault-key.yml
@@ -2,5 +2,5 @@
 - name: reencrypt vault key
  hosts: 127.0.0.1
  tasks:
-      - shell: gpg --decrypt --batch --quiet "{{playbook_dir}}/../../misc/vault-password.gpg" | gpg --batch --armor --encrypt --output - {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %} | sponge "{{playbook_dir}}/../../misc/vault-password.gpg"
-
+      - name: reencrypt vault key
+        shell: gpg --decrypt --batch --quiet "{{playbook_dir}}/../../misc/vault-password.gpg" | gpg --batch --armor --encrypt --output - {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %} | sponge "{{playbook_dir}}/../../misc/vault-password.gpg"
--- a/roles/dbscripts/tasks/main.yml
+++ b/roles/dbscripts/tasks/main.yml
@@ -72,44 +72,74 @@
    - /srv/repos/svn-community
    - /srv/repos/svn-packages

- file: path="/srv/repos/svn-community/package-cleanup" state=directory owner=svn-community group=tu mode=0775
- acl: name=/srv/repos/svn-community/package-cleanup entry="user:cleanup:rwx" state=present
- acl: name=/srv/repos/svn-community/package-cleanup entry="default:user::rwx" state=present
- acl: name=/srv/repos/svn-community/package-cleanup entry="default:user:cleanup:rwx" state=present
- acl: name=/srv/repos/svn-community/package-cleanup entry="default:group::rwx" state=present
- acl: name=/srv/repos/svn-community/package-cleanup entry="default:other::r-x" state=present
-
- file: path="/srv/repos/svn-packages/package-cleanup" state=directory owner=svn-packages group=dev mode=0775
- acl: name=/srv/repos/svn-packages/package-cleanup entry="user:cleanup:rwx" state=present
- acl: name=/srv/repos/svn-packages/package-cleanup entry="default:user::rwx" state=present
- acl: name=/srv/repos/svn-packages/package-cleanup entry="default:user:cleanup:rwx" state=present
- acl: name=/srv/repos/svn-packages/package-cleanup entry="default:group::rwx" state=present
- acl: name=/srv/repos/svn-packages/package-cleanup entry="default:other::r-x" state=present
-
- file: path="/srv/repos/svn-community/source-cleanup" state=directory owner=sourceballs group=svn-community mode=0755
- file: path="/srv/repos/svn-packages/source-cleanup" state=directory owner=sourceballs group=svn-packages mode=0755
-
- file: path="/srv/repos/svn-community/svn" state=directory owner=svn-community group=svn-community mode=0755
- acl: name=/srv/repos/svn-community/svn entry="default:user::rwx" state=present
- acl: name=/srv/repos/svn-community/svn entry="default:group::r-x" state=present
- acl: name=/srv/repos/svn-community/svn entry="default:other::r-x" state=present
-
- file: path="/srv/repos/svn-packages/svn" state=directory owner=svn-packages group=svn-packages mode=0755
- acl: name=/srv/repos/svn-packages/svn entry="default:user::rwx" state=present
- acl: name=/srv/repos/svn-packages/svn entry="default:group::r-x" state=present
- acl: name=/srv/repos/svn-packages/svn entry="default:other::r-x" state=present
-
- file: path="/srv/repos/svn-community/tmp" state=directory owner=svn-community group=tu mode=1775
- acl: name=/srv/repos/svn-community/tmp entry="user:sourceballs:rwx" state=present
-
- file: path="/srv/repos/svn-packages/tmp" state=directory owner=svn-packages group=dev mode=1775
- acl: name=/srv/repos/svn-packages/tmp entry="user:sourceballs:rwx" state=present
-
- file: path="/srv/ftp/lastsync" state=touch owner=ftp group=ftp mode=0644
-
- file: path="/srv/ftp/lastupdate" state=touch owner=ftp group=ftp mode=0644
- acl: name=/srv/ftp/lastupdate entry="group:tu:rw-" state=present
- acl: name=/srv/ftp/lastupdate entry="group:dev:rw-" state=present
+- name: create svn-community/package-cleanup directory
+  file: path="/srv/repos/svn-community/package-cleanup" state=directory owner=svn-community group=tu mode=0775
+- name: add acl user:cleanup:rwx to /srv/repos/svn-community/package-cleanup
+  acl: name=/srv/repos/svn-community/package-cleanup entry="user:cleanup:rwx" state=present
+- name: add acl default:user::rwx to /srv/repos/svn-community/package-cleanup
+  acl: name=/srv/repos/svn-community/package-cleanup entry="default:user::rwx" state=present
+- name: add acl default:user:cleanup:rwx to /srv/repos/svn-community/package-cleanup
+  acl: name=/srv/repos/svn-community/package-cleanup entry="default:user:cleanup:rwx" state=present
+- name: add acl default:group::rwx to /srv/repos/svn-community/package-cleanup
+  acl: name=/srv/repos/svn-community/package-cleanup entry="default:group::rwx" state=present
+- name: add acl default:other::r-x to /srv/repos/svn-community/package-cleanup
+  acl: name=/srv/repos/svn-community/package-cleanup entry="default:other::r-x" state=present
+
+- name: create svn-packages/package-cleanup directory
+  file: path="/srv/repos/svn-packages/package-cleanup" state=directory owner=svn-packages group=dev mode=0775
+- name: add acl user:cleanup:rwx to /srv/repos/svn-packages/package-cleanup
+  acl: name=/srv/repos/svn-packages/package-cleanup entry="user:cleanup:rwx" state=present
+- name: add acl default:user::rwx to /srv/repos/svn-packages/package-cleanup
+  acl: name=/srv/repos/svn-packages/package-cleanup entry="default:user::rwx" state=present
+- name: add acl default:user:cleanup:rwx to /srv/repos/svn-packages/package-cleanup
+  acl: name=/srv/repos/svn-packages/package-cleanup entry="default:user:cleanup:rwx" state=present
+- name: add acl default:group::rwx to /srv/repos/svn-packages/package-cleanup
+  acl: name=/srv/repos/svn-packages/package-cleanup entry="default:group::rwx" state=present
+- name: add acl default:other::r-x to /srv/repos/svn-packages/package-cleanup
+  acl: name=/srv/repos/svn-packages/package-cleanup entry="default:other::r-x" state=present
+
+- name: create svn-community/source-cleanup directory
+  file: path="/srv/repos/svn-community/source-cleanup" state=directory owner=sourceballs group=svn-community mode=0755
+- name: create svn-packages/source-cleanup directory
+  file: path="/srv/repos/svn-packages/source-cleanup" state=directory owner=sourceballs group=svn-packages mode=0755
+
+- name: create svn-community/svn directory
+  file: path="/srv/repos/svn-community/svn" state=directory owner=svn-community group=svn-community mode=0755
+- name: add acl default:user::rwx to /srv/repos/svn-community/svn
+  acl: name=/srv/repos/svn-community/svn entry="default:user::rwx" state=present
+- name: add acl default:group::r-x to /srv/repos/svn-community/svn
+  acl: name=/srv/repos/svn-community/svn entry="default:group::r-x" state=present
+- name: add acl default:other::r-x to /srv/repos/svn-community/svn
+  acl: name=/srv/repos/svn-community/svn entry="default:other::r-x" state=present
+
+- name: create svn-packages/svn directory
+  file: path="/srv/repos/svn-packages/svn" state=directory owner=svn-packages group=svn-packages mode=0755
+- name: add acl default:user::rwx to /srv/repos/svn-packages/svn
+  acl: name=/srv/repos/svn-packages/svn entry="default:user::rwx" state=present
+- name: add acl default:group::r-x to /srv/repos/svn-packages/svn
+  acl: name=/srv/repos/svn-packages/svn entry="default:group::r-x" state=present
+- name: add acl default:other::r-x to /srv/repos/svn-packages/svn
+  acl: name=/srv/repos/svn-packages/svn entry="default:other::r-x" state=present
+
+- name: create svn-community/tmp directory
+  file: path="/srv/repos/svn-community/tmp" state=directory owner=svn-community group=tu mode=1775
+- name: add acl user:sourceballs:rwx to /srv/repos/svn-community/tmp
+  acl: name=/srv/repos/svn-community/tmp entry="user:sourceballs:rwx" state=present
+
+- name: create svn-packages/tmp directory
+  file: path="/srv/repos/svn-packages/tmp" state=directory owner=svn-packages group=dev mode=1775
+- name: add acl user:sourceballs:rwx to /srv/repos/svn-packages/tmp
+  acl: name=/srv/repos/svn-packages/tmp entry="user:sourceballs:rwx" state=present
+
+- name: touch /srv/ftp/lastsync file
+  file: path="/srv/ftp/lastsync" state=touch owner=ftp group=ftp mode=0644
+
+- name: touch /srv/ftp/lastupdate file
+  file: path="/srv/ftp/lastupdate" state=touch owner=ftp group=ftp mode=0644
+- name: add acl group:tu:rw- to /srv/ftp/lastupdate
+  acl: name=/srv/ftp/lastupdate entry="group:tu:rw-" state=present
+- name: add acl group:dev:rw- to /srv/ftp/lastupdate
+  acl: name=/srv/ftp/lastupdate entry="group:dev:rw-" state=present

 - name: clone dbscripts git repo
  git: >

--- a/roles/install_arch/tasks/main.yml
+++ b/roles/install_arch/tasks/main.yml
@@ -158,11 +158,13 @@
 - name: enable services inside chroot
  command: chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved fstrim.timer hcloud-init

- set_fact: pubkey_list="{{ lookup('file', "{{ playbook_dir }}/../../pubkeys/" + item) }}"
+- name: assign pubkey list to fact
+  set_fact: pubkey_list="{{ lookup('file', "{{ playbook_dir }}/../../pubkeys/" + item) }}"
  register: pubkeys
  with_items: "{{ root_ssh_keys }}"

- set_fact: pubkey_string={{ pubkeys.results | map(attribute='ansible_facts.pubkey_list') | join('\n') }}
+- name: assign pubkey string to fact
+  set_fact: pubkey_string={{ pubkeys.results | map(attribute='ansible_facts.pubkey_list') | join('\n') }}

 - name: add authorized key for root
  authorized_key: user=root key="{{ pubkey_string }}" path=/tmp/root.x86_64/mnt/root/.ssh/authorized_keys exclusive=yes

--- a/roles/opendkim/tasks/main.yml
+++ b/roles/opendkim/tasks/main.yml
@@ -8,14 +8,16 @@
  notify:
    - restart opendkim

- file: path="/var/spool/opendkim/" state=directory owner=opendkim group=postfix mode=0750
+- name: create opendkim spool directory
+  file: path="/var/spool/opendkim/" state=directory owner=opendkim group=postfix mode=0750

 - name: install domains config
  template: src=domains.j2 dest=/etc/opendkim/domains owner=root group=root mode=0644
  notify:
    - restart opendkim

- file: path="/etc/opendkim/private" state=directory owner=root group=root mode=0700
+- name: create dkim key directory
+  file: path="/etc/opendkim/private" state=directory owner=root group=root mode=0700

 - name: generate DKIM key for {{ dkim_selector }}
  command: opendkim-genkey -r -s {{ dkim_selector }} -d archlinux.org --bits=4096

--- a/roles/zabbix-agent/tasks/main.yml
+++ b/roles/zabbix-agent/tasks/main.yml
@@ -36,7 +36,8 @@
    append: yes
  when: "'memcached' in group_names"

- file: path=/etc/zabbix state=directory owner=root group=root mode=755
+- name: set zabbix directory permissions in /etc
+  file: path=/etc/zabbix state=directory owner=root group=root mode=755

 - name: create host PSK
  shell: umask 077; openssl rand -hex 64 > /etc/zabbix/zabbix_agentd.psk creates=/etc/zabbix/zabbix_agentd.psk

--- a/roles/zabbix-server/tasks/main.yml
+++ b/roles/zabbix-server/tasks/main.yml
@@ -3,7 +3,8 @@
 - name: install packages
  pacman: name=zabbix-server,zabbix-frontend-php,irccat,gnu-netcat

- file: path=/etc/zabbix state=directory owner=root group=root mode=755
+- name: set zabbix directory permissions in /etc
+  file: path=/etc/zabbix state=directory owner=root group=root mode=755

 - name: install server config
  template: src=zabbix_server.conf dest=/etc/zabbix/zabbix_server.conf owner=zabbix-server group=zabbix-server mode=600