diff --git a/docs/maintenance.md b/docs/maintenance.md
index c703c99f9fefe27614308d7256e636048f3cb4ac..2b410eb2e33a613d0e99a1221aebdff9e23f2fef 100644
--- a/docs/maintenance.md
+++ b/docs/maintenance.md
@@ -39,7 +39,7 @@ as a variable, to make sure the right file is used.
- name: set up nginx
template: src=nginx.d.conf.j2 dest="{{ service_nginx_conf }}" owner=root group=root mode=644
notify:
- - reload nginx
+ - Reload nginx
when: maintenance is not defined
tags: ['nginx']
```
diff --git a/roles/acme_dns_challenge/tasks/main.yml b/roles/acme_dns_challenge/tasks/main.yml
index 63558cf555e343a073c0286597990ac2ee576c87..2a7873f62c3b9975b9ef50a1fa4f4e3f5e97f1a7 100644
--- a/roles/acme_dns_challenge/tasks/main.yml
+++ b/roles/acme_dns_challenge/tasks/main.yml
@@ -6,7 +6,7 @@
loop:
- {src: pdns.conf.j2, dest: pdns.conf}
- {src: dnsupdate-policy.lua.j2, dest: dnsupdate-policy.lua}
- notify: restart powerdns
+ notify: Restart powerdns
- name: Create directory for sqlite3 dbs
file: path=/var/lib/powerdns state=directory owner=powerdns group=powerdns mode=0755
diff --git a/roles/alertmanager/tasks/main.yml b/roles/alertmanager/tasks/main.yml
index 7c280edcf703eb9afa20f491d0d8abd7c2c65a81..3337c171947c646a13bdbb0b3c639ae74bfbc3b0 100644
--- a/roles/alertmanager/tasks/main.yml
+++ b/roles/alertmanager/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install alertmanager configuration
template: src=alertmanager.yml.j2 dest=/etc/alertmanager/alertmanager.yml owner=root group=alertmanager mode=640
- notify: reload alertmanager
+ notify: Reload alertmanager
- name: Enable alertmanager server service
systemd: name=alertmanager enabled=yes daemon_reload=yes state=started
diff --git a/roles/arch_boxes_sync/tasks/main.yml b/roles/arch_boxes_sync/tasks/main.yml
index facceb5c377d7802cc132c4e0ef71d07c3c3cae2..4d6491387ecd1cb311582d6e455fdfee11e86576 100644
--- a/roles/arch_boxes_sync/tasks/main.yml
+++ b/roles/arch_boxes_sync/tasks/main.yml
@@ -10,7 +10,7 @@
- arch-boxes-sync.service
- arch-boxes-sync.timer
notify:
- - daemon reload
+ - Daemon reload
- name: Start and enable arch-boxes-sync.timer
systemd: name=arch-boxes-sync.timer enabled=yes daemon_reload=yes state=started
diff --git a/roles/archbuild/tasks/main.yml b/roles/archbuild/tasks/main.yml
index d4ee7e3a1eaaf71fdc88a7c3267e7da7c8c902ec..a083b68c425b3353bf663bd1a79da42138027a19 100644
--- a/roles/archbuild/tasks/main.yml
+++ b/roles/archbuild/tasks/main.yml
@@ -45,14 +45,14 @@
- var-lib-archbuilddest.mount
- strictatime@.service
notify:
- - daemon reload
+ - Daemon reload
- name: Install archbuild unit
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- var-lib-archbuild.mount
notify:
- - daemon reload
+ - Daemon reload
- name: Install archbuild user units
copy: src={{ item }} dest=/etc/systemd/user/{{ item }} owner=root group=root mode=0644
diff --git a/roles/archive_web/tasks/main.yml b/roles/archive_web/tasks/main.yml
index a9b2528ff8e8787028f8cf3085d62cbb5c62eed9..d2447e194899396928595fbddf2e0454ff4bc3a4 100644
--- a/roles/archive_web/tasks/main.yml
+++ b/roles/archive_web/tasks/main.yml
@@ -12,7 +12,7 @@
group: root
mode: 0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
- name: Make nginx log dir
diff --git a/roles/archmanweb/tasks/main.yml b/roles/archmanweb/tasks/main.yml
index e4d71f032b0f658d491d80d35653ff990bc57b4e..c53bc442eca603cca139317d05700cf9ffc51294 100644
--- a/roles/archmanweb/tasks/main.yml
+++ b/roles/archmanweb/tasks/main.yml
@@ -33,7 +33,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archmanweb_nginx_conf }}" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Make nginx log dir
diff --git a/roles/archweb/tasks/main.yml b/roles/archweb/tasks/main.yml
index 18bf68ec2fcdb56fde8b646a2a3a205e3b8309de..2b44ab4a2cbb06d083368ce7d9826d58dcb4a54a 100644
--- a/roles/archweb/tasks/main.yml
+++ b/roles/archweb/tasks/main.yml
@@ -31,7 +31,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archweb_nginx_conf }}" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
when: archweb_site|bool and maintenance is not defined
tags: ['nginx']
@@ -139,13 +139,13 @@
- name: Install reporead service
template: src="archweb-reporead.service.j2" dest="/etc/systemd/system/archweb-reporead.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_reporead
- name: Install readlinks service
template: src="archweb-readlinks.service.j2" dest="/etc/systemd/system/archweb-readlinks.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_reporead
- name: Install mirrorcheck service and timer
@@ -154,7 +154,7 @@
- archweb-mirrorcheck.service
- archweb-mirrorcheck.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_mirrorcheck
- name: Install mirrorresolv service and timer
@@ -163,7 +163,7 @@
- archweb-mirrorresolv.service
- archweb-mirrorresolv.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_mirrorresolv
- name: Install populate_signoffs service and timer
@@ -172,7 +172,7 @@
- archweb-populate_signoffs.service
- archweb-populate_signoffs.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_populate_signoffs
- name: Install planet service and timer
@@ -181,7 +181,7 @@
- archweb-planet.service
- archweb-planet.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_planet
- name: Install rebuilderd status service and timer
@@ -190,13 +190,13 @@
- archweb-rebuilderd.service
- archweb-rebuilderd.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_site
- name: Install pgp_import service
template: src="archweb-pgp_import.service.j2" dest="/etc/systemd/system/archweb-pgp_import.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
when: archweb_services or archweb_pgp_import
- name: Create pacman.d hooks dir
@@ -210,7 +210,7 @@
- name: Install archweb memcached service
template: src="archweb-memcached.service.j2" dest="/etc/systemd/system/archweb-memcached.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
when: archweb_site|bool
- name: Install archweb rsync iso service and timer
@@ -219,7 +219,7 @@
- archweb-rsync_iso.service
- archweb-rsync_iso.timer
notify:
- - daemon reload
+ - Daemon reload
when: archweb_site|bool
- name: Deploy archweb
@@ -229,7 +229,7 @@
- name: Deploy new release
file: path=/etc/uwsgi/vassals/archweb.ini state=touch owner=archweb group=http mode=0640
when: archweb_site and (release.changed or config.changed or virtualenv.changed or archweb_forced_deploy)
- notify: restart archweb memcached
+ notify: Restart archweb memcached
- name: Start and enable archweb memcached service and archweb-rsync_iso timer
systemd:
diff --git a/roles/archwiki/tasks/main.yml b/roles/archwiki/tasks/main.yml
index bea0775f2714f38758fcdde3034639ecec738aee..bcf8377c9b4225bd1a50643346852347864d9daf 100644
--- a/roles/archwiki/tasks/main.yml
+++ b/roles/archwiki/tasks/main.yml
@@ -37,7 +37,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archwiki_nginx_conf }}" owner=root group=root mode=644
notify:
- - reload nginx
+ - Reload nginx
when: maintenance is not defined
tags: ['nginx']
@@ -55,11 +55,11 @@
become: true
become_user: "{{ archwiki_user }}"
notify:
- - run wiki updatescript
+ - Run wiki updatescript
# purge the nginx cache and MediaWiki file cache to make sure clients get updated assets
# as well as freshly rendered pages using the new assets
- - purge nginx cache
- - invalidate MediaWiki file cache
+ - Purge nginx cache
+ - Invalidate MediaWiki file cache
- name: Configure archwiki
template: src=LocalSettings.php.j2 dest="{{ archwiki_dir }}/public/LocalSettings.php" owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0640
@@ -81,7 +81,7 @@
src=php-fpm.conf.j2 dest="/etc/php/php-fpm.d/{{ archwiki_user }}.conf"
owner=root group=root mode=0644
notify:
- - restart php-fpm@{{ archwiki_user }}
+ - Restart php-fpm@{{ archwiki_user }}
- name: Start and enable systemd socket
service: name=php-fpm@{{ archwiki_user }}.socket state=started enabled=true
diff --git a/roles/aurweb/tasks/main.yml b/roles/aurweb/tasks/main.yml
index dc8596d1629f06217408a7fe02dd0f23d8055bb8..014d9e6736f47493a4e6b76e0c031661fa9f4d15 100644
--- a/roles/aurweb/tasks/main.yml
+++ b/roles/aurweb/tasks/main.yml
@@ -221,7 +221,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest={{ aurweb_nginx_conf }} owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Make nginx log dir
@@ -297,7 +297,7 @@
- name: Configure sshd
template: src=aurweb_config.j2 dest={{ sshd_includes_dir }}/aurweb_config owner=root group=root mode=0600 validate='/usr/sbin/sshd -t -f %s'
notify:
- - restart sshd
+ - Restart sshd
- name: Start and enable AUR systemd services and timers
service: name={{ item }} enabled=yes state=started daemon_reload=yes
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index adc3abf90fa40572080c9b6523017e1513539d60..da928cfbe37edcd1942fab32ee5088842bd9d04f 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -85,12 +85,12 @@
- name: Install journald.conf overrides
template: src=journald.conf.j2 dest=/etc/systemd/journald.conf.d/override.conf owner=root group=root mode=644
notify:
- - restart journald
+ - Restart journald
- name: Install system.conf overrides
template: src=system.conf.j2 dest=/etc/systemd/system.conf.d/override.conf owner=root group=root mode=0644
notify:
- - systemd daemon-reload
+ - Systemd daemon-reload
- name: Install zram-generator
pacman: name=zram-generator state=present
@@ -99,7 +99,7 @@
- name: Install zram-generator config for zram
template: src=zram-generator.conf dest=/etc/systemd/zram-generator.conf owner=root group=root mode=0644
notify:
- - restart systemd-zram-setup@zram0
+ - Restart systemd-zram-setup@zram0
when: enable_zram_swap
- name: Disable zswap to prevent conflict with zram
@@ -123,7 +123,7 @@
- "-.slice"
- user@.service
notify:
- - systemd daemon-reload
+ - Systemd daemon-reload
- name: Start systemd-oomd
service: name=systemd-oomd state=started enabled=yes
diff --git a/roles/dbscripts/tasks/main.yml b/roles/dbscripts/tasks/main.yml
index 9008ceaaab42296e30befdeff0a2009a01bcc27e..2e3c1b02a14442b606a2061489ed5b762530c262 100644
--- a/roles/dbscripts/tasks/main.yml
+++ b/roles/dbscripts/tasks/main.yml
@@ -34,7 +34,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/dbscripts.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags:
- nginx
@@ -332,7 +332,7 @@
- createlinks.timer
- createlinks.service
notify:
- - daemon reload
+ - Daemon reload
- name: Activate systemd timers
service: name={{ item }} enabled=yes state=started
diff --git a/roles/debuginfod/tasks/main.yml b/roles/debuginfod/tasks/main.yml
index ebdb00af088c1485034134200c26595c2a6e3f41..604221065da3e5983b59ce8431ca9c06a82ca671 100644
--- a/roles/debuginfod/tasks/main.yml
+++ b/roles/debuginfod/tasks/main.yml
@@ -13,7 +13,7 @@
vars:
debuginfod_package_path: "{{ debuginfod_package_paths | join(' ') }}"
notify:
- - reload debuginfod
+ - Reload debuginfod
- name: Create http directory for debuginfod website files
file: path=/srv/http/debuginfod state=directory owner=root group=root mode=0755
@@ -39,7 +39,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/debuginfod.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
when: debuginfod_domain
tags: ['nginx']
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index b4eab78f9538c4fe87cddf455bc1be2708667485..9ad91bbce1e0fe80eeef2cf54eef0dc977e4b234 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -11,7 +11,7 @@
- name: Install dovecot.conf
template: src=dovecot.conf.j2 dest=/etc/dovecot/dovecot.conf owner=root group=root mode=0644
notify:
- - reload dovecot
+ - Reload dovecot
- name: Add vmail group
group: name=vmail gid=5000
@@ -28,7 +28,7 @@
- name: Install spam-to-folder.sieve
copy: src=spam-to-folder.sieve dest=/etc/dovecot/sieve/ mode=0644 owner=root group=root
notify:
- - run sievec
+ - Run sievec
- name: Create ssl cert
include_role:
diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml
index 2e0fb243e5c78efd2db870fa8d1c50d61e05d6d4..19418fea552860c9d3d48d0de264d2ae1a12e147 100644
--- a/roles/fail2ban/tasks/main.yml
+++ b/roles/fail2ban/tasks/main.yml
@@ -3,7 +3,7 @@
name: "fail2ban"
state: "present"
notify:
- - restart fail2ban
+ - Restart fail2ban
- name: Create systemd unit override path
file:
@@ -32,7 +32,7 @@
- "fail2ban.local"
- "jail.local"
notify:
- - restart fail2ban
+ - Restart fail2ban
- name: Install firewallcmd-allports.local
template:
@@ -42,7 +42,7 @@
group: "root"
mode: 0644
notify:
- - restart fail2ban
+ - Restart fail2ban
- name: Install sshd jail
when: fail2ban_jails.sshd
@@ -53,7 +53,7 @@
group: "root"
mode: 0644
notify:
- - reload fail2ban jails
+ - Reload fail2ban jails
- name: Install postfix jail
when: fail2ban_jails.postfix
@@ -64,7 +64,7 @@
group: "root"
mode: 0644
notify:
- - reload fail2ban jails
+ - Reload fail2ban jails
- name: Install dovecot jail
when: fail2ban_jails.dovecot
@@ -75,7 +75,7 @@
group: "root"
mode: 0644
notify:
- - reload fail2ban jails
+ - Reload fail2ban jails
- name: Install nginx-limit-req jail
when: fail2ban_jails.nginx_limit_req
@@ -86,7 +86,7 @@
group: "root"
mode: 0644
notify:
- - reload fail2ban jails
+ - Reload fail2ban jails
- name: Start and enable service
systemd:
diff --git a/roles/fetchmail/tasks/main.yml b/roles/fetchmail/tasks/main.yml
index 32c0709ca8d9f86234bc8b21536e516ea67f75f8..ffa07be4430fda37c187abb78b418a4bb55d8d7a 100644
--- a/roles/fetchmail/tasks/main.yml
+++ b/roles/fetchmail/tasks/main.yml
@@ -4,7 +4,7 @@
- name: Template fetchmail config
template: src=fetchmailrc.j2 dest=/etc/fetchmailrc owner=fetchmail group=nobody mode=600
notify:
- - restart fetchmail
+ - Restart fetchmail
- name: Start and enable fetchmail
service: name=fetchmail enabled=yes state=started
diff --git a/roles/firewalld/tasks/main.yml b/roles/firewalld/tasks/main.yml
index 982d1012bab04fcceb45adae9cffb76dec4d4f6f..429f1f52122e5f3961c918dbfe2ce408d7613c6e 100644
--- a/roles/firewalld/tasks/main.yml
+++ b/roles/firewalld/tasks/main.yml
@@ -6,7 +6,7 @@
- name: Install firewalld config
template: src=firewalld.conf.j2 dest=/etc/firewalld/firewalld.conf owner=root group=root mode=0644
notify:
- - restart firewalld
+ - Restart firewalld
- name: Start and enable firewalld
service:
diff --git a/roles/fluxbb/tasks/main.yml b/roles/fluxbb/tasks/main.yml
index 107d3db7fef8f195a75fb0f9bf4cf3c7ae8e61a5..9c8da9829e71addaf01a503d7e89e0ad505e3d94 100644
--- a/roles/fluxbb/tasks/main.yml
+++ b/roles/fluxbb/tasks/main.yml
@@ -37,7 +37,7 @@
template: >
src=nginx.conf.j2 dest=/etc/nginx/nginx.d/fluxbb.conf
owner=root group=root mode=0644
- notify: reload nginx
+ notify: Reload nginx
- name: Install python-passlib
pacman: name=python-passlib
@@ -61,7 +61,7 @@
template: >
src=php-fpm.conf.j2 dest=/etc/php/php-fpm.d/fluxbb.conf
owner=root group=root mode=0644
- notify: restart php-fpm@fluxbb
+ notify: Restart php-fpm@fluxbb
- name: Start and enable systemd socket
service: name=php-fpm@fluxbb.socket state=started enabled=true
diff --git a/roles/flyspray/tasks/main.yml b/roles/flyspray/tasks/main.yml
index 25de86c5d2f1e0da04edd8e8e5c6dc088813aa66..97ccfa3f0763b130ae7e406ec83d831303ccc851 100644
--- a/roles/flyspray/tasks/main.yml
+++ b/roles/flyspray/tasks/main.yml
@@ -27,7 +27,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ flyspray_nginx_conf }}" owner=root group=root mode=644
notify:
- - reload nginx
+ - Reload nginx
when: maintenance is not defined
tags: ['nginx']
@@ -73,19 +73,19 @@
src=php-fpm.conf.j2 dest="/etc/php7/php-fpm.d/{{ flyspray_user }}.conf"
owner=root group=root mode=0644
notify:
- - restart php-fpm7@flyspray
+ - Restart php-fpm7@flyspray
- name: Install fail2ban register ban filter
template: src=fail2ban.filter.j2 dest=/etc/fail2ban/filter.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- - restart fail2ban
+ - Restart fail2ban
tags:
- fail2ban
- name: Install fail2ban register ban jail
template: src=fail2ban.jail.j2 dest=/etc/fail2ban/jail.d/nginx-flyspray-register.local owner=root group=root mode=0644
notify:
- - restart fail2ban
+ - Restart fail2ban
tags:
- fail2ban
diff --git a/roles/geo_dns/tasks/main.yml b/roles/geo_dns/tasks/main.yml
index d0d0b42b3cceb48250da50624202dcfe09b62953..5c3bcc39c23aa2cda369bcc096b8530dff43eecb 100644
--- a/roles/geo_dns/tasks/main.yml
+++ b/roles/geo_dns/tasks/main.yml
@@ -6,7 +6,7 @@
loop:
- {src: pdns.conf.j2, dest: pdns.conf}
- {src: geo.yml.j2, dest: geo.yml}
- notify: restart powerdns
+ notify: Restart powerdns
- name: Create drop-in directory for geoipupdate
file: path=/etc/systemd/system/geoipupdate.service.d state=directory owner=root group=root mode=0755
diff --git a/roles/gitlab_runner/tasks/main.yml b/roles/gitlab_runner/tasks/main.yml
index edde2eaf7b448c24d868f343360932fb1ad9298c..f0f6de39feb6fef7b9616a5c63f141d70cde1283 100644
--- a/roles/gitlab_runner/tasks/main.yml
+++ b/roles/gitlab_runner/tasks/main.yml
@@ -1,17 +1,17 @@
- name: Install dependencies
pacman: name=docker,python-docker,python-gitlab,gitlab-runner state=latest update_cache=yes
- notify: restart gitlab-runner
+ notify: Restart gitlab-runner
- name: Install docker.slice
copy: src=docker.slice dest=/etc/systemd/system/ owner=root group=root mode=0644
- notify: systemd daemon-reload
+ notify: Systemd daemon-reload
- name: Start docker
systemd: name=docker enabled=yes state=started daemon_reload=yes
- name: Configure Docker daemon for IPv6
copy: src=daemon.json dest=/etc/docker/daemon.json owner=root group=root mode=0644
- notify: restart docker
+ notify: Restart docker
# We want to give our gitlab-runners full IPv6 capabilities. Sadly, IPv6 and Docker aren't friends. :(
# https://medium.com/@skleeschulte/how-to-enable-ipv6-for-docker-containers-on-ubuntu-18-04-c68394a219a2
@@ -44,7 +44,7 @@
# Note: Secure runners must be added manually to the relevant projects
- name: Install runner configuration
template: src=config.toml.j2 dest=/etc/gitlab-runner/config.toml owner=root group=root mode=0600
- notify: restart gitlab-runner
+ notify: Restart gitlab-runner
- name: Install gitlab-runner-docker-cleanup.{service,timer}
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
@@ -52,7 +52,7 @@
- gitlab-runner-docker-cleanup.service
- gitlab-runner-docker-cleanup.timer
notify:
- - restart gitlab-runner-docker-cleanup.timer
+ - Restart gitlab-runner-docker-cleanup.timer
- name: Enable and start gitlab-runner-docker-cleanup.timer
systemd: name=gitlab-runner-docker-cleanup.timer state=started enabled=yes daemon_reload=yes
diff --git a/roles/gluebuddy/tasks/main.yml b/roles/gluebuddy/tasks/main.yml
index d20569c9701c4fd1c6ebe079e872cf6c25e42a92..f31c49c2023d1a41f00963f20b90c7406c323206 100644
--- a/roles/gluebuddy/tasks/main.yml
+++ b/roles/gluebuddy/tasks/main.yml
@@ -7,7 +7,7 @@
- gluebuddy.service
- gluebuddy.timer
notify:
- - daemon reload
+ - Daemon reload
- name: Enable timer
systemd: name=gluebuddy.timer enabled=yes state=started
diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml
index 610d9680e059856e6ddd26d34c4c860fb72b8eec..665516701e07307aa7e71b87f841adce712bf928 100644
--- a/roles/grafana/tasks/main.yml
+++ b/roles/grafana/tasks/main.yml
@@ -10,7 +10,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/grafana.conf owner=root group=http mode=640
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
- name: Make nginx log dir
@@ -31,11 +31,11 @@
- name: Install grafana datasources provisioning
template: src=datasources.yaml.j2 dest=/etc/grafana/provisioning/datasources/prometheus.yml owner=grafana group=root mode=0600
- notify: restart grafana
+ notify: Restart grafana
- name: Install grafana dashboard provisioning
template: src=dashboard.yaml.j2 dest=/etc/grafana/provisioning/dashboards/dasbhoard.yml owner=grafana group=root mode=0600
- notify: restart grafana
+ notify: Restart grafana
- name: Copy grafana dashboards
copy: src=dashboards dest=/var/lib/grafana/dashboards owner=grafana group=grafana mode=0600
@@ -46,7 +46,7 @@
- name: Install grafana config
template: src=grafana.ini.j2 dest=/etc/grafana.ini owner=grafana group=root mode=0600
- notify: restart grafana
+ notify: Restart grafana
- name: Fix /var/lib/grafana permissions
file: path=/var/lib/grafana mode=0700 owner=grafana group=grafana
diff --git a/roles/hardening/tasks/main.yml b/roles/hardening/tasks/main.yml
index 235ad5c8e0b83b8a6ef0038c085def09aa44ae50..1b811397f8d803e45228e63f83aba9c1a0ec74a5 100644
--- a/roles/hardening/tasks/main.yml
+++ b/roles/hardening/tasks/main.yml
@@ -1,41 +1,41 @@
- name: Set restricted access to kernel logs
copy: src=50-dmesg-restrict.conf dest=/etc/sysctl.d/50-dmesg-restrict.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Set ptrace scope, restrict ptrace to CAP_SYS_PTRACE
copy: src=50-ptrace-restrict.conf dest=/etc/sysctl.d/50-ptrace-restrict.conf owner=root group=root mode=0644
when: "'buildservers' not in group_names"
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Set restricted access to kernel pointers in proc fs
copy: src=50-kptr-restrict.conf dest=/etc/sysctl.d/50-kptr-restrict.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Enable JIT hardening for all users
copy: src=50-bpf_jit_harden.conf dest=/etc/sysctl.d/50-bpf_jit_harden.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Disable unprivileged bpf
copy: src=50-unprivileged_bpf_disabled.conf dest=/etc/sysctl.d/50-unprivileged_bpf_disabled.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Disable unprivileged userns
copy: src=50-unprivileged_userns_clone.conf dest=/etc/sysctl.d/50-unprivileged_userns_clone.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Disable kexec load
copy: src=50-kexec_load_disabled.conf dest=/etc/sysctl.d/50-kexec_load_disabled.conf owner=root group=root mode=0644
notify:
- - apply sysctl settings
+ - Apply sysctl settings
- name: Set kernel lockdown to restricted
copy: src=50-lockdown.conf dest=/etc/tmpfiles.d/50-kernel-lockdown.conf owner=root group=root mode=0644
when: "'hcloud' in group_names"
notify:
- - apply sysctl settings
+ - Apply sysctl settings
diff --git a/roles/hedgedoc/tasks/main.yml b/roles/hedgedoc/tasks/main.yml
index 6392959e2279898088b1a5202b594f251b778669..847810242f0692e70b3283dfb3a132d33b21a755 100644
--- a/roles/hedgedoc/tasks/main.yml
+++ b/roles/hedgedoc/tasks/main.yml
@@ -24,7 +24,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest={{ hedgedoc_nginx_conf }} owner=root group=http mode=640
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Add hedgedoc.service.d dir
diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index 189a27cf610e75a6c8c3fbfb3063c81df2bb4fa1..9116e835e9bcabc74e84099e796963aef4b15f53 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -18,7 +18,7 @@
template: src=keycloak.conf.j2 dest=/etc/keycloak/keycloak.conf owner=root group=keycloak mode=640
no_log: true
notify:
- - restart keycloak
+ - Restart keycloak
- name: Create drop-in directory for keycloak.service
file: path=/etc/systemd/system/keycloak.service.d state=directory owner=root group=root mode=0755
@@ -47,7 +47,7 @@
- name: Remove admin creation drop-in
file: path=/etc/systemd/system/keycloak.service.d/create-keycloak-admin.conf state=absent
notify:
- - daemon reload
+ - Daemon reload
when: ansible_facts.services["keycloak.service"]["state"] != "running"
- name: Open firewall hole
@@ -80,5 +80,5 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/keycloak.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
diff --git a/roles/loki/tasks/main.yml b/roles/loki/tasks/main.yml
index ceefc8b82aca99750f551946f26eaceea8cacf88..0eaa79c39795435de0a213968313e158a2acf661 100644
--- a/roles/loki/tasks/main.yml
+++ b/roles/loki/tasks/main.yml
@@ -3,14 +3,14 @@
- name: Install loki configuration
copy: src=loki.yaml dest=/etc/loki/ owner=root group=root mode=0644
- notify: restart loki
+ notify: Restart loki
- name: Make nginx log dir
file: path=/var/log/nginx/loki state=directory owner=root group=root mode=0755
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/logging.conf" owner=root group=root mode=640
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Open firewall hole
diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
index 7bcc05f581e7d6cf017df9cb29fd3d26213bacf6..450bfd818a99525fcf71da9ff3d2d500b25a67ea 100644
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@@ -9,24 +9,24 @@
- name: Install mailman configuration
template: src=mm_cfg.py.j2 dest=/etc/mailman/mm_cfg.py follow=yes owner=root group=root mode=0644
- notify: reload mailman
+ notify: Reload mailman
- name: Install postfix configuration
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0644
- notify: reload postfix
+ notify: Reload postfix
- name: Install postfix maps
copy: src={{ item }} dest=/etc/postfix/ owner=root group=root mode=0644
loop:
- aliases
- milter_header_checks
- notify: run postmap
+ notify: Run postmap
- name: Install postfix templated maps
template: src={{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
loop:
- transport
- notify: run postmap
+ notify: Run postmap
- name: Open firewall holes for postfix
ansible.posix.firewalld: service=smtp zone={{ item }} permanent=true state=enabled immediate=yes
@@ -50,11 +50,11 @@
- name: Install nginx mailman2->mailman3 redirect map
copy: src=migrated-lists.map dest=/etc/nginx/maps/ owner=root group=root mode=0644
- notify: reload nginx
+ notify: Reload nginx
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Start and enable postfix
@@ -65,7 +65,7 @@
- name: Install drop-in for mailman.service
copy: src=override.conf dest=/etc/systemd/system/mailman.service.d/ owner=root group=root mode=0644
- notify: restart mailman
+ notify: Restart mailman
- name: Start and enable mailman{.service,-*.timer}
systemd: name={{ item }} enabled=yes daemon_reload=yes state=started
diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
index 0b3ee53cf99e6d7a781a060cce9b10c532d98044..bbe0d188adbca287e967dfc769f34a56454ba87c 100644
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@@ -10,19 +10,19 @@
- {src: settings.py.j2, dest: /etc/webapps/mailman-web/settings.py, group: mailman-web}
- {src: urls.py.j2, dest: /etc/webapps/mailman-web/urls.py, group: mailman-web}
notify:
- - reload mailman
- - restart mailman-web
+ - Reload mailman
+ - Restart mailman-web
- name: Install mailman postfix.cfg configuration
copy: src=postfix.cfg dest=/etc/postfix.cfg owner=root group=root mode=0644
- notify: reload mailman
+ notify: Reload mailman
- name: Make nginx log dir
file: path=/var/log/nginx/{{ lists_domain }} state=directory owner=root group=root mode=0755
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mailman.conf" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Create postgres {mailman,mailman-web} user
diff --git a/roles/maintenance/tasks/main.yml b/roles/maintenance/tasks/main.yml
index 74d8baf2d87a7da044403c7c085c335f8d73a95e..16777464d37f03c445273656eeca38262f465052 100644
--- a/roles/maintenance/tasks/main.yml
+++ b/roles/maintenance/tasks/main.yml
@@ -15,7 +15,7 @@
owner: root
group: root
mode: 0644
- notify: reload nginx
+ notify: Reload nginx
when: service_nginx_template is not defined and maintenance is defined and maintenance|bool
- name: Set up custom nginx maintenance mode
@@ -25,7 +25,7 @@
owner: root
group: root
mode: 0644
- notify: reload nginx
+ notify: Reload nginx
when: service_nginx_template is defined and maintenance is defined and maintenance|bool
- name: Create the 503 html file
diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml
index bee006d450af71ebc24c153cd4cff99e25584613..b3ad19e8c49612b48dfc1d562b7af5f0db4b30b8 100644
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -9,7 +9,7 @@
- name: Configure mariadb
template: src=server.cnf.j2 dest=/etc/my.cnf.d/server.cnf owner=root group=root mode=0644
notify:
- - restart mariadb
+ - Restart mariadb
- name: Start and enable the service
service: name=mariadb state=started enabled=yes
diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml
index 0f8481a068913a5f275442a7334268e9baf377cc..9a3e9dca75dff5f530e822f1a6920e6abd79c275 100644
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -84,7 +84,7 @@
become_method: sudo
register: synapse_pip
notify:
- - restart synapse
+ - Restart synapse
- name: Install pantalaimon
pip:
@@ -97,7 +97,7 @@
become_user: synapse
become_method: sudo
notify:
- - restart pantalaimon
+ - Restart pantalaimon
- name: Download mjolnir
git:
@@ -110,7 +110,7 @@
become_method: sudo
register: mjolnir_git
notify:
- - restart mjolnir
+ - Restart mjolnir
- name: Install mjolnir
community.general.yarn:
@@ -140,7 +140,7 @@
become_method: sudo
when: synapse_pip.changed or mjolnir_git.changed
notify:
- - restart synapse
+ - Restart synapse
- name: Download matrix-appservice-irc
git:
@@ -153,7 +153,7 @@
become_method: sudo
register: irc_git
notify:
- - restart matrix-appservice-irc
+ - Restart matrix-appservice-irc
- name: Install matrix-appservice-irc
community.general.npm:
@@ -167,7 +167,7 @@
- name: Install pg_hba.conf
copy: src=pg_hba.conf dest=/var/lib/postgres/data/pg_hba.conf owner=postgres group=postgres mode=0600
notify:
- - restart postgres
+ - Restart postgres
- name: Add synapse postgres db
postgresql_db: db=synapse lc_collate=C lc_ctype=C template=template0
@@ -196,7 +196,7 @@
- name: Install homeserver config
template: src=homeserver.yaml.j2 dest=/etc/synapse/homeserver.yaml owner=root group=synapse mode=0640
notify:
- - restart synapse
+ - Restart synapse
- name: Install static config
copy: src={{ item }} dest=/etc/synapse/{{ item }} owner=root group=root mode=0644
@@ -207,27 +207,27 @@
- worker-federation_sender.yaml
- worker-media_repository.yaml
notify:
- - restart synapse
+ - Restart synapse
- name: Install pantalaimon config
template: src=pantalaimon.conf.j2 dest=/etc/synapse/pantalaimon.conf owner=root group=synapse mode=0644
notify:
- - restart pantalaimon
+ - Restart pantalaimon
- name: Install mjolnir config
template: src=mjolnir.yaml.j2 dest=/etc/synapse/mjolnir/production.yaml owner=root group=synapse mode=0640
notify:
- - restart mjolnir
+ - Restart mjolnir
- name: Install irc-bridge config
template: src=irc-bridge.yaml.j2 dest=/etc/synapse/irc-bridge.yaml owner=root group=synapse mode=0640
notify:
- - restart matrix-appservice-irc
+ - Restart matrix-appservice-irc
- name: Install irc-bridge registration
template: src=appservice-registration-irc.yaml.j2 dest=/etc/synapse/appservice-registration-irc.yaml owner=root group=synapse mode=0640
notify:
- - restart synapse
+ - Restart synapse
- name: Install signing key
copy:
@@ -251,14 +251,14 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/matrix.conf owner=root group=root mode=0640
notify:
- - reload nginx
+ - Reload nginx
when: 'matrix_domain is defined'
tags: ['nginx']
- name: Install turnserver.conf
template: src=turnserver.conf.j2 dest=/etc/turnserver/turnserver.conf owner=turnserver group=turnserver mode=0600
notify:
- - restart turnserver
+ - Restart turnserver
- name: Install turnserver cert renewal hook
copy: src=letsencrypt.hook.d dest=/etc/letsencrypt/hook.d/turnserver owner=root group=root mode=0755
@@ -269,28 +269,28 @@
- synapse.service
- synapse-worker@.service
notify:
- - restart synapse
+ - Restart synapse
- name: Install pantalaimon units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- pantalaimon.service
notify:
- - restart pantalaimon
+ - Restart pantalaimon
- name: Install mjolnir units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- mjolnir.service
notify:
- - restart mjolnir
+ - Restart mjolnir
- name: Install matrix-appservice-irc units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- matrix-appservice-irc.service
notify:
- - restart matrix-appservice-irc
+ - Restart matrix-appservice-irc
- name: Enable synapse units
service: name={{ item }} enabled=yes
@@ -301,35 +301,35 @@
- synapse-worker@federation_sender.service
- synapse-worker@media_repository.service
notify:
- - restart synapse
+ - Restart synapse
- name: Enable pantalaimon units
service: name={{ item }} enabled=yes
with_items:
- pantalaimon.service
notify:
- - restart pantalaimon
+ - Restart pantalaimon
- name: Enable mjolnir units
service: name={{ item }} enabled=yes
with_items:
- mjolnir.service
notify:
- - restart mjolnir
+ - Restart mjolnir
- name: Enable matrix-appservice-irc units
service: name={{ item }} enabled=yes
with_items:
- matrix-appservice-irc.service
notify:
- - restart matrix-appservice-irc
+ - Restart matrix-appservice-irc
- name: Enable turnserver units
service: name={{ item }} enabled=yes
with_items:
- turnserver.service
notify:
- - restart turnserver
+ - Restart turnserver
- name: Open firewall holes
ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
diff --git a/roles/mta_sts/tasks/main.yml b/roles/mta_sts/tasks/main.yml
index cd0788a3ea842a76f82e7d180f65a044a5f46c6d..18afd23da91f6a823259bf58e1b88f2ec14417dd 100644
--- a/roles/mta_sts/tasks/main.yml
+++ b/roles/mta_sts/tasks/main.yml
@@ -11,5 +11,5 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mta-sts.conf" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
diff --git a/roles/networking/tasks/main.yml b/roles/networking/tasks/main.yml
index 6ab1d933b8a6d203fdc0452c92b91597685f7e78..3cf2983e0731b77f8cb7838e1d69b252f81c695f 100644
--- a/roles/networking/tasks/main.yml
+++ b/roles/networking/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install 10-static-ethernet.network
template: src=10-static-ethernet.network.j2 dest={{ chroot_path }}/etc/systemd/network/10-static-ethernet.network owner=root group=root mode=0644
notify:
- - restart networkd
+ - Restart networkd
- name: Create drop-in directory for 10-static-ethernet.network
file: path={{ chroot_path }}/etc/systemd/network/10-static-ethernet.network.d state=directory owner=root group=root mode=0755
@@ -11,7 +11,7 @@
- name: Configure static dns (static)
copy: src=dns.conf dest={{ chroot_path }}/etc/systemd/network/10-static-ethernet.network.d/dns.conf owner=root group=root mode=0644
notify:
- - restart networkd
+ - Restart networkd
when: static_dns|default(true)
when: not dhcp|default(false)
@@ -20,7 +20,7 @@
- name: Install 10-dhcp-ethernet.network
template: src=10-dhcp-ethernet.network.j2 dest={{ chroot_path }}/etc/systemd/network/10-dhcp-ethernet.network owner=root group=root mode=0644
notify:
- - restart networkd
+ - Restart networkd
- name: Create drop-in directory for 10-dhcp-ethernet.network
file: path={{ chroot_path }}/etc/systemd/network/10-dhcp-ethernet.network.d state=directory owner=root group=root mode=0755
@@ -28,7 +28,7 @@
- name: Configure static dns (dhcp)
copy: src=dns.conf dest={{ chroot_path }}/etc/systemd/network/10-dhcp-ethernet.network.d/dns.conf owner=root group=root mode=0644
notify:
- - restart networkd
+ - Restart networkd
when: static_dns|default(false)
when: dhcp|default(false)
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index c93ddac3dd008282f9d1626ec3e4e0ce4b0c141d..55b17229c4d88e0e52a1ca2fae4d3290e9c7ab07 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -7,7 +7,7 @@
- name: Configure nginx
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
- name: Snippets directories
file: state=directory path=/etc/nginx/{{ item }} owner=root group=root mode=0755
@@ -21,7 +21,7 @@
- letsencrypt.conf
- sslsettings.conf
notify:
- - reload nginx
+ - Reload nginx
- name: Install cert renewal hook
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/nginx owner=root group=root mode=0755
@@ -51,7 +51,7 @@
- name: Install inventory_hostname vhost
template: src=nginx-hostname-vhost.conf.j2 dest=/etc/nginx/nginx.d/nginx-hostname-vhost.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
- name: Enable nginx
diff --git a/roles/patchwork/tasks/main.yml b/roles/patchwork/tasks/main.yml
index b991571bf628a025116bc6a25ab8b2cf07248db2..daa39b9da8e8f1de92c4c3fb19ae9c54a1b197e6 100644
--- a/roles/patchwork/tasks/main.yml
+++ b/roles/patchwork/tasks/main.yml
@@ -29,7 +29,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ patchwork_nginx_conf }}" owner=root group=root mode=644
notify:
- - reload nginx
+ - Reload nginx
when: maintenance is not defined
tags: ['nginx']
@@ -111,17 +111,17 @@
- name: Install patchwork memcached service
template: src="patchwork-memcached.service.j2" dest="/etc/systemd/system/patchwork-memcached.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
- name: Install patchwork notification service
template: src="patchwork-notification.service.j2" dest="/etc/systemd/system/patchwork-notification.service" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
- name: Install patchwork notification timer
template: src="patchwork-notification.timer.j2" dest="/etc/systemd/system/patchwork-notification.timer" owner=root group=root mode=0644
notify:
- - daemon reload
+ - Daemon reload
- name: Deploy patchwork
template: src=patchwork.ini.j2 dest=/etc/uwsgi/vassals/patchwork.ini owner=patchwork group=http mode=0644
diff --git a/roles/php7_fpm/tasks/main.yaml b/roles/php7_fpm/tasks/main.yaml
index 7b9d55272e2e840b2815d7de8e4eefbdf4b477ec..e03f7336556bd33e8fc57c6f2639c976a55d584e 100644
--- a/roles/php7_fpm/tasks/main.yaml
+++ b/roles/php7_fpm/tasks/main.yaml
@@ -8,7 +8,7 @@
with_items:
- php-fpm7@.socket
- php-fpm7@.service
- notify: daemon reload
+ notify: Daemon reload
- name: Configure default php.ini
template: >
diff --git a/roles/php_fpm/tasks/main.yaml b/roles/php_fpm/tasks/main.yaml
index 026e543497e789326403f2f55597284eb7df5481..5f6bd608d62c042e8d38323afcbb40bf3b7fda3e 100644
--- a/roles/php_fpm/tasks/main.yaml
+++ b/roles/php_fpm/tasks/main.yaml
@@ -8,7 +8,7 @@
with_items:
- php-fpm@.socket
- php-fpm@.service
- notify: daemon reload
+ notify: Daemon reload
- name: Configure default php.ini
template: >
diff --git a/roles/ping/tasks/main.yml b/roles/ping/tasks/main.yml
index 74fb8e62c6bff4ebd41ea71455f746a0961f204a..4f3c6bc86b78289793f5727cbb5eef9fad591075 100644
--- a/roles/ping/tasks/main.yml
+++ b/roles/ping/tasks/main.yml
@@ -9,5 +9,5 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/ping.conf" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml
index d04db9270ed9156d1a8481d95b88dae4f2414eb8..2b898e9a2c81f20c9f898ea8becd632c78f543ea 100644
--- a/roles/postfix/tasks/main.yml
+++ b/roles/postfix/tasks/main.yml
@@ -11,9 +11,9 @@
- aliases
- users.pcre
notify:
- - restart postfix
- - postmap additional files
- - update aliases db
+ - Restart postfix
+ - Postmap additional files
+ - Update aliases db
- name: Install additional files
copy: src={{ item }} dest=/etc/postfix/{{ item }} owner=root group=root mode=0644
@@ -29,12 +29,12 @@
- domains
- msa_header_checks
notify:
- - postmap additional files
+ - Postmap additional files
- name: Create dhparam 2048
command: openssl dhparam -out /etc/postfix/dh2048.pem 2048 creates=/etc/postfix/dh2048.pem
notify:
- - reload postfix
+ - Reload postfix
- name: Create ssl cert
include_role:
diff --git a/roles/postfix_null/tasks/main.yml b/roles/postfix_null/tasks/main.yml
index 2ba6d89c663f8c07a648526ac5f6c0132ff88284..b7956063392333b8f12ff17c30187746bdd38cb7 100644
--- a/roles/postfix_null/tasks/main.yml
+++ b/roles/postfix_null/tasks/main.yml
@@ -7,7 +7,7 @@
- {file: main.cf, group: root, mode: 644}
- {file: relay_passwords, group: postfix, mode: 640}
notify:
- - reload postfix
+ - Reload postfix
- name: Create user account on mail to relay with
delegate_to: mail.archlinux.org
diff --git a/roles/postfwd/tasks/main.yml b/roles/postfwd/tasks/main.yml
index 8b5828edaba0edf65a643aa26b81a995cfe3f892..f674bd59f7c9d5e68e0297ab335978129e409dc1 100644
--- a/roles/postfwd/tasks/main.yml
+++ b/roles/postfwd/tasks/main.yml
@@ -4,7 +4,7 @@
- name: Install postfwd.cf
template: src=postfwd.cf.j2 dest=/etc/postfwd/postfwd.cf owner=postfwd group=root mode=0600
notify:
- - reload postfwd
+ - Reload postfwd
- name: Start and enable postfwd
service: name=postfwd enabled=yes state=started
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
index da38d4db6d7c4c4497ac5b7f5d6bcc4ad502d6b7..2dc0940ad840bc0d36fa954e60c30e65459611b2 100644
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -26,7 +26,7 @@
chdir: /var/lib/postgres
creates: /var/lib/postgres/data/postgresql.conf
notify:
- - restart postgres
+ - Restart postgres
- name: Configure postgres
template: src={{ item }}.j2 dest=/var/lib/postgres/data/{{ item }} owner=postgres group=postgres mode=0600
@@ -34,7 +34,7 @@
- postgresql.conf
- pg_hba.conf
notify:
- - restart postgres
+ - Restart postgres
- name: Install postgres certificate
copy: src=/etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem dest={{ postgres_ssl_cert_file }}
diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml
index 7f93d58051cad915aa7c8439a8a4c1265656a8b9..02348a90d51e20ef7a60165a07ee0b07c4bd03b6 100644
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@@ -3,20 +3,20 @@
- name: Install prometheus configuration
template: src=prometheus.yml.j2 dest=/etc/prometheus/prometheus.yml owner=root group=prometheus mode=640
- notify: reload prometheus
+ notify: Reload prometheus
- name: Install prometheus cli configuration
template: src=prometheus.conf.j2 dest=/etc/conf.d/prometheus owner=root group=root mode=600
- notify: reload prometheus
+ notify: Reload prometheus
- name: Install prometheus web-config configuration
template: src=web-config.yml.j2 dest=/etc/prometheus/web-config.yml owner=root group=prometheus mode=640
- notify: reload prometheus
+ notify: Reload prometheus
when: prometheus_receive_only
- name: Install prometheus alert configuration
copy: src=node.rules.yml dest=/etc/prometheus/node.rules.yml owner=root group=root mode=644
- notify: reload prometheus
+ notify: Reload prometheus
when: not prometheus_receive_only
- name: Enable prometheus server service
diff --git a/roles/prometheus_exporters/tasks/main.yml b/roles/prometheus_exporters/tasks/main.yml
index acd889acc56297f95253bfb3573886527201d69e..69e62e62c479ff27f64e0d4652d172df88dcf295 100644
--- a/roles/prometheus_exporters/tasks/main.yml
+++ b/roles/prometheus_exporters/tasks/main.yml
@@ -142,7 +142,7 @@
- name: Install blackbox exporter configuration
template: src=blackbox.yml.j2 dest=/etc/prometheus/blackbox.yml owner=root group=root mode=0644
- notify: reload blackbox exporter
+ notify: Reload blackbox exporter
when: "'prometheus' in group_names"
- name: Install rebuilderd textcollector service
diff --git a/roles/promtail/tasks/main.yml b/roles/promtail/tasks/main.yml
index 8a15009eed746791f5a02e6ec6e682f585320187..2756da993284a81c8dc1adc3ee35c66a9149ffaf 100644
--- a/roles/promtail/tasks/main.yml
+++ b/roles/promtail/tasks/main.yml
@@ -3,7 +3,7 @@
- name: Install promtail configuration
template: src=promtail.yaml.j2 dest=/etc/loki/promtail.yaml owner=root group=promtail mode=0640
- notify: restart promtail
+ notify: Restart promtail
- name: Open promtail ipv4 port for monitoring.archlinux.org
ansible.posix.firewalld: zone=wireguard state=enabled permanent=true immediate=yes
@@ -16,7 +16,7 @@
- name: Install drop-in for promtail.service
copy: src=override.conf dest=/etc/systemd/system/promtail.service.d/ owner=root group=root mode=0644
- notify: restart promtail
+ notify: Restart promtail
- name: Start and enable promtail
systemd: name=promtail.service enabled=yes daemon_reload=yes state=started
diff --git a/roles/public_html/tasks/main.yml b/roles/public_html/tasks/main.yml
index a54685df39e089e399d9490c62e4c48496f0f586..061b653d3961b1888426399f60780047765c6e7a 100644
--- a/roles/public_html/tasks/main.yml
+++ b/roles/public_html/tasks/main.yml
@@ -28,5 +28,5 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/public_html.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
diff --git a/roles/quassel/tasks/main.yml b/roles/quassel/tasks/main.yml
index 58f3f4f750cd58a7cad0a58075886f0ec801cb89..4ca225ffd327b750249867bac0a6a14499f184ef 100644
--- a/roles/quassel/tasks/main.yml
+++ b/roles/quassel/tasks/main.yml
@@ -46,7 +46,7 @@
- clean-quassel.timer
- clean-quassel.service
notify:
- - daemon reload
+ - Daemon reload
- name: Add quassel.service.d dir
file: state=directory path=/etc/systemd/system/quassel.service.d owner=root group=root mode=0755
diff --git a/roles/rebuilderd/tasks/main.yml b/roles/rebuilderd/tasks/main.yml
index a8810e22d23ff1bdb5fc93d25c9accb071846693..068ca6da3d1a1be7284d997dca8e2e34d82dbd89 100644
--- a/roles/rebuilderd/tasks/main.yml
+++ b/roles/rebuilderd/tasks/main.yml
@@ -19,7 +19,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/rebuilderd.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
- name: Enable and start rebuilderd
diff --git a/roles/rebuilderd_worker/tasks/main.yml b/roles/rebuilderd_worker/tasks/main.yml
index fbd34e0d9b25458ceb3d316a4b8c2522dd146890..c145cb41d4b37cb188320d6070210401062cd93a 100644
--- a/roles/rebuilderd_worker/tasks/main.yml
+++ b/roles/rebuilderd_worker/tasks/main.yml
@@ -23,7 +23,7 @@
- clean-repro.timer
- clean-repro.service
notify:
- - daemon reload
+ - Daemon reload
- name: Start and enable cleanup timer
service: name=clean-repro.timer enabled=yes state=started
diff --git a/roles/redirects/tasks/main.yml b/roles/redirects/tasks/main.yml
index 7fecac652c726f8c82f52ddc857a4d6226148792..d2cd275c11ac8cdd4be71fa8cc0aca53feaf4218 100644
--- a/roles/redirects/tasks/main.yml
+++ b/roles/redirects/tasks/main.yml
@@ -11,7 +11,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/redirects.conf" owner=root group=root mode=644
- notify: reload nginx
+ notify: Reload nginx
tags: ['nginx']
- name: Copy nginx map files
diff --git a/roles/rspamd/tasks/main.yml b/roles/rspamd/tasks/main.yml
index d98793b00d8ce34cd326d64496300b8c5ac0255c..ae1c52c4f2583e6765d8a401b6be0befd636b53c 100644
--- a/roles/rspamd/tasks/main.yml
+++ b/roles/rspamd/tasks/main.yml
@@ -4,12 +4,12 @@
- name: Install config
copy: src=local.d/ dest=/etc/rspamd/local.d/ owner=root group=root mode=0644
notify:
- - reload rspamd
+ - Reload rspamd
- name: Install dkim_signing.conf
template: src=dkim_signing.conf.j2 dest=/etc/rspamd/local.d/dkim_signing.conf owner=root group=root mode=0644
notify:
- - reload rspamd
+ - Reload rspamd
- name: Create rspamd dkim directory
file: path=/var/lib/rspamd/dkim state=directory owner=rspamd group=rspamd mode=0750
@@ -31,7 +31,7 @@
- "{{ rspamd_dkim_domain }}.dkim-ed25519.key"
- "{{ rspamd_dkim_domain }}.dkim-rsa.key"
notify:
- - reload rspamd
+ - Reload rspamd
- name: Start and enable rspamd
service: name=rspamd enabled=yes state=started
diff --git a/roles/security_tracker/tasks/main.yml b/roles/security_tracker/tasks/main.yml
index 9be87ba81815e374786a7310d74e0c0bf206955a..6be102a565fd95a16437a07f135b470211600585 100644
--- a/roles/security_tracker/tasks/main.yml
+++ b/roles/security_tracker/tasks/main.yml
@@ -47,7 +47,7 @@
- security-tracker-update.timer
- security-tracker-update.service
notify:
- - daemon reload
+ - Daemon reload
- name: Disable security-tracker timer
service: name="security-tracker-update.timer" enabled=no state=stopped
@@ -87,7 +87,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ security_tracker_nginx_conf }}" owner=root group=root mode=644
notify:
- - reload nginx
+ - Reload nginx
when: maintenance is not defined
tags: ['nginx']
diff --git a/roles/sources/tasks/main.yml b/roles/sources/tasks/main.yml
index 16374603c23b4b68d104e567a66ba24f10744602..177a75f4924bd28b7ee556a9d1b05d69377cf9e5 100644
--- a/roles/sources/tasks/main.yml
+++ b/roles/sources/tasks/main.yml
@@ -7,7 +7,7 @@
- name: Set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/sources.conf owner=root group=root mode=0644
notify:
- - reload nginx
+ - Reload nginx
tags: ['nginx']
- name: Make nginx log dir
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index 635085f8bacbf3d6754a961045b9b782d2f7d798..a71e30e0bd36aaff034de29de89a91f1861fb8ef 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -4,7 +4,7 @@
- name: Configure sshd
template: src=sshd_config.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0644 validate='/usr/sbin/sshd -t -f %s'
notify:
- - restart sshd
+ - Restart sshd
- name: Set file permissions
file: path=/etc/ssh mode=0600
diff --git a/roles/syncrepo/tasks/main.yml b/roles/syncrepo/tasks/main.yml
index f72356ed5bdaeff237158c59ae8f8636388d706a..cadf08c216eb6059eca960fe4c5eb0a5851a234b 100644
--- a/roles/syncrepo/tasks/main.yml
+++ b/roles/syncrepo/tasks/main.yml
@@ -58,7 +58,7 @@
vars:
mirror_domains: "{{ [mirror_domain, geo_mirror_domain] if 'geo_mirrors' in group_names else [mirror_domain] }}"
notify:
- - reload nginx
+ - Reload nginx
when: 'mirror_domain is defined'
tags: ['nginx']
diff --git a/roles/unbound/tasks/main.yml b/roles/unbound/tasks/main.yml
index ecde0575fc7527a169526324fb3254a2c341055e..093857d1ae16eb387770c0aacf9f4d424fdaf0f3 100644
--- a/roles/unbound/tasks/main.yml
+++ b/roles/unbound/tasks/main.yml
@@ -4,7 +4,7 @@
- name: Install unbound config file
template: src=unbound.conf.j2 dest=/etc/unbound/unbound.conf owner=root group=root mode=0644
notify:
- - restart unbound
+ - Restart unbound
- name: Create remote-control keys
command: unbound-control-setup creates=/etc/unbound/unbound_control.key
diff --git a/roles/uwsgi/tasks/main.yml b/roles/uwsgi/tasks/main.yml
index c8057d8504e02e5a081204312c33038780e0715e..aded5415c795f09f13cfd39da21f2c3ef1f739ff 100644
--- a/roles/uwsgi/tasks/main.yml
+++ b/roles/uwsgi/tasks/main.yml
@@ -7,7 +7,7 @@
- name: Configure uwsgi
template: src=emperor.ini.j2 dest=/etc/uwsgi/emperor.ini owner=root group=root mode=0644
notify:
- - restart emperor.uwsgi
+ - Restart emperor.uwsgi
- name: Vassals directory
file: state=directory path=/etc/uwsgi/vassals owner=root group=root mode=0755
diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml
index 445a12851b56808f252d36681a4ea4be630dc48a..876b2f722274fed335ebe0318a22bf73eef53acc 100644
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -7,7 +7,7 @@
loop:
- {src: wg0.netdev.j2, dest: wg0.netdev}
- {src: wg0.network.j2, dest: wg0.network}
- notify: reload wireguard
+ notify: Reload wireguard
- name: Create wireguard zone
ansible.posix.firewalld: zone=wireguard permanent=yes state=present