From 7eda50239ccc7648dfeaecc67a5ad7be4f114061 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Tue, 17 Mar 2020 21:11:02 +0000 Subject: [PATCH] Remove reference to `become_user: root` This was the default anyway --- ansible/roles/base/tasks/packages.yml | 1 - ansible/roles/docker/tasks/calibre.yml | 2 -- ansible/roles/docker/tasks/duplicati.yml | 2 -- ansible/roles/docker/tasks/emby.yml | 2 -- ansible/roles/docker/tasks/folding-at-home.yml | 2 -- ansible/roles/docker/tasks/gitea.yml | 7 ------- ansible/roles/docker/tasks/gotify.yml | 2 -- ansible/roles/docker/tasks/librespeed.yml | 2 -- ansible/roles/docker/tasks/netdata.yml | 2 -- ansible/roles/docker/tasks/nextcloud.yml | 5 ----- ansible/roles/docker/tasks/pihole.yml | 4 ---- ansible/roles/docker/tasks/portainer.yml | 2 -- ansible/roles/docker/tasks/quassel.yml | 2 -- ansible/roles/docker/tasks/setup-docker.yml | 1 - ansible/roles/docker/tasks/statping.yml | 2 -- ansible/roles/docker/tasks/synapse.yml | 3 --- ansible/roles/docker/tasks/todoist-github.yml | 2 -- ansible/roles/docker/tasks/torrent.yml | 2 -- ansible/roles/docker/tasks/traefik.yml | 5 ----- ansible/roles/docker/tasks/tt-rss.yml | 4 ---- ansible/roles/docker/tasks/wallabag.yml | 2 -- ansible/roles/docker/tasks/watchtower.yml | 2 -- ansible/roles/docker/tasks/whoami.yml | 2 -- ansible/roles/docker/tasks/yourls.yml | 3 --- ansible/roles/gateway/tasks/fail2ban.yml | 4 ---- ansible/roles/gateway/tasks/haproxy.yml | 3 --- ansible/roles/gateway/tasks/wireguard.yml | 6 ------ ansible/roles/ssh/tasks/main.yml | 3 --- 28 files changed, 79 deletions(-) diff --git a/ansible/roles/base/tasks/packages.yml b/ansible/roles/base/tasks/packages.yml index 4e7392a..10858cd 100644 --- a/ansible/roles/base/tasks/packages.yml +++ b/ansible/roles/base/tasks/packages.yml @@ -2,7 +2,6 @@ apt: name: "{{ item }}" become: true - become_user: root loop: - htop - neofetch diff --git a/ansible/roles/docker/tasks/calibre.yml b/ansible/roles/docker/tasks/calibre.yml index f53a1b4..44eb0d0 100644 --- a/ansible/roles/docker/tasks/calibre.yml +++ b/ansible/roles/docker/tasks/calibre.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install calibre compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle calibre container docker_compose: diff --git a/ansible/roles/docker/tasks/duplicati.yml b/ansible/roles/docker/tasks/duplicati.yml index 69d76f1..09e4d61 100644 --- a/ansible/roles/docker/tasks/duplicati.yml +++ b/ansible/roles/docker/tasks/duplicati.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install duplicati compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle duplicati container docker_compose: diff --git a/ansible/roles/docker/tasks/emby.yml b/ansible/roles/docker/tasks/emby.yml index b66f1c0..c961220 100644 --- a/ansible/roles/docker/tasks/emby.yml +++ b/ansible/roles/docker/tasks/emby.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install emby compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle emby container docker_compose: diff --git a/ansible/roles/docker/tasks/folding-at-home.yml b/ansible/roles/docker/tasks/folding-at-home.yml index 114d87d..cecf036 100644 --- a/ansible/roles/docker/tasks/folding-at-home.yml +++ b/ansible/roles/docker/tasks/folding-at-home.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install foh compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle foh container docker_compose: diff --git a/ansible/roles/docker/tasks/gitea.yml b/ansible/roles/docker/tasks/gitea.yml index a7a84e2..ecde854 100644 --- a/ansible/roles/docker/tasks/gitea.yml +++ b/ansible/roles/docker/tasks/gitea.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Create gitea config directory file: @@ -16,7 +15,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Create cgit config directory file: @@ -24,7 +22,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install gitea compose file template: @@ -35,7 +32,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Install gitea config file template: @@ -45,7 +41,6 @@ owner: "{{ docker_user.name }}" register: gitea_config_file become: true - become_user: root - name: Install cgit config file template: @@ -55,14 +50,12 @@ owner: "{{ docker_user.name }}" register: cgit_config_file become: true - become_user: root - name: Touch public repos file file: path: /opt/gitea/cgit/repos.txt state: file become: true - become_user: root - name: Cycle gitea container docker_compose: diff --git a/ansible/roles/docker/tasks/gotify.yml b/ansible/roles/docker/tasks/gotify.yml index b0aecca..278a1a9 100644 --- a/ansible/roles/docker/tasks/gotify.yml +++ b/ansible/roles/docker/tasks/gotify.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install gotify compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle gotify container docker_compose: diff --git a/ansible/roles/docker/tasks/librespeed.yml b/ansible/roles/docker/tasks/librespeed.yml index b416bc2..4be9f0e 100644 --- a/ansible/roles/docker/tasks/librespeed.yml +++ b/ansible/roles/docker/tasks/librespeed.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install librespeed compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle librespeed container docker_compose: diff --git a/ansible/roles/docker/tasks/netdata.yml b/ansible/roles/docker/tasks/netdata.yml index efc2240..9a90554 100644 --- a/ansible/roles/docker/tasks/netdata.yml +++ b/ansible/roles/docker/tasks/netdata.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install netdata compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle netdata container docker_compose: diff --git a/ansible/roles/docker/tasks/nextcloud.yml b/ansible/roles/docker/tasks/nextcloud.yml index 4085093..acc1a7a 100644 --- a/ansible/roles/docker/tasks/nextcloud.yml +++ b/ansible/roles/docker/tasks/nextcloud.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install nextcloud compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Create nextcloud config directory file: @@ -27,7 +25,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install nextcloud config template: @@ -37,7 +34,6 @@ owner: "{{ docker_user.name }}" register: config_file become: true - become_user: root - name: Install nextcloud custom nginx config template: @@ -47,7 +43,6 @@ owner: "{{ docker_user.name }}" register: nginx_config become: true - become_user: root - name: Cycle nextcloud container docker_compose: diff --git a/ansible/roles/docker/tasks/pihole.yml b/ansible/roles/docker/tasks/pihole.yml index 3ce22cd..1b2436b 100644 --- a/ansible/roles/docker/tasks/pihole.yml +++ b/ansible/roles/docker/tasks/pihole.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install pihole compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Create dnsmasq directory file: @@ -27,7 +25,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install dnsmasq hosts config template: @@ -37,7 +34,6 @@ owner: "{{ docker_user.name }}" register: dnsmasq_vpn_hosts become: true - become_user: root - name: Cycle pihole container docker_compose: diff --git a/ansible/roles/docker/tasks/portainer.yml b/ansible/roles/docker/tasks/portainer.yml index 7e84b99..76b17f2 100644 --- a/ansible/roles/docker/tasks/portainer.yml +++ b/ansible/roles/docker/tasks/portainer.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install portainer compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle portainer container docker_compose: diff --git a/ansible/roles/docker/tasks/quassel.yml b/ansible/roles/docker/tasks/quassel.yml index a35b53d..5c22a59 100644 --- a/ansible/roles/docker/tasks/quassel.yml +++ b/ansible/roles/docker/tasks/quassel.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install quassel compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle quassel container docker_compose: diff --git a/ansible/roles/docker/tasks/setup-docker.yml b/ansible/roles/docker/tasks/setup-docker.yml index 1c7cc05..7b9e86c 100644 --- a/ansible/roles/docker/tasks/setup-docker.yml +++ b/ansible/roles/docker/tasks/setup-docker.yml @@ -2,7 +2,6 @@ apt: name: "docker-compose" become: true - become_user: root - name: Create docker user user: diff --git a/ansible/roles/docker/tasks/statping.yml b/ansible/roles/docker/tasks/statping.yml index f8ffc70..22e32d6 100644 --- a/ansible/roles/docker/tasks/statping.yml +++ b/ansible/roles/docker/tasks/statping.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install statping compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle statping container docker_compose: diff --git a/ansible/roles/docker/tasks/synapse.yml b/ansible/roles/docker/tasks/synapse.yml index 95640d0..3c580b8 100644 --- a/ansible/roles/docker/tasks/synapse.yml +++ b/ansible/roles/docker/tasks/synapse.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install synapse compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Install synapse config template: @@ -29,7 +27,6 @@ owner: "{{ docker_user.name }}" register: homeserver_config become: true - become_user: root - name: Cycle synapse container docker_compose: diff --git a/ansible/roles/docker/tasks/todoist-github.yml b/ansible/roles/docker/tasks/todoist-github.yml index 30df961..ebac584 100644 --- a/ansible/roles/docker/tasks/todoist-github.yml +++ b/ansible/roles/docker/tasks/todoist-github.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install todoist-github compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle todoist-github container docker_compose: diff --git a/ansible/roles/docker/tasks/torrent.yml b/ansible/roles/docker/tasks/torrent.yml index 32d13f6..ebd7635 100644 --- a/ansible/roles/docker/tasks/torrent.yml +++ b/ansible/roles/docker/tasks/torrent.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install torrent compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle torrent container docker_compose: diff --git a/ansible/roles/docker/tasks/traefik.yml b/ansible/roles/docker/tasks/traefik.yml index 66c6905..5e6182c 100644 --- a/ansible/roles/docker/tasks/traefik.yml +++ b/ansible/roles/docker/tasks/traefik.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Create traefik config directory file: @@ -13,7 +12,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install traefik compose file template: @@ -24,7 +22,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Install traefik config template: @@ -34,7 +31,6 @@ owner: "{{ docker_user.name }}" register: config_file become: true - become_user: root - name: Install traefik file provider template: @@ -44,7 +40,6 @@ owner: "{{ docker_user.name }}" register: file_provider become: true - become_user: root - name: Cycle traefik container docker_compose: diff --git a/ansible/roles/docker/tasks/tt-rss.yml b/ansible/roles/docker/tasks/tt-rss.yml index 83c4f99..65769be 100644 --- a/ansible/roles/docker/tasks/tt-rss.yml +++ b/ansible/roles/docker/tasks/tt-rss.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install tt-rss compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Create tt-rss config directory file: @@ -24,7 +22,6 @@ state: directory mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install tt-rss config template: @@ -34,7 +31,6 @@ owner: "{{ docker_user.name }}" register: config_file become: true - become_user: root - name: Cycle tt-rss container docker_compose: diff --git a/ansible/roles/docker/tasks/wallabag.yml b/ansible/roles/docker/tasks/wallabag.yml index e5a07f0..43c1787 100644 --- a/ansible/roles/docker/tasks/wallabag.yml +++ b/ansible/roles/docker/tasks/wallabag.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install wallabag compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle wallabag container docker_compose: diff --git a/ansible/roles/docker/tasks/watchtower.yml b/ansible/roles/docker/tasks/watchtower.yml index 9a79747..831d4bc 100644 --- a/ansible/roles/docker/tasks/watchtower.yml +++ b/ansible/roles/docker/tasks/watchtower.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install watchtower compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle watchtower container docker_compose: diff --git a/ansible/roles/docker/tasks/whoami.yml b/ansible/roles/docker/tasks/whoami.yml index f86cc99..bb208b1 100644 --- a/ansible/roles/docker/tasks/whoami.yml +++ b/ansible/roles/docker/tasks/whoami.yml @@ -5,7 +5,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install whoami compose file template: @@ -16,7 +15,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Cycle whoami container docker_compose: diff --git a/ansible/roles/docker/tasks/yourls.yml b/ansible/roles/docker/tasks/yourls.yml index 7e2e421..43ae0d9 100644 --- a/ansible/roles/docker/tasks/yourls.yml +++ b/ansible/roles/docker/tasks/yourls.yml @@ -8,7 +8,6 @@ owner: "{{ docker_user.name }}" mode: "{{ docker_compose_directory_mask }}" become: true - become_user: root - name: Install yourls compose file template: @@ -19,7 +18,6 @@ validate: /usr/bin/docker-compose -f %s config register: compose_file become: true - become_user: root - name: Install yourls index template: @@ -28,7 +26,6 @@ mode: "{{ docker_compose_file_mask }}" register: config_file become: true - become_user: root - name: Cycle yourls container docker_compose: diff --git a/ansible/roles/gateway/tasks/fail2ban.yml b/ansible/roles/gateway/tasks/fail2ban.yml index 6fb8dce..77ae933 100644 --- a/ansible/roles/gateway/tasks/fail2ban.yml +++ b/ansible/roles/gateway/tasks/fail2ban.yml @@ -2,14 +2,12 @@ apt: name: fail2ban become: true - become_user: root - name: fail2ban filter template: src: files/haproxy-fail2ban-filter.conf dest: /etc/fail2ban/filter.d/haproxy-basic.conf become: true - become_user: root register: fail2ban_filter - name: fail2ban jail @@ -17,7 +15,6 @@ src: files/haproxy-fail2ban-jail.conf dest: /etc/fail2ban/jail.d/haproxy.conf become: true - become_user: root register: fail2ban_jail - name: Restart fail2ban @@ -25,5 +22,4 @@ name: haproxy state: restarted become: true - become_user: root when: fail2ban_filter.changed or fail2ban_jail.changed diff --git a/ansible/roles/gateway/tasks/haproxy.yml b/ansible/roles/gateway/tasks/haproxy.yml index f0dacd2..092ad9a 100644 --- a/ansible/roles/gateway/tasks/haproxy.yml +++ b/ansible/roles/gateway/tasks/haproxy.yml @@ -2,7 +2,6 @@ apt: name: haproxy become: true - become_user: root - name: Haproxy config template: @@ -11,7 +10,6 @@ validate: /usr/sbin/haproxy -c -- %s backup: yes become: true - become_user: root register: haproxy_config - name: Restart Haproxy @@ -19,5 +17,4 @@ name: haproxy state: restarted become: true - become_user: root when: haproxy_config.changed diff --git a/ansible/roles/gateway/tasks/wireguard.yml b/ansible/roles/gateway/tasks/wireguard.yml index 656b530..6d7c222 100644 --- a/ansible/roles/gateway/tasks/wireguard.yml +++ b/ansible/roles/gateway/tasks/wireguard.yml @@ -5,21 +5,18 @@ line: 'deb http://deb.debian.org/debian/ unstable main' register: install_unstable_apt become: true - become_user: root - name: Limit unstable apt repo copy: src: limit-unstable.conf dest: /etc/apt/preferences.d/limit-unstable become: true - become_user: root register: limit_unstable_apt - name: Update apt repos apt: update_cache: true become: true - become_user: root when: install_unstable_apt.changed or limit_unstable_apt.changed - name: Install Wireguard @@ -28,7 +25,6 @@ - wireguard - wireguard-tools become: true - become_user: root - name: Wireguard server config template: @@ -36,7 +32,6 @@ dest: /etc/wireguard/wg0.conf backup: yes become: true - become_user: root register: wireguard_conf - name: Enable wireguard @@ -46,7 +41,6 @@ enabled: true when: wireguard_conf.changed become: true - become_user: root - name: Create wireguard client directory file: diff --git a/ansible/roles/ssh/tasks/main.yml b/ansible/roles/ssh/tasks/main.yml index d091dbe..ac37d3c 100644 --- a/ansible/roles/ssh/tasks/main.yml +++ b/ansible/roles/ssh/tasks/main.yml @@ -2,7 +2,6 @@ apt: name: openssh-server become: true - become_user: root - name: Define context set_fact: @@ -16,7 +15,6 @@ validate: /usr/sbin/sshd -t -f %s backup: yes become: true - become_user: root register: sshd_config - name: Restart SSH config @@ -25,4 +23,3 @@ state: reloaded when: sshd_config.changed become: true - become_user: root