diff --git a/ansible/.ansible-lint b/ansible/.ansible-lint index 4858af9..c2c7262 100644 --- a/ansible/.ansible-lint +++ b/ansible/.ansible-lint @@ -1,10 +1,11 @@ skip_list: - - 305 - - 401 - - 301 - - 503 + - command-instead-of-shell + - no-handler + - git-latest exclude_paths: - ansible/galaxy_roles/ - ansible/galaxy_collections/ - ~/.ansible + - roles/nebula/files/nebula.yml + - roles/traefik/files/traefik.yml diff --git a/ansible/dev-requirements.txt b/ansible/dev-requirements.txt index 2af2326..16ed479 100644 --- a/ansible/dev-requirements.txt +++ b/ansible/dev-requirements.txt @@ -1,2 +1,2 @@ -ansible-lint==4.3.5 +ansible-lint==5.3.2 yamllint==1.24.2 diff --git a/ansible/group_vars/all/base.yml b/ansible/group_vars/all/base.yml index 61f4117..4bea0c8 100644 --- a/ansible/group_vars/all/base.yml +++ b/ansible/group_vars/all/base.yml @@ -1,4 +1,4 @@ -TZ: Europe/London +timezone: Europe/London # noqa var-naming # HACK: Some of the hostnames aren't valid dict keys hostname_slug: "{{ ansible_hostname | replace('-', '_') }}" diff --git a/ansible/main.yml b/ansible/main.yml index 00f46f1..402db44 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -22,7 +22,7 @@ - role: geerlingguy.ntp become: true vars: - ntp_timezone: "{{ TZ }}" + ntp_timezone: "{{ timezone }}" ntp_manage_config: true - hosts: diff --git a/ansible/roles/base/tasks/ssh.yml b/ansible/roles/base/tasks/ssh.yml index e284c1d..c1ea135 100644 --- a/ansible/roles/base/tasks/ssh.yml +++ b/ansible/roles/base/tasks/ssh.yml @@ -20,7 +20,7 @@ src: files/sshd_config dest: /etc/ssh/sshd_config validate: /usr/sbin/sshd -t -f %s - backup: yes + backup: true mode: 0644 become: true register: sshd_config diff --git a/ansible/roles/forrest/files/grafana/docker-compose.yml b/ansible/roles/forrest/files/grafana/docker-compose.yml index 39ac091..8519d2a 100644 --- a/ansible/roles/forrest/files/grafana/docker-compose.yml +++ b/ansible/roles/forrest/files/grafana/docker-compose.yml @@ -4,7 +4,7 @@ services: grafana: image: grafana/grafana:latest environment: - - TZ={{ TZ }} + - TZ={{ timezone }} - GF_DATABASE_URL=postgres://grafana:grafana@db/grafana - GF_RENDERING_SERVER_URL=http://renderer:8081/render - GF_RENDERING_CALLBACK_URL=http://grafana:3000/ @@ -42,7 +42,7 @@ services: image: grafana/grafana-image-renderer:latest restart: unless-stopped environment: - - BROWSER_TZ={{ TZ }} + - BROWSER_TZ={{ timezone }} networks: diff --git a/ansible/roles/gateway/tasks/wireguard.yml b/ansible/roles/gateway/tasks/wireguard.yml index e5da01d..e69a938 100644 --- a/ansible/roles/gateway/tasks/wireguard.yml +++ b/ansible/roles/gateway/tasks/wireguard.yml @@ -3,7 +3,7 @@ src: files/wireguard-server.conf dest: /etc/wireguard/wg0.conf mode: "0600" - backup: yes + backup: true become: true register: wireguard_conf @@ -41,9 +41,9 @@ sysctl: name: net.ipv4.ip_forward value: "1" - sysctl_set: yes + sysctl_set: true state: present - reload: yes + reload: true sysctl_file: /etc/sysctl.d/99-sysctl.conf become: true diff --git a/ansible/roles/gitlab/files/gitlab.rb b/ansible/roles/gitlab/files/gitlab.rb index 0dd9070..d39cc04 100644 --- a/ansible/roles/gitlab/files/gitlab.rb +++ b/ansible/roles/gitlab/files/gitlab.rb @@ -11,7 +11,7 @@ nginx['ssl_certificate'] = "/etc/ssl/certs/ssl-cert-snakeoil.pem" nginx['ssl_certificate_key'] = "/etc/ssl/private/ssl-cert-snakeoil.key" letsencrypt['enable'] = false -gitlab_rails['time_zone'] = '{{ TZ }}' +gitlab_rails['time_zone'] = '{{ timezone }}' # https://docs.gitlab.com/omnibus/settings/memory_constrained_envs.html puma['worker_processes'] = 2 diff --git a/ansible/roles/ingress/tasks/wireguard.yml b/ansible/roles/ingress/tasks/wireguard.yml index 8119272..9144598 100644 --- a/ansible/roles/ingress/tasks/wireguard.yml +++ b/ansible/roles/ingress/tasks/wireguard.yml @@ -27,8 +27,8 @@ sysctl: name: net.ipv4.ip_forward value: "1" - sysctl_set: yes + sysctl_set: true state: present - reload: yes + reload: true sysctl_file: /etc/sysctl.d/99-sysctl.conf become: true diff --git a/ansible/roles/nebula/tasks/main.yml b/ansible/roles/nebula/tasks/main.yml index 17ee84c..c24112b 100644 --- a/ansible/roles/nebula/tasks/main.yml +++ b/ansible/roles/nebula/tasks/main.yml @@ -9,7 +9,7 @@ unarchive: src: https://github.com/slackhq/nebula/releases/download/v{{ nebula_version }}/nebula-linux-amd64.tar.gz dest: /usr/bin - remote_src: yes + remote_src: true mode: "0755" become: true notify: restart nebula diff --git a/ansible/roles/privatebin/files/docker-compose.yml b/ansible/roles/privatebin/files/docker-compose.yml index 8d6d3dc..04e856f 100644 --- a/ansible/roles/privatebin/files/docker-compose.yml +++ b/ansible/roles/privatebin/files/docker-compose.yml @@ -4,7 +4,7 @@ services: privatebin: image: privatebin/nginx-fpm-alpine:latest environment: - - TZ={{ TZ }} + - TZ={{ timezone }} volumes: - "{{ app_data_dir }}/privatebin/:/srv/data" - "{{ app_data_dir }}/privatebin/conf.php:/srv/cfg/conf.php:ro" diff --git a/ansible/roles/pve_docker/files/calibre/docker-compose.yml b/ansible/roles/pve_docker/files/calibre/docker-compose.yml index b87c80e..3e9c824 100644 --- a/ansible/roles/pve_docker/files/calibre/docker-compose.yml +++ b/ansible/roles/pve_docker/files/calibre/docker-compose.yml @@ -5,7 +5,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} restart: unless-stopped volumes: - /mnt/tank/app-data/calibre:/config diff --git a/ansible/roles/pve_docker/files/librespeed/docker-compose.yml b/ansible/roles/pve_docker/files/librespeed/docker-compose.yml index 8aeff73..d075255 100644 --- a/ansible/roles/pve_docker/files/librespeed/docker-compose.yml +++ b/ansible/roles/pve_docker/files/librespeed/docker-compose.yml @@ -5,7 +5,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} ports: - 33377:80 restart: unless-stopped diff --git a/ansible/roles/pve_docker/files/nextcloud/docker-compose.yml b/ansible/roles/pve_docker/files/nextcloud/docker-compose.yml index e7ed1a0..9f3656b 100644 --- a/ansible/roles/pve_docker/files/nextcloud/docker-compose.yml +++ b/ansible/roles/pve_docker/files/nextcloud/docker-compose.yml @@ -6,7 +6,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} - DOCKER_MODS=theorangeone/lsio-mod-more-processes:latest volumes: - "{{ app_data_dir }}/nextcloud/apps:/config/www/nextcloud/apps" diff --git a/ansible/roles/pve_docker/files/quassel/docker-compose.yml b/ansible/roles/pve_docker/files/quassel/docker-compose.yml index 122308a..d07501a 100644 --- a/ansible/roles/pve_docker/files/quassel/docker-compose.yml +++ b/ansible/roles/pve_docker/files/quassel/docker-compose.yml @@ -5,7 +5,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} - DB_BACKEND=PostgreSQL - DB_PGSQL_USERNAME=quassel - DB_PGSQL_PASSWORD=quassel diff --git a/ansible/roles/pve_docker/files/tt-rss/docker-compose.yml b/ansible/roles/pve_docker/files/tt-rss/docker-compose.yml index ed5a206..3c9e385 100644 --- a/ansible/roles/pve_docker/files/tt-rss/docker-compose.yml +++ b/ansible/roles/pve_docker/files/tt-rss/docker-compose.yml @@ -6,7 +6,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} - DOCKER_MODS=theorangeone/lsio-mod-more-processes:latest - TTRSS_DB_USER=tt-rss diff --git a/ansible/roles/renovate/files/docker-compose.yml b/ansible/roles/renovate/files/docker-compose.yml index b46f20b..e633c36 100644 --- a/ansible/roles/renovate/files/docker-compose.yml +++ b/ansible/roles/renovate/files/docker-compose.yml @@ -5,7 +5,7 @@ services: command: /entrypoint.sh user: "{{ docker_user.id }}" environment: - - TZ={{ TZ }} + - TZ={{ timezone }} - GITHUB_COM_TOKEN={{ renovate_github_token }} - DOCKER_HOST=tcp://docker_proxy:2375 - LOG_LEVEL=debug # Noisy, but required for debugging diff --git a/ansible/roles/uptime_kuma/files/docker-compose.yml b/ansible/roles/uptime_kuma/files/docker-compose.yml index aff9920..cc9cc0c 100644 --- a/ansible/roles/uptime_kuma/files/docker-compose.yml +++ b/ansible/roles/uptime_kuma/files/docker-compose.yml @@ -7,7 +7,7 @@ services: environment: - PUID={{ docker_user.id }} - PGID={{ docker_user.id }} - - TZ={{ TZ }} + - TZ={{ timezone }} volumes: - ./data:/app/data labels: diff --git a/scripts/ansible/lint.sh b/scripts/ansible/lint.sh index ebfe14e..8f9bc5a 100755 --- a/scripts/ansible/lint.sh +++ b/scripts/ansible/lint.sh @@ -4,10 +4,10 @@ set -e PATH=${PWD}/env/bin:${PATH} -set -x +yamllint -sc ansible/yamllint.yml ansible -yamllint -sc ansible/yamllint.yml ansible/ +cd ansible/ -ansible-lint ansible/main.yml -p -c ansible/.ansible-lint +ansible-lint -p -cd ansible/ && ansible-playbook main.yml --syntax-check +ansible-playbook main.yml --syntax-check