From bc3310066a31de639cc0ed1c0ee5e1246e17ec47 Mon Sep 17 00:00:00 2001 From: Sonny Bakker Date: Sat, 30 Jan 2021 13:44:55 +0100 Subject: [PATCH] Remove skip_common_setup flag --- .ansible-lint | 5 --- .gitlab-ci.yml | 31 ++++++--------- .prettier.json | 9 ----- .prettierrc.yml | 5 +++ defaults/main.yml | 4 +- handlers/{main.yml => main/services.yml} | 2 - handlers/{ => main}/user.yml | 4 +- meta/main.yml | 6 +-- tasks/host.yml | 12 +++--- tasks/known_hosts.yml | 34 ++++++++-------- tasks/main.yml | 2 - tasks/network.yml | 12 +++--- tasks/nginx.yml | 8 ++-- tasks/poetry.yml | 50 ++++++++++++------------ tasks/setup.yml | 18 ++++----- tasks/ssl.yml | 24 ++++++------ tasks/sudoers.yml | 6 +-- 17 files changed, 106 insertions(+), 126 deletions(-) delete mode 100644 .ansible-lint delete mode 100644 .prettier.json create mode 100644 .prettierrc.yml rename handlers/{main.yml => main/services.yml} (98%) rename handlers/{ => main}/user.yml (80%) delete mode 100644 tasks/main.yml diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index e99d805..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,5 +0,0 @@ -parseable: true -quiet: true -skip_list: - - '501' -use_default_rules: true diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a629be7..d9ade6f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,31 +3,24 @@ stages: - test cache: - key: "$CI_COMMIT_REF_SLUG" + key: $CI_COMMIT_REF_SLUG paths: - .cache/pip - node_modules/ lint: - stage: lint - image: python:3.7 - before_script: - - pip install ansible ansible-lint --quiet - script: - - ansible-lint playbook.yml - only: - refs: - - development - - merge_requests - -pretty-lint: stage: lint image: node:12 before_script: - - npm install + - npm install prettier --no-save script: - - npx prettier "**/*.yml" --check - only: - refs: - - development - - merge_requests + - npx prettier '**/*.yml' --check + +syntax-test: + stage: test + image: python:3.7 + before_script: + - pip install ansible --quiet + - ansible-galaxy install -r requirements.yml + script: + - ansible-playbook playbook.yml --syntax-check diff --git a/.prettier.json b/.prettier.json deleted file mode 100644 index 9c76f6b..0000000 --- a/.prettier.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "singleQuote": true, - "printWidth": 90, - "tabWidth": 2, - "useTabs": false, - "bracketSpacing": true, - "parser": "yaml" -} - diff --git a/.prettierrc.yml b/.prettierrc.yml new file mode 100644 index 0000000..0cb31e6 --- /dev/null +++ b/.prettierrc.yml @@ -0,0 +1,5 @@ +singleQuote: true +printWidth: 90 +tabWidth: 2 +useTabs: false +bracketSpacing: true diff --git a/defaults/main.yml b/defaults/main.yml index d2d3c30..3fab824 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,3 +1,3 @@ -poetry_url: "https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py" +poetry_url: 'https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py' poetry_user: "{{ ansible_user | default(lookup('env', 'USER'), True) }}" -poetry_dir: "{{ ansible_env.HOME }}/.poetry" +poetry_dir: '{{ ansible_env.HOME }}/.poetry' diff --git a/handlers/main.yml b/handlers/main/services.yml similarity index 98% rename from handlers/main.yml rename to handlers/main/services.yml index 2ed56a7..ca368bd 100644 --- a/handlers/main.yml +++ b/handlers/main/services.yml @@ -77,5 +77,3 @@ state: restarted enabled: yes daemon-reload: yes - -- include: user.yml diff --git a/handlers/user.yml b/handlers/main/user.yml similarity index 80% rename from handlers/user.yml rename to handlers/main/user.yml index 8cf4b1a..006f3c1 100644 --- a/handlers/user.yml +++ b/handlers/main/user.yml @@ -1,5 +1,5 @@ - name: start user tmux service - become_user: "{{ default_user }}" + become_user: '{{ default_user }}' become: yes systemd: daemon-reload: yes @@ -9,7 +9,7 @@ scope: user - name: restart user tmux service - become_user: "{{ default_user }}" + become_user: '{{ default_user }}' become: yes systemd: daemon-reload: yes diff --git a/meta/main.yml b/meta/main.yml index 1e19aa6..59c1b4d 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -2,10 +2,10 @@ dependencies: [] galaxy_info: author: sonny - description: "Common tasks" - license: "license GPLv3" + description: 'Common tasks' + license: 'license GPLv3' min_ansible_version: 2.7 - issue_tracker_url: "https://git.fudiggity.nl/ansible/common/-/issues" + issue_tracker_url: 'https://git.fudiggity.nl/ansible/common/-/issues' platforms: - name: Debian versions: diff --git a/tasks/host.yml b/tasks/host.yml index 818e7c2..e72e29d 100644 --- a/tasks/host.yml +++ b/tasks/host.yml @@ -1,15 +1,15 @@ - name: copy hostname template: - src: "hostname.j2" - dest: "/etc/hostname" + src: 'hostname.j2' + dest: '/etc/hostname' owner: root group: root - mode: "0644" + mode: '0644' - name: copy hosts template: - src: "hosts.j2" - dest: "/etc/hosts" + src: 'hosts.j2' + dest: '/etc/hosts' owner: root group: root - mode: "0644" + mode: '0644' diff --git a/tasks/known_hosts.yml b/tasks/known_hosts.yml index d8abe99..552da97 100644 --- a/tasks/known_hosts.yml +++ b/tasks/known_hosts.yml @@ -1,39 +1,39 @@ - name: load OS specific vars - include_vars: "{{ item }}" + include_vars: '{{ item }}' with_first_found: - files: - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml" - - "{{ ansible_distribution|lower }}.yml" - - "{{ ansible_os_family|lower }}.yml" + - '{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml' + - '{{ ansible_distribution|lower }}.yml' + - '{{ ansible_os_family|lower }}.yml' paths: - - "{{ role_path }}/vars" + - '{{ role_path }}/vars' - name: install packages become: yes package: - name: "{{ item }}" + name: '{{ item }}' state: present - loop: "{{ known_hosts_packages }}" + loop: '{{ known_hosts_packages }}' - name: retrieve user $HOME - shell: "echo $HOME" # noqa 301 - become_user: "{{ user }}" + shell: 'echo $HOME' # noqa 301 + become_user: '{{ user }}' register: home_stats - name: set user $HOME set_fact: - user_home: "{{ home_stats.stdout }}" + user_home: '{{ home_stats.stdout }}' - name: create local ssh directory - become_user: "{{ user }}" + become_user: '{{ user }}' file: - path: "{{ user_home }}/.ssh" + path: '{{ user_home }}/.ssh' state: directory - mode: "0755" + mode: '0755' - name: add items to known hosts - become_user: "{{ user }}" + become_user: '{{ user }}' known_hosts: - name: "{{ item.domain }}" - key: "{{ item.key }}" - loop: "{{ items }}" + name: '{{ item.domain }}' + key: '{{ item.key }}' + loop: '{{ items }}' diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index 9079cfa..0000000 --- a/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- include_tasks: "setup.yml" - when: skip_common_setup is not defined or not skip_common_setup diff --git a/tasks/network.yml b/tasks/network.yml index f9ff775..687455d 100644 --- a/tasks/network.yml +++ b/tasks/network.yml @@ -8,20 +8,20 @@ - name: copy network configuration template: - src: "network.j2" - dest: "/etc/systemd/network/50-default.network" + src: 'network.j2' + dest: '/etc/systemd/network/50-default.network' owner: root group: root - mode: "0644" + mode: '0644' notify: restart systemd-networkd - name: copy dns configuration file: - src: "/run/systemd/resolve/resolv.conf" - dest: "/etc/resolv.conf" + src: '/run/systemd/resolve/resolv.conf' + dest: '/etc/resolv.conf' owner: root group: root state: link force: yes - mode: "0644" + mode: '0644' notify: restart systemd-resolved diff --git a/tasks/nginx.yml b/tasks/nginx.yml index 965ef2a..b862cd0 100644 --- a/tasks/nginx.yml +++ b/tasks/nginx.yml @@ -5,14 +5,14 @@ - name: copy nginx config template: - src: "nginx.conf.j2" - dest: "/etc/nginx/nginx.conf" + src: 'nginx.conf.j2' + dest: '/etc/nginx/nginx.conf' owner: root group: root - mode: "0644" + mode: '0644' - name: remove default site file: - path: "/etc/nginx/sites-enabled/default" + path: '/etc/nginx/sites-enabled/default' state: absent notify: restart nginx diff --git a/tasks/poetry.yml b/tasks/poetry.yml index 8649337..b931a0d 100644 --- a/tasks/poetry.yml +++ b/tasks/poetry.yml @@ -1,62 +1,62 @@ - name: retrieve user $HOME # noqa 301 - shell: "echo $HOME" - become_user: "{{ poetry_user }}" + shell: 'echo $HOME' + become_user: '{{ poetry_user }}' register: home_stats - name: retrieve user $PATH # noqa 301 - shell: "echo $PATH" - become_user: "{{ poetry_user }}" + shell: 'echo $PATH' + become_user: '{{ poetry_user }}' register: path_stats - name: set poetry user variables set_fact: - poetry_user_home: "{{ home_stats.stdout }}" - poetry_user_path: "{{ path_stats.stdout }}" + poetry_user_home: '{{ home_stats.stdout }}' + poetry_user_path: '{{ path_stats.stdout }}' - name: create user folder for binaries - become_user: "{{ poetry_user }}" + become_user: '{{ poetry_user }}' file: state: directory - mode: "0755" - path: "{{ poetry_user_home }}/.local/bin" + mode: '0755' + path: '{{ poetry_user_home }}/.local/bin' - name: set default python binary # noqa 208 become: true file: state: link - src: "/usr/bin/python3" - dest: "/usr/bin/python" + src: '/usr/bin/python3' + dest: '/usr/bin/python' when: ansible_distribution == "Ubuntu" - name: setup poetry for Ubuntu/Debian derived distro's block: - name: check poetry existence - become_user: "{{ poetry_user }}" + become_user: '{{ poetry_user }}' stat: - path: "{{ poetry_dir }}" + path: '{{ poetry_dir }}' register: poetry_stats - name: download poetry installer - become_user: "{{ poetry_user }}" + become_user: '{{ poetry_user }}' get_url: - url: "{{ poetry_url }}" + url: '{{ poetry_url }}' dest: /tmp/ - mode: "0750" + mode: '0750' when: poetry_stats.stat.isdir is not defined - name: install poetry - become_user: "{{ poetry_user }}" - command: "python /tmp/get-poetry.py --yes" # noqa 305 + become_user: '{{ poetry_user }}' + command: 'python /tmp/get-poetry.py --yes' # noqa 305 environment: - POETRY_HOME: "{{ poetry_dir }}" + POETRY_HOME: '{{ poetry_dir }}' when: poetry_stats.stat.isdir is not defined - name: add poetry to user binaries # noqa 208 - become_user: "{{ poetry_user }}" + become_user: '{{ poetry_user }}' file: state: link - src: "{{ poetry_dir }}/bin/poetry" - dest: "{{ poetry_user_home }}/.local/bin/poetry" + src: '{{ poetry_dir }}/bin/poetry' + dest: '{{ poetry_user_home }}/.local/bin/poetry' when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu" - name: setup poetry for Archlinux @@ -67,7 +67,7 @@ when: ansible_facts['os_family'] == "Archlinux" - name: update poetry config - become_user: "{{ poetry_user }}" - command: "poetry config virtualenvs.in-project true" # noqa 301 + become_user: '{{ poetry_user }}' + command: 'poetry config virtualenvs.in-project true' # noqa 301 environment: - PATH: "{{ poetry_user_home }}/.local/bin:{{ poetry_user_path }}" + PATH: '{{ poetry_user_home }}/.local/bin:{{ poetry_user_path }}' diff --git a/tasks/setup.yml b/tasks/setup.yml index 2811ac4..b2c125c 100644 --- a/tasks/setup.yml +++ b/tasks/setup.yml @@ -1,14 +1,14 @@ -- include_tasks: "sudoers.yml" +- include_tasks: 'sudoers.yml' loop: - - { src: "sudoers.j2", dest: "/etc/sudoers.d/20-ansible-extra" } + - { src: 'sudoers.j2', dest: '/etc/sudoers.d/20-ansible-extra' } - name: copy ssh template template: - src: "sshd_config.j2" - dest: "/etc/ssh/sshd_config" + src: 'sshd_config.j2' + dest: '/etc/ssh/sshd_config' owner: root group: root - mode: "0644" + mode: '0644' notify: reload ssh - name: viva la hollande @@ -39,13 +39,13 @@ - name: copy firewall template template: - src: "nftables.j2" - dest: "/etc/nftables.conf" + src: 'nftables.j2' + dest: '/etc/nftables.conf' owner: root group: root - mode: "0600" + mode: '0600' notify: restart nftables # see https://wiki.debian.org/systemd#Orphaned_processes - name: enable loginctl user-linger - command: "loginctl enable-linger {{ default_user|quote }}" # noqa 301 + command: 'loginctl enable-linger {{ default_user|quote }}' # noqa 301 diff --git a/tasks/ssl.yml b/tasks/ssl.yml index a1cb905..058e501 100644 --- a/tasks/ssl.yml +++ b/tasks/ssl.yml @@ -11,29 +11,29 @@ - name: create ssl directory file: - path: "/etc/ssl/{{ app_name }}" + path: '/etc/ssl/{{ app_name }}' state: directory - owner: "{{ app_user }}" - group: "{{ app_user }}" + owner: '{{ app_user }}' + group: '{{ app_user }}' mode: 0750 - name: generate an OpenSSL private key with the default values (4096 bits, RSA) - become_user: "{{ app_user }}" + become_user: '{{ app_user }}' openssl_privatekey: - path: "/etc/ssl/{{ app_name }}/local.pem" + path: '/etc/ssl/{{ app_name }}/local.pem' - name: generate an OpenSSL certificate signing request - become_user: "{{ app_user }}" + become_user: '{{ app_user }}' openssl_csr: - path: "/etc/ssl/{{ app_name }}/local.csr" - privatekey_path: "/etc/ssl/{{ app_name }}/local.pem" + path: '/etc/ssl/{{ app_name }}/local.csr' + privatekey_path: '/etc/ssl/{{ app_name }}/local.pem' common_name: fudiggity.nl - name: generate a self signed OpenSSL certificate - become_user: "{{ app_user }}" + become_user: '{{ app_user }}' openssl_certificate: force: yes - path: "/etc/ssl/{{ app_name }}/{{ app_name }}.crt" - privatekey_path: "/etc/ssl/{{ app_name }}/local.pem" - csr_path: "/etc/ssl/{{ app_name }}/local.csr" + path: '/etc/ssl/{{ app_name }}/{{ app_name }}.crt' + privatekey_path: '/etc/ssl/{{ app_name }}/local.pem' + csr_path: '/etc/ssl/{{ app_name }}/local.csr' provider: selfsigned diff --git a/tasks/sudoers.yml b/tasks/sudoers.yml index c3c3bec..a4c8979 100644 --- a/tasks/sudoers.yml +++ b/tasks/sudoers.yml @@ -1,7 +1,7 @@ - name: copy extra sudoers file template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: root - mode: "0644" + mode: '0644'