From c3e8ace20dff13b7a8049959c30a1c3c2ed98bbb Mon Sep 17 00:00:00 2001 From: "ansible-code-bot-stage[bot]" <145416087+ansible-code-bot-stage[bot]@users.noreply.github.com> Date: Mon, 4 Mar 2024 15:25:59 +0000 Subject: [PATCH] Fix ansible-lint rule violations --- .../local/colors/galaxy.yml | 2 +- collection/main.yml | 4 +- deployments-balancer/playbooks/deploy.yml | 8 ++-- deployments-balancer/playbooks/provision.yml | 6 +-- deployments-rolling/playbooks/deploy.yml | 20 ++++---- deployments-rolling/playbooks/provision.yml | 4 +- deployments-rolling/playbooks/vars.yml | 2 +- deployments/playbooks/deploy.yml | 12 ++--- deployments/playbooks/provision.yml | 4 +- deployments/playbooks/vars.yml | 2 +- docker-flask/provisioning/docker.yml | 4 +- docker-flask/provisioning/www/playbook.yml | 6 +-- docker-hubot/main.yml | 14 +++--- docker-hubot/roles/hubot-slack/meta/main.yml | 15 +++--- docker-hubot/roles/hubot-slack/tasks/main.yml | 12 ++--- drupal/provisioning/playbook.yml | 24 +++++----- drupal/provisioning/vars.yml | 6 +-- dynamic-inventory/digitalocean/provision.yml | 12 ++--- elk/provisioning/elk/main.yml | 2 +- elk/provisioning/elk/vars/main.yml | 4 +- elk/provisioning/web/main.yml | 8 ++-- elk/provisioning/web/vars/main.yml | 2 +- elk/requirements.yml | 26 +++++------ first-ansible-playbook/playbook.yml | 26 +++++------ galaxy-role-servers/lamp.yml | 2 +- galaxy-role-servers/solr.yml | 2 +- gluster/playbooks/provision.yml | 8 ++-- https-letsencrypt/main.yml | 4 +- https-nginx-proxy/provisioning/main.yml | 4 +- https-nginx-proxy/provisioning/vars/main.yml | 5 +- https-self-signed/provisioning/main.yml | 4 +- https-self-signed/provisioning/vars/main.yml | 5 +- includes/provisioning/playbook.yml | 2 +- includes/provisioning/tasks/apache.yml | 12 ++--- includes/provisioning/tasks/common.yml | 6 +-- includes/provisioning/tasks/composer.yml | 6 +-- includes/provisioning/tasks/mysql.yml | 2 +- includes/provisioning/tasks/php.yml | 6 +-- includes/provisioning/vars.yml | 8 ++-- kubernetes/examples/files/nginx.yml | 8 ++-- kubernetes/examples/files/tiller-rbac.yml | 2 +- kubernetes/examples/helm-cleanup.yml | 2 +- kubernetes/examples/helm.yml | 6 +-- kubernetes/examples/k8s-module-cleanup.yml | 2 +- kubernetes/examples/k8s-module.yml | 8 ++-- kubernetes/examples/kubectl-connection.yml | 8 ++-- kubernetes/main.yml | 10 ++-- kubernetes/vars/main.yml | 16 +++---- .../inventories/aws/aws_ec2.yml | 4 +- lamp-infrastructure/playbooks/db/main.yml | 2 +- .../playbooks/memcached/main.yml | 2 +- .../playbooks/memcached/vars.yml | 4 +- .../playbooks/varnish/main.yml | 6 +-- lamp-infrastructure/playbooks/www/main.yml | 2 +- lamp-infrastructure/provisioners/aws.yml | 40 ++++++++-------- .../provisioners/digitalocean.yml | 18 ++++---- molecule/main.yml | 4 +- molecule/molecule/default/molecule.yml | 2 +- molecule/molecule/default/verify.yml | 8 ++-- nodejs-role/playbook.yml | 14 +++--- nodejs/provisioning/playbook.yml | 16 +++---- security/main.yml | 46 +++++++++---------- solr/provisioning/playbook.yml | 2 +- test-plugin/main.yml | 2 +- tests/deployments-rolling.yml | 2 +- tests/security.yml | 4 +- tests/solr.yml | 2 +- 67 files changed, 271 insertions(+), 272 deletions(-) diff --git a/collection/collections/ansible_collections/local/colors/galaxy.yml b/collection/collections/ansible_collections/local/colors/galaxy.yml index dd21c7e6..56be6e05 100644 --- a/collection/collections/ansible_collections/local/colors/galaxy.yml +++ b/collection/collections/ansible_collections/local/colors/galaxy.yml @@ -4,4 +4,4 @@ name: colors version: 1.0.0 readme: README.md authors: -- your name + - your name diff --git a/collection/main.yml b/collection/main.yml index 2ee81ad3..9695a775 100644 --- a/collection/main.yml +++ b/collection/main.yml @@ -5,10 +5,10 @@ my_color_choice: blue tasks: - - name: "Verify {{ my_color_choice }} is a form of blue." + - name: Verify {{ my_color_choice }} is a form of blue. assert: that: my_color_choice is local.colors.blue - - name: "Verify yellow is not a form of blue." + - name: Verify yellow is not a form of blue. assert: that: "'yellow' is not local.colors.blue" diff --git a/deployments-balancer/playbooks/deploy.yml b/deployments-balancer/playbooks/deploy.yml index 66ac576a..ca9b629a 100644 --- a/deployments-balancer/playbooks/deploy.yml +++ b/deployments-balancer/playbooks/deploy.yml @@ -1,13 +1,13 @@ --- - hosts: app - become: yes + become: true serial: 1 pre_tasks: - name: Disable the backend server in HAProxy. haproxy: state: disabled - host: '{{ inventory_hostname }}' + host: "{{ inventory_hostname }}" socket: /var/lib/haproxy/stats backend: habackend delegate_to: "{{ item }}" @@ -21,7 +21,7 @@ post_tasks: - name: Wait for backend to come back up. wait_for: - host: '{{ inventory_hostname }}' + host: "{{ inventory_hostname }}" port: 80 state: started timeout: 60 @@ -29,7 +29,7 @@ - name: Enable the backend server in HAProxy. haproxy: state: enabled - host: '{{ inventory_hostname }}' + host: "{{ inventory_hostname }}" socket: /var/lib/haproxy/stats backend: habackend delegate_to: "{{ item }}" diff --git a/deployments-balancer/playbooks/provision.yml b/deployments-balancer/playbooks/provision.yml index 2eb2c394..362839b3 100644 --- a/deployments-balancer/playbooks/provision.yml +++ b/deployments-balancer/playbooks/provision.yml @@ -1,7 +1,7 @@ --- - name: Firewall configuration. hosts: all - become: yes + become: true vars: firewall_allowed_tcp_ports: @@ -17,7 +17,7 @@ - name: HAProxy Load Balancer setup. hosts: balancer - become: yes + become: true vars: haproxy_backend_servers: @@ -31,7 +31,7 @@ - name: Apache webserver setup. hosts: app - become: yes + become: true roles: - geerlingguy.apache diff --git a/deployments-rolling/playbooks/deploy.yml b/deployments-rolling/playbooks/deploy.yml index 2b752f4b..1b57714d 100644 --- a/deployments-rolling/playbooks/deploy.yml +++ b/deployments-rolling/playbooks/deploy.yml @@ -1,7 +1,7 @@ --- - hosts: nodejs-api - gather_facts: no - become: yes + gather_facts: false + become: true vars_files: - vars.yml @@ -17,15 +17,15 @@ notify: restart forever apps - name: Stop all running instances of the app. - command: "forever stopall" + command: forever stopall when: app_updated.changed - name: Ensure Node.js API app dependencies are present. - npm: "path={{ app_directory }}" + npm: path={{ app_directory }} when: app_updated.changed - name: Run Node.js API app tests. - command: "npm test chdir={{ app_directory }}" + command: npm test chdir={{ app_directory }} when: app_updated.changed - name: Get list of all running Node.js apps. @@ -34,15 +34,15 @@ changed_when: false - name: Ensure Node.js API app is started. - command: "forever start {{ app_directory }}/app.js" - when: "forever_list.stdout.find('app.js') == -1" + command: forever start {{ app_directory }}/app.js + when: forever_list.stdout.find('app.js') == -1 - name: Add cron entry to start Node.js API app on reboot. cron: - name: "Start Node.js API app" + name: Start Node.js API app special_time: reboot - job: "forever start {{ app_directory }}/app.js" + job: forever start {{ app_directory }}/app.js handlers: - name: restart forever apps - command: "forever restartall" + command: forever restartall diff --git a/deployments-rolling/playbooks/provision.yml b/deployments-rolling/playbooks/provision.yml index 2f7696ef..d3a19181 100644 --- a/deployments-rolling/playbooks/provision.yml +++ b/deployments-rolling/playbooks/provision.yml @@ -1,10 +1,10 @@ --- - hosts: nodejs-api - become: yes + become: true vars: nodejs_install_npm_user: root - npm_config_prefix: "/usr" + npm_config_prefix: /usr nodejs_npm_global_packages: - forever firewall_allowed_tcp_ports: diff --git a/deployments-rolling/playbooks/vars.yml b/deployments-rolling/playbooks/vars.yml index 31eacab9..241484ce 100644 --- a/deployments-rolling/playbooks/vars.yml +++ b/deployments-rolling/playbooks/vars.yml @@ -1,4 +1,4 @@ --- app_repository: https://github.com/geerlingguy/demo-nodejs-api.git -app_version: "2.0.0" +app_version: 2.0.0 app_directory: /opt/demo-nodejs-api diff --git a/deployments/playbooks/deploy.yml b/deployments/playbooks/deploy.yml index fe689520..62ea2922 100644 --- a/deployments/playbooks/deploy.yml +++ b/deployments/playbooks/deploy.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true vars_files: - vars.yml @@ -27,20 +27,20 @@ dest: "{{ app_directory }}/config/secrets.yml" owner: "{{ app_user }}" group: "{{ app_user }}" - mode: 0664 + mode: "0664" notify: restart nginx - name: Install required dependencies with bundler. - command: "bundle install --path vendor/bundle chdir={{ app_directory }}" + command: bundle install --path vendor/bundle chdir={{ app_directory }} when: app_updated.changed == true notify: restart nginx - name: Check if database exists. - stat: "path={{ app_directory }}/db/{{ app_environment.RAILS_ENV }}.sqlite3" + stat: path={{ app_directory }}/db/{{ app_environment.RAILS_ENV }}.sqlite3 register: app_db_exists - name: Create database. - command: "bundle exec rake db:create chdir={{ app_directory }}" + command: bundle exec rake db:create chdir={{ app_directory }} when: app_db_exists.stat.exists == false notify: restart nginx @@ -59,5 +59,5 @@ state: directory owner: "{{ app_user }}" group: "{{ app_user }}" - recurse: yes + recurse: true notify: restart nginx diff --git a/deployments/playbooks/provision.yml b/deployments/playbooks/provision.yml index 6ab34c68..f62743e0 100644 --- a/deployments/playbooks/provision.yml +++ b/deployments/playbooks/provision.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true vars_files: - vars.yml @@ -26,4 +26,4 @@ state: directory owner: "{{ app_user }}" group: "{{ app_user }}" - mode: 0755 + mode: "0755" diff --git a/deployments/playbooks/vars.yml b/deployments/playbooks/vars.yml index a64f735f..6b278a20 100644 --- a/deployments/playbooks/vars.yml +++ b/deployments/playbooks/vars.yml @@ -11,7 +11,7 @@ app_environment: RAILS_ENV: production # Variables for Passenger and Nginx. -passenger_server_name: 0.0.0.0 +passenger_server_name: "0.0.0.0" passenger_app_root: /opt/demo-rails-app/public passenger_app_env: production passenger_ruby: /usr/local/bin/ruby diff --git a/docker-flask/provisioning/docker.yml b/docker-flask/provisioning/docker.yml index ed625c10..585a9bec 100644 --- a/docker-flask/provisioning/docker.yml +++ b/docker-flask/provisioning/docker.yml @@ -26,7 +26,7 @@ name: www state: started command: python3 /opt/www/index.py - ports: "80:80" + ports: 80:80 - name: Run a MySQL container. docker_container: @@ -34,7 +34,7 @@ name: db state: started volumes_from: data - ports: "3306:3306" + ports: 3306:3306 env: MYSQL_ROOT_PASSWORD: root MYSQL_DATABASE: flask diff --git a/docker-flask/provisioning/www/playbook.yml b/docker-flask/provisioning/www/playbook.yml index e955472f..8d1a0510 100644 --- a/docker-flask/provisioning/www/playbook.yml +++ b/docker-flask/provisioning/www/playbook.yml @@ -4,7 +4,7 @@ tasks: - name: Get host IP address. - shell: "/sbin/ip route | awk '/default/ { print $3 }'" + shell: /sbin/ip route | awk '/default/ { print $3 }' register: host_ip changed_when: false @@ -16,10 +16,10 @@ template: src: /etc/ansible/index.py.j2 dest: /opt/www/index.py - mode: 0755 + mode: "0755" - name: Copy Flask templates into place. copy: src: /etc/ansible/templates dest: /opt/www - mode: 0755 + mode: "0755" diff --git a/docker-hubot/main.yml b/docker-hubot/main.yml index cf5c923e..476ba90b 100644 --- a/docker-hubot/main.yml +++ b/docker-hubot/main.yml @@ -12,31 +12,31 @@ pre_tasks: - name: Make the latest version of the base image available locally. docker_image: - name: '{{ base_image }}' + name: "{{ base_image }}" source: pull force_source: true - name: Create the Docker container. docker_container: - image: '{{ base_image }}' - name: '{{ container_name }}' + image: "{{ base_image }}" + name: "{{ container_name }}" command: sleep infinity - name: Add the newly created container to the inventory. add_host: - hostname: '{{ container_name }}' + hostname: "{{ container_name }}" ansible_connection: docker roles: - name: hubot-slack - delegate_to: '{{ container_name }}' + delegate_to: "{{ container_name }}" post_tasks: - name: Clean up the container. shell: > apt-get remove --purge -y python && rm -rf /var/lib/apt/lists/* - delegate_to: '{{ container_name }}' + delegate_to: "{{ container_name }}" - name: Commit the container. command: > @@ -49,5 +49,5 @@ - name: Remove the container. docker_container: - name: '{{ container_name }}' + name: "{{ container_name }}" state: absent diff --git a/docker-hubot/roles/hubot-slack/meta/main.yml b/docker-hubot/roles/hubot-slack/meta/main.yml index 72237997..d69ebffd 100644 --- a/docker-hubot/roles/hubot-slack/meta/main.yml +++ b/docker-hubot/roles/hubot-slack/meta/main.yml @@ -1,3 +1,4 @@ +--- galaxy_info: author: your name description: your description @@ -45,13 +46,13 @@ galaxy_info: # - 99.99 galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. +# List tags for your role here, one per line. A tag is a keyword that describes +# and categorizes the role. Users find roles by searching for tags. Be sure to +# remove the '[]' above, if you add tags to this list. +# +# NOTE: A tag is limited to a single word comprised of alphanumeric characters. +# Maximum 20 tags per role. dependencies: [] # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file + # if you add dependencies to this list. diff --git a/docker-hubot/roles/hubot-slack/tasks/main.yml b/docker-hubot/roles/hubot-slack/tasks/main.yml index 47ae2bb6..ffc443be 100644 --- a/docker-hubot/roles/hubot-slack/tasks/main.yml +++ b/docker-hubot/roles/hubot-slack/tasks/main.yml @@ -8,7 +8,7 @@ npm: name: "{{ item }}" state: present - global: yes + global: true with_items: - yo - generator-hubot @@ -16,7 +16,7 @@ - name: Ensure hubot user exists. user: name: hubot - create_home: yes + create_home: true home: "{{ hubot_home }}" - name: Generate hubot. @@ -28,7 +28,7 @@ --adapter=slack --defaults chdir={{ hubot_home }} - become: yes + become: true become_user: hubot - name: Remove certain scripts from external-scripts.json. @@ -37,9 +37,9 @@ regexp: "{{ item }}" state: absent with_items: - - 'redis-brain' - - 'heroku' - become: yes + - redis-brain + - heroku + become: true become_user: hubot - name: Remove the hubot-scripts.json file. diff --git a/drupal/provisioning/playbook.yml b/drupal/provisioning/playbook.yml index 0ae20dba..5264c41e 100644 --- a/drupal/provisioning/playbook.yml +++ b/drupal/provisioning/playbook.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true vars_files: - vars.yml @@ -24,7 +24,7 @@ - name: Add ondrej repository for later versions of PHP. apt_repository: repo='ppa:ondrej/php' update_cache=yes - - name: "Install Apache, MySQL, PHP, and other dependencies." + - name: Install Apache, MySQL, PHP, and other dependencies. apt: state: present name: @@ -53,8 +53,8 @@ - name: Disable the firewall (since this is for local dev only). service: name=ufw state=stopped - - name: "Start Apache, MySQL, and PHP." - service: "name={{ item }} state=started enabled=yes" + - name: Start Apache, MySQL, and PHP. + service: name={{ item }} state=started enabled=yes with_items: - apache2 - mysql @@ -65,11 +65,11 @@ - name: Add Apache virtualhost for Drupal. template: - src: "templates/drupal.test.conf.j2" - dest: "/etc/apache2/sites-available/{{ domain }}.test.conf" + src: templates/drupal.test.conf.j2 + dest: /etc/apache2/sites-available/{{ domain }}.test.conf owner: root group: root - mode: 0644 + mode: "0644" notify: restart apache - name: Enable the Drupal site. @@ -86,14 +86,14 @@ - name: Adjust OpCache memory setting. lineinfile: - dest: "/etc/php/8.2/apache2/conf.d/10-opcache.ini" - regexp: "^opcache.memory_consumption" - line: "opcache.memory_consumption = 96" + dest: /etc/php/8.2/apache2/conf.d/10-opcache.ini + regexp: ^opcache.memory_consumption + line: opcache.memory_consumption = 96 state: present notify: restart apache - name: Create a MySQL database for Drupal. - mysql_db: "db={{ domain }} state=present" + mysql_db: db={{ domain }} state=present - name: Create a MySQL user for Drupal. mysql_user: @@ -107,7 +107,7 @@ get_url: url: https://getcomposer.org/installer dest: /tmp/composer-installer.php - mode: 0755 + mode: "0755" - name: Run Composer installer. command: > diff --git a/drupal/provisioning/vars.yml b/drupal/provisioning/vars.yml index 625c6842..f3eb5337 100644 --- a/drupal/provisioning/vars.yml +++ b/drupal/provisioning/vars.yml @@ -1,9 +1,9 @@ --- # The path where Drupal will be downloaded and installed. -drupal_core_path: "/var/www/drupal" +drupal_core_path: /var/www/drupal # The resulting domain will be [domain].test (with .test appended). -domain: "drupal" +domain: drupal # Your Drupal site name. -drupal_site_name: "Drupal Test" +drupal_site_name: Drupal Test diff --git a/dynamic-inventory/digitalocean/provision.yml b/dynamic-inventory/digitalocean/provision.yml index 7431e0f3..b3598cca 100644 --- a/dynamic-inventory/digitalocean/provision.yml +++ b/dynamic-inventory/digitalocean/provision.yml @@ -1,14 +1,14 @@ --- - hosts: localhost connection: local - gather_facts: False + gather_facts: false tasks: - name: Create new Droplet. digital_ocean_droplet: state: absent name: ansible-test - private_networking: yes + private_networking: true size: 1gb image_id: centos-7-x64 region: nyc3 @@ -16,20 +16,20 @@ ssh_keys: - 138954 # Required for idempotence/only one droplet creation. - unique_name: yes + unique_name: true register: do - name: Add new host to our inventory. add_host: name: "{{ do.data.ip_address }}" groups: do - ansible_ssh_extra_args: '-o StrictHostKeyChecking=no' + ansible_ssh_extra_args: -o StrictHostKeyChecking=no when: do.data is defined - changed_when: False + changed_when: false - hosts: do remote_user: root - gather_facts: False + gather_facts: false tasks: - name: Wait for hosts to become reachable. diff --git a/elk/provisioning/elk/main.yml b/elk/provisioning/elk/main.yml index 18807297..1ab3fd23 100644 --- a/elk/provisioning/elk/main.yml +++ b/elk/provisioning/elk/main.yml @@ -1,6 +1,6 @@ --- - hosts: logs - gather_facts: yes + gather_facts: true vars_files: - vars/main.yml diff --git a/elk/provisioning/elk/vars/main.yml b/elk/provisioning/elk/vars/main.yml index 9ef93be1..14a5b59c 100644 --- a/elk/provisioning/elk/vars/main.yml +++ b/elk/provisioning/elk/vars/main.yml @@ -6,7 +6,7 @@ nginx_user: www-data nginx_remove_default_vhost: true nginx_vhosts: # Kibana proxy. - - listen: "80 default_server" + - listen: 80 default_server filename: kibana.conf server_name: logs.test extra_parameters: | @@ -24,7 +24,7 @@ logstash_ssl_certificate_file: elk-example.crt filebeat_output_logstash_enabled: true filebeat_output_logstash_hosts: - - "logs.test:5044" + - logs.test:5044 filebeat_ssl_key_file: elk-example.p8 filebeat_ssl_certificate_file: elk-example.crt diff --git a/elk/provisioning/web/main.yml b/elk/provisioning/web/main.yml index 07b884e1..6bba975e 100644 --- a/elk/provisioning/web/main.yml +++ b/elk/provisioning/web/main.yml @@ -1,6 +1,6 @@ --- - hosts: web - gather_facts: yes + gather_facts: true vars_files: - vars/main.yml @@ -20,12 +20,12 @@ dest: /etc/nginx/sites-enabled/example.conf owner: root group: root - mode: 0644 + mode: "0644" notify: restart nginx - name: Ensure logs server is in hosts file. lineinfile: dest: /etc/hosts - regexp: '.*logs\.test$' - line: "192.168.56.90 logs.test" + regexp: .*logs\.test$ + line: 192.168.56.90 logs.test state: present diff --git a/elk/provisioning/web/vars/main.yml b/elk/provisioning/web/vars/main.yml index f03ed2af..2dc0457b 100644 --- a/elk/provisioning/web/vars/main.yml +++ b/elk/provisioning/web/vars/main.yml @@ -4,7 +4,7 @@ nginx_remove_default_vhost: true filebeat_output_logstash_enabled: true filebeat_output_logstash_hosts: - - "logs.test:5044" + - logs.test:5044 filebeat_ssl_key_file: elk-example.p8 filebeat_ssl_certificate_file: elk-example.crt diff --git a/elk/requirements.yml b/elk/requirements.yml index 99ccad88..d376ca90 100644 --- a/elk/requirements.yml +++ b/elk/requirements.yml @@ -1,15 +1,15 @@ --- roles: -- name: geerlingguy.java -- name: geerlingguy.nginx -- name: geerlingguy.pip -- name: geerlingguy.elasticsearch - version: 5.0.0 -- name: geerlingguy.elasticsearch-curator - version: 2.1.0 -- name: geerlingguy.kibana - version: 4.0.0 -- name: geerlingguy.logstash - version: 5.1.0 -- name: geerlingguy.filebeat - version: 3.0.1 + - name: geerlingguy.java + - name: geerlingguy.nginx + - name: geerlingguy.pip + - name: geerlingguy.elasticsearch + version: 5.0.0 + - name: geerlingguy.elasticsearch-curator + version: 2.1.0 + - name: geerlingguy.kibana + version: 4.0.0 + - name: geerlingguy.logstash + version: 5.1.0 + - name: geerlingguy.filebeat + version: 3.0.1 diff --git a/first-ansible-playbook/playbook.yml b/first-ansible-playbook/playbook.yml index b35690d6..8bd80d29 100644 --- a/first-ansible-playbook/playbook.yml +++ b/first-ansible-playbook/playbook.yml @@ -1,22 +1,22 @@ --- - hosts: all - become: yes + become: true tasks: - - name: Ensure chrony (for time synchronization) is installed. - dnf: - name: chrony - state: present + - name: Ensure chrony (for time synchronization) is installed. + dnf: + name: chrony + state: present - - name: Ensure chrony is running. - service: - name: chronyd - state: started - enabled: yes + - name: Ensure chrony is running. + service: + name: chronyd + state: started + enabled: true # The same as the above play, but in super-compact form! - hosts: all - become: yes + become: true tasks: - - dnf: name=chrony state=present - - service: name=chronyd state=started enabled=yes + - dnf: name=chrony state=present + - service: name=chronyd state=started enabled=yes diff --git a/galaxy-role-servers/lamp.yml b/galaxy-role-servers/lamp.yml index d9806efc..dbead349 100644 --- a/galaxy-role-servers/lamp.yml +++ b/galaxy-role-servers/lamp.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true roles: - geerlingguy.mysql diff --git a/galaxy-role-servers/solr.yml b/galaxy-role-servers/solr.yml index 7f774664..9c6eaf90 100644 --- a/galaxy-role-servers/solr.yml +++ b/galaxy-role-servers/solr.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true roles: - geerlingguy.java diff --git a/gluster/playbooks/provision.yml b/gluster/playbooks/provision.yml index fa66fba4..80c6e9f1 100644 --- a/gluster/playbooks/provision.yml +++ b/gluster/playbooks/provision.yml @@ -1,6 +1,6 @@ --- - hosts: gluster - become: yes + become: true vars_files: - vars.yml @@ -14,7 +14,7 @@ file: path: "{{ item }}" state: directory - mode: 0775 + mode: "0775" with_items: - "{{ gluster_brick_dir }}" - "{{ gluster_mount_dir }}" @@ -27,7 +27,7 @@ replicas: 2 cluster: "{{ groups.gluster | join(',') }}" host: "{{ inventory_hostname }}" - force: yes + force: true run_once: true - name: Ensure Gluster volume is mounted. @@ -35,5 +35,5 @@ name: "{{ gluster_mount_dir }}" src: "{{ inventory_hostname }}:/{{ gluster_brick_name }}" fstype: glusterfs - opts: "defaults,_netdev" + opts: defaults,_netdev state: mounted diff --git a/https-letsencrypt/main.yml b/https-letsencrypt/main.yml index d2cc77c4..c0ea9e44 100644 --- a/https-letsencrypt/main.yml +++ b/https-letsencrypt/main.yml @@ -24,11 +24,11 @@ copy: src: files/index.html dest: "{{ nginx_docroot }}/index.html" - mode: 0755 + mode: "0755" - name: Copy Nginx server configuration in place. template: src: templates/https-letsencrypt.conf.j2 dest: /etc/nginx/sites-enabled/https-letsencrypt.conf - mode: 0644 + mode: "0644" notify: restart nginx diff --git a/https-nginx-proxy/provisioning/main.yml b/https-nginx-proxy/provisioning/main.yml index a82fe41d..0ee3263a 100644 --- a/https-nginx-proxy/provisioning/main.yml +++ b/https-nginx-proxy/provisioning/main.yml @@ -28,7 +28,7 @@ copy: src: files/index.html dest: "{{ nginx_docroot }}/index.html" - mode: 0755 + mode: "0755" - name: Start simple python webserver on port 8080. shell: > @@ -41,5 +41,5 @@ template: src: templates/https.test.conf.j2 dest: /etc/nginx/sites-enabled/https.test.conf - mode: 0644 + mode: "0644" notify: restart nginx diff --git a/https-nginx-proxy/provisioning/vars/main.yml b/https-nginx-proxy/provisioning/vars/main.yml index 8d18b608..426e707c 100644 --- a/https-nginx-proxy/provisioning/vars/main.yml +++ b/https-nginx-proxy/provisioning/vars/main.yml @@ -6,11 +6,10 @@ firewall_allowed_tcp_ports: - "443" # Python settings. -pip_install_packages: ['pyopenssl'] - +pip_install_packages: [pyopenssl] # Nginx settings. nginx_vhosts: [] -nginx_remove_default_vhost: True +nginx_remove_default_vhost: true nginx_ppa_version: stable nginx_docroot: /var/www/html diff --git a/https-self-signed/provisioning/main.yml b/https-self-signed/provisioning/main.yml index 9b8b7fe5..6300fcea 100644 --- a/https-self-signed/provisioning/main.yml +++ b/https-self-signed/provisioning/main.yml @@ -28,11 +28,11 @@ copy: src: files/index.html dest: "{{ nginx_docroot }}/index.html" - mode: 0755 + mode: "0755" - name: Copy Nginx server configuration in place. template: src: templates/https.test.conf.j2 dest: /etc/nginx/sites-enabled/https.test.conf - mode: 0644 + mode: "0644" notify: restart nginx diff --git a/https-self-signed/provisioning/vars/main.yml b/https-self-signed/provisioning/vars/main.yml index b4e97b9a..e5a5c60f 100644 --- a/https-self-signed/provisioning/vars/main.yml +++ b/https-self-signed/provisioning/vars/main.yml @@ -6,11 +6,10 @@ firewall_allowed_tcp_ports: - "443" # Python settings. -pip_install_packages: ['pyopenssl'] - +pip_install_packages: [pyopenssl] # Nginx settings. nginx_vhosts: [] -nginx_remove_default_vhost: True +nginx_remove_default_vhost: true nginx_ppa_version: stable nginx_docroot: /var/www/html diff --git a/includes/provisioning/playbook.yml b/includes/provisioning/playbook.yml index 0dba816a..8350caa4 100644 --- a/includes/provisioning/playbook.yml +++ b/includes/provisioning/playbook.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true vars_files: - vars.yml diff --git a/includes/provisioning/tasks/apache.yml b/includes/provisioning/tasks/apache.yml index cef00f02..fe9c5474 100644 --- a/includes/provisioning/tasks/apache.yml +++ b/includes/provisioning/tasks/apache.yml @@ -5,22 +5,22 @@ - name: Add Apache virtualhost for Drupal 8. template: - src: "templates/drupal.test.conf.j2" - dest: "/etc/apache2/sites-available/{{ domain }}.test.conf" + src: templates/drupal.test.conf.j2 + dest: /etc/apache2/sites-available/{{ domain }}.test.conf owner: root group: root - mode: 0644 + mode: "0644" notify: restart apache - name: Symlink Drupal virtualhost to sites-enabled. file: - src: "/etc/apache2/sites-available/{{ domain }}.test.conf" - dest: "/etc/apache2/sites-enabled/{{ domain }}.test.conf" + src: /etc/apache2/sites-available/{{ domain }}.test.conf + dest: /etc/apache2/sites-enabled/{{ domain }}.test.conf state: link notify: restart apache - name: Remove default virtualhost file. file: - path: "/etc/apache2/sites-enabled/000-default.conf" + path: /etc/apache2/sites-enabled/000-default.conf state: absent notify: restart apache diff --git a/includes/provisioning/tasks/common.yml b/includes/provisioning/tasks/common.yml index 3f29514c..31a0898d 100644 --- a/includes/provisioning/tasks/common.yml +++ b/includes/provisioning/tasks/common.yml @@ -9,7 +9,7 @@ - name: Add ondrej repository for later versions of PHP. apt_repository: repo='ppa:ondrej/php' update_cache=yes -- name: "Install Apache, MySQL, PHP, and other dependencies." +- name: Install Apache, MySQL, PHP, and other dependencies. apt: name: - acl @@ -39,8 +39,8 @@ - name: Disable the firewall (since this is for local dev only). service: name=ufw state=stopped -- name: "Start Apache, MySQL, and PHP." - service: "name={{ item }} state=started enabled=yes" +- name: Start Apache, MySQL, and PHP. + service: name={{ item }} state=started enabled=yes with_items: - apache2 - mysql diff --git a/includes/provisioning/tasks/composer.yml b/includes/provisioning/tasks/composer.yml index 32f36fbd..9a76518b 100644 --- a/includes/provisioning/tasks/composer.yml +++ b/includes/provisioning/tasks/composer.yml @@ -3,7 +3,7 @@ get_url: url: https://getcomposer.org/installer dest: /tmp/composer-installer.php - mode: 0755 + mode: "0755" - name: Run Composer installer. command: > @@ -12,6 +12,6 @@ creates=/usr/local/bin/composer - name: Move Composer into globally-accessible location. - command: > + command: >- mv /tmp/composer.phar /usr/local/bin/composer - creates=/usr/local/bin/composer \ No newline at end of file + creates=/usr/local/bin/composer diff --git a/includes/provisioning/tasks/mysql.yml b/includes/provisioning/tasks/mysql.yml index 5457b8f7..796a5049 100644 --- a/includes/provisioning/tasks/mysql.yml +++ b/includes/provisioning/tasks/mysql.yml @@ -1,6 +1,6 @@ --- - name: Create a MySQL database for Drupal. - mysql_db: "db={{ domain }} state=present" + mysql_db: db={{ domain }} state=present - name: Create a MySQL user for Drupal. mysql_user: diff --git a/includes/provisioning/tasks/php.yml b/includes/provisioning/tasks/php.yml index 93cd4c52..31257f6a 100644 --- a/includes/provisioning/tasks/php.yml +++ b/includes/provisioning/tasks/php.yml @@ -1,8 +1,8 @@ --- - name: Adjust OpCache memory setting. lineinfile: - dest: "/etc/php/7.4/apache2/conf.d/10-opcache.ini" - regexp: "^opcache.memory_consumption" - line: "opcache.memory_consumption = 96" + dest: /etc/php/7.4/apache2/conf.d/10-opcache.ini + regexp: ^opcache.memory_consumption + line: opcache.memory_consumption = 96 state: present notify: restart apache diff --git a/includes/provisioning/vars.yml b/includes/provisioning/vars.yml index dc8c3fd8..609aac17 100644 --- a/includes/provisioning/vars.yml +++ b/includes/provisioning/vars.yml @@ -1,12 +1,12 @@ --- # The core version you want to use. -drupal_core_version: "8.9.x" +drupal_core_version: 8.9.x # The path where Drupal will be downloaded and installed. -drupal_core_path: "/var/www/drupal-{{ drupal_core_version }}-dev" +drupal_core_path: /var/www/drupal-{{ drupal_core_version }}-dev # The resulting domain will be [domain].test (with .test appended). -domain: "drupal" +domain: drupal # Your Drupal site name. -drupal_site_name: "Drupal Test" +drupal_site_name: Drupal Test diff --git a/kubernetes/examples/files/nginx.yml b/kubernetes/examples/files/nginx.yml index 8377edca..fff38ad0 100644 --- a/kubernetes/examples/files/nginx.yml +++ b/kubernetes/examples/files/nginx.yml @@ -17,7 +17,7 @@ spec: app: nginx spec: containers: - - name: nginx - image: nginx:1.7.9 - ports: - - containerPort: 80 + - name: nginx + image: nginx:1.7.9 + ports: + - containerPort: 80 diff --git a/kubernetes/examples/files/tiller-rbac.yml b/kubernetes/examples/files/tiller-rbac.yml index 8f13c810..85788851 100644 --- a/kubernetes/examples/files/tiller-rbac.yml +++ b/kubernetes/examples/files/tiller-rbac.yml @@ -10,4 +10,4 @@ roleRef: subjects: - kind: ServiceAccount name: tiller - namespace: kube-system \ No newline at end of file + namespace: kube-system diff --git a/kubernetes/examples/helm-cleanup.yml b/kubernetes/examples/helm-cleanup.yml index e53e724d..dd148f4e 100644 --- a/kubernetes/examples/helm-cleanup.yml +++ b/kubernetes/examples/helm-cleanup.yml @@ -1,6 +1,6 @@ --- - hosts: k8s-master - become: yes + become: true tasks: - name: Remove phpMyAdmin with Helm. diff --git a/kubernetes/examples/helm.yml b/kubernetes/examples/helm.yml index ad48bdb6..e2de5247 100644 --- a/kubernetes/examples/helm.yml +++ b/kubernetes/examples/helm.yml @@ -1,6 +1,6 @@ --- - hosts: k8s-master - become: yes + become: true tasks: - name: Retrieve helm binary archive. @@ -8,7 +8,7 @@ src: https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz dest: /tmp creates: /usr/local/bin/helm - remote_src: yes + remote_src: true - name: Move helm binary into place. command: cp /tmp/linux-amd64/helm /usr/local/bin/helm @@ -18,7 +18,7 @@ - name: Add Bitnami's chart repository. community.kubernetes.helm_repository: name: bitnami - repo_url: "https://charts.bitnami.com/bitnami" + repo_url: https://charts.bitnami.com/bitnami - name: Install phpMyAdmin with Helm. community.kubernetes.helm: diff --git a/kubernetes/examples/k8s-module-cleanup.yml b/kubernetes/examples/k8s-module-cleanup.yml index bb343459..634eb9c5 100644 --- a/kubernetes/examples/k8s-module-cleanup.yml +++ b/kubernetes/examples/k8s-module-cleanup.yml @@ -1,6 +1,6 @@ --- - hosts: k8s-master - become: yes + become: true tasks: - name: Remove resources in Nginx Deployment definition. diff --git a/kubernetes/examples/k8s-module.yml b/kubernetes/examples/k8s-module.yml index 2bac12ec..27aa2a19 100644 --- a/kubernetes/examples/k8s-module.yml +++ b/kubernetes/examples/k8s-module.yml @@ -1,6 +1,6 @@ --- - hosts: k8s-master - become: yes + become: true pre_tasks: - name: Ensure Pip is installed. @@ -33,9 +33,9 @@ spec: type: NodePort ports: - - port: 80 - protocol: TCP - targetPort: 80 + - port: 80 + protocol: TCP + targetPort: 80 selector: app: nginx diff --git a/kubernetes/examples/kubectl-connection.yml b/kubernetes/examples/kubectl-connection.yml index 7653c0d1..ca90f3b3 100644 --- a/kubernetes/examples/kubectl-connection.yml +++ b/kubernetes/examples/kubectl-connection.yml @@ -2,14 +2,14 @@ # This playbook assumes you already have the kubectl binary installed # and available in the $PATH. - hosts: k8s-master - become: yes + become: true tasks: - name: Retrieve kubectl config file from the master server. fetch: src: /root/.kube/config dest: files/kubectl-config - flat: yes + flat: true - name: Get the phpmyadmin Pod name. command: > @@ -19,7 +19,7 @@ - name: Add the phpmyadmin Pod to the inventory. add_host: - name: '{{ phpmyadmin_pod.stdout }}' + name: "{{ phpmyadmin_pod.stdout }}" ansible_kubectl_namespace: default ansible_kubectl_config: files/kubectl-config ansible_connection: kubectl @@ -28,6 +28,6 @@ - name: Run a command inside the container. raw: date register: date_output - delegate_to: '{{ phpmyadmin_pod.stdout }}' + delegate_to: "{{ phpmyadmin_pod.stdout }}" - debug: var=date_output.stdout diff --git a/kubernetes/main.yml b/kubernetes/main.yml index 32c79ad3..98af5d5a 100644 --- a/kubernetes/main.yml +++ b/kubernetes/main.yml @@ -1,6 +1,6 @@ --- - hosts: k8s - become: yes + become: true vars_files: - vars/main.yml @@ -9,14 +9,14 @@ - name: Copy Flannel manifest tailored for Vagrant. copy: src: files/manifests/kube-system/kube-flannel-vagrant.yml - dest: "~/kube-flannel-vagrant.yml" + dest: ~/kube-flannel-vagrant.yml roles: - role: geerlingguy.swap - tags: ['swap', 'kubernetes'] + tags: [swap, kubernetes] - role: geerlingguy.docker - tags: ['docker'] + tags: [docker] - role: geerlingguy.kubernetes - tags: ['kubernetes'] + tags: [kubernetes] diff --git a/kubernetes/vars/main.yml b/kubernetes/vars/main.yml index 4bac0002..28122021 100644 --- a/kubernetes/vars/main.yml +++ b/kubernetes/vars/main.yml @@ -2,13 +2,13 @@ swap_file_state: absent swap_file_path: /dev/mapper/packer--debian--9--amd64--vg-swap_1 -docker_packages: +docker_packages: - docker-ce=5:18.09.0~3-0~debian-stretch -docker_install_compose: False +docker_install_compose: false -kubernetes_version: '1.23' -kubernetes_allow_pods_on_master: False -kubernetes_pod_network_cidr: '10.244.0.0/16' +kubernetes_version: "1.23" +kubernetes_allow_pods_on_master: false +kubernetes_pod_network_cidr: 10.244.0.0/16 kubernetes_packages: - name: kubelet=1.23.5-00 state: present @@ -19,6 +19,6 @@ kubernetes_packages: - name: kubernetes-cni state: present -kubernetes_apiserver_advertise_address: "192.168.56.2" -kubernetes_flannel_manifest_file: "~/kube-flannel-vagrant.yml" -kubernetes_kubelet_extra_args: '--node-ip={{ ansible_host }}' +kubernetes_apiserver_advertise_address: 192.168.56.2 +kubernetes_flannel_manifest_file: ~/kube-flannel-vagrant.yml +kubernetes_kubelet_extra_args: --node-ip={{ ansible_host }} diff --git a/lamp-infrastructure/inventories/aws/aws_ec2.yml b/lamp-infrastructure/inventories/aws/aws_ec2.yml index 6eb39e2b..8a550c4f 100644 --- a/lamp-infrastructure/inventories/aws/aws_ec2.yml +++ b/lamp-infrastructure/inventories/aws/aws_ec2.yml @@ -9,6 +9,6 @@ hostnames: keyed_groups: - key: tags.inventory_group - separator: '' + separator: "" - key: tags.Application - separator: '' + separator: "" diff --git a/lamp-infrastructure/playbooks/db/main.yml b/lamp-infrastructure/playbooks/db/main.yml index bc6c51a9..ab32adfe 100644 --- a/lamp-infrastructure/playbooks/db/main.yml +++ b/lamp-infrastructure/playbooks/db/main.yml @@ -1,6 +1,6 @@ --- - hosts: lamp_db - become: yes + become: true vars_files: - vars.yml diff --git a/lamp-infrastructure/playbooks/memcached/main.yml b/lamp-infrastructure/playbooks/memcached/main.yml index 866c0b37..08ebe9a0 100644 --- a/lamp-infrastructure/playbooks/memcached/main.yml +++ b/lamp-infrastructure/playbooks/memcached/main.yml @@ -1,6 +1,6 @@ --- - hosts: lamp_memcached - become: yes + become: true vars_files: - vars.yml diff --git a/lamp-infrastructure/playbooks/memcached/vars.yml b/lamp-infrastructure/playbooks/memcached/vars.yml index f7bf9675..1aeeba71 100644 --- a/lamp-infrastructure/playbooks/memcached/vars.yml +++ b/lamp-infrastructure/playbooks/memcached/vars.yml @@ -2,7 +2,7 @@ firewall_allowed_tcp_ports: - "22" firewall_additional_rules: - - "iptables -A INPUT -p tcp --dport 11211 -s {{ groups['lamp_www'][0] }} -j ACCEPT" - - "iptables -A INPUT -p tcp --dport 11211 -s {{ groups['lamp_www'][1] }} -j ACCEPT" + - iptables -A INPUT -p tcp --dport 11211 -s {{ groups['lamp_www'][0] }} -j ACCEPT + - iptables -A INPUT -p tcp --dport 11211 -s {{ groups['lamp_www'][1] }} -j ACCEPT memcached_listen_ip: "0.0.0.0" diff --git a/lamp-infrastructure/playbooks/varnish/main.yml b/lamp-infrastructure/playbooks/varnish/main.yml index f3bcfece..8fd3a4bc 100644 --- a/lamp-infrastructure/playbooks/varnish/main.yml +++ b/lamp-infrastructure/playbooks/varnish/main.yml @@ -1,6 +1,6 @@ --- - hosts: lamp_varnish - become: yes + become: true vars_files: - vars.yml @@ -13,6 +13,6 @@ tasks: - name: Copy Varnish default.vcl. template: - src: "templates/default.vcl.j2" - dest: "/etc/varnish/default.vcl" + src: templates/default.vcl.j2 + dest: /etc/varnish/default.vcl notify: restart varnish diff --git a/lamp-infrastructure/playbooks/www/main.yml b/lamp-infrastructure/playbooks/www/main.yml index d98df70d..89dffa3d 100644 --- a/lamp-infrastructure/playbooks/www/main.yml +++ b/lamp-infrastructure/playbooks/www/main.yml @@ -1,6 +1,6 @@ --- - hosts: lamp_www - become: yes + become: true vars_files: - vars.yml diff --git a/lamp-infrastructure/provisioners/aws.yml b/lamp-infrastructure/provisioners/aws.yml index 5b12264f..130da22e 100644 --- a/lamp-infrastructure/provisioners/aws.yml +++ b/lamp-infrastructure/provisioners/aws.yml @@ -10,23 +10,23 @@ instances: - name: a4d.lamp.varnish - group: "lamp_varnish" - security_group: ["default", "a4d_lamp_http"] + group: lamp_varnish + security_group: [default, a4d_lamp_http] - name: a4d.lamp.www.1 - group: "lamp_www" - security_group: ["default", "a4d_lamp_http"] + group: lamp_www + security_group: [default, a4d_lamp_http] - name: a4d.lamp.www.2 - group: "lamp_www" - security_group: ["default", "a4d_lamp_http"] + group: lamp_www + security_group: [default, a4d_lamp_http] - name: a4d.lamp.db.1 - group: "lamp_db" - security_group: ["default", "a4d_lamp_db"] + group: lamp_db + security_group: [default, a4d_lamp_db] - name: a4d.lamp.db.2 - group: "lamp_db" - security_group: ["default", "a4d_lamp_db"] + group: lamp_db + security_group: [default, a4d_lamp_db] - name: a4d.lamp.memcached - group: "lamp_memcached" - security_group: ["default", "a4d_lamp_memcached"] + group: lamp_memcached + security_group: [default, a4d_lamp_memcached] security_groups: - name: a4d_lamp_http @@ -34,11 +34,11 @@ - proto: tcp from_port: 80 to_port: 80 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" - proto: tcp from_port: 22 to_port: 22 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" rules_egress: [] - name: a4d_lamp_db @@ -46,11 +46,11 @@ - proto: tcp from_port: 3306 to_port: 3306 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" - proto: tcp from_port: 22 to_port: 22 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" rules_egress: [] - name: a4d_lamp_memcached @@ -58,11 +58,11 @@ - proto: tcp from_port: 11211 to_port: 11211 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" - proto: tcp from_port: 22 to_port: 22 - cidr_ip: 0.0.0.0/0 + cidr_ip: "0.0.0.0/0" rules_egress: [] tasks: @@ -88,7 +88,7 @@ group: "{{ item.security_group | default('') }}" instance_type: "{{ item.type | default('t2.micro')}}" image: "{{ aws_ec2_ami }}" - wait: yes + wait: true wait_timeout: 500 exact_count: 1 count_tag: @@ -101,7 +101,7 @@ - name: Add EC2 instances to inventory groups. add_host: name: "{{ item.1.tagged_instances.0.public_ip }}" - groups: "aws,{{ item.1.item.group }},{{ item.1.item.name }}" + groups: aws,{{ item.1.item.group }},{{ item.1.item.name }} # You can dynamically add inventory variables per-host. ansible_user: centos host_key_checking: false diff --git a/lamp-infrastructure/provisioners/digitalocean.yml b/lamp-infrastructure/provisioners/digitalocean.yml index cd0cd317..28f5c9e2 100644 --- a/lamp-infrastructure/provisioners/digitalocean.yml +++ b/lamp-infrastructure/provisioners/digitalocean.yml @@ -5,33 +5,33 @@ vars: droplets: - - { name: a4d.lamp.varnish, group: "lamp_varnish" } - - { name: a4d.lamp.www.1, group: "lamp_www" } - - { name: a4d.lamp.www.2, group: "lamp_www" } - - { name: a4d.lamp.db.1, group: "lamp_db" } - - { name: a4d.lamp.db.2, group: "lamp_db" } - - { name: a4d.lamp.memcached, group: "lamp_memcached" } + - { name: a4d.lamp.varnish, group: lamp_varnish } + - { name: a4d.lamp.www.1, group: lamp_www } + - { name: a4d.lamp.www.2, group: lamp_www } + - { name: a4d.lamp.db.1, group: lamp_db } + - { name: a4d.lamp.db.2, group: lamp_db } + - { name: a4d.lamp.memcached, group: lamp_memcached } tasks: - name: Provision DigitalOcean droplets. digital_ocean_droplet: state: "{{ item.state | default('present') }}" name: "{{ item.name }}" - private_networking: yes + private_networking: true size: "{{ item.size | default('1gb') }}" image: "{{ item.image | default('centos-7-x64') }}" region: "{{ item.region | default('nyc3') }}" # Customize this default for your account. ssh_keys: - "{{ item.ssh_key | default('138954') }}" - unique_name: yes + unique_name: true register: created_droplets with_items: "{{ droplets }}" - name: Add DigitalOcean hosts to inventory groups. add_host: name: "{{ item.1.data.ip_address }}" - groups: "do,{{ droplets[item.0].group }},{{ item.1.data.droplet.name }}" + groups: do,{{ droplets[item.0].group }},{{ item.1.data.droplet.name }} # You can dynamically add inventory variables per-host. ansible_user: root mysql_replication_role: >- diff --git a/molecule/main.yml b/molecule/main.yml index 9abc3821..5a7028d1 100644 --- a/molecule/main.yml +++ b/molecule/main.yml @@ -33,8 +33,8 @@ Hello world! Hello world! - dest: "/var/www/html/index.html" - mode: 0664 + dest: /var/www/html/index.html + mode: "0664" notify: restart apache - name: Ensure Apache is running and starts at boot. diff --git a/molecule/molecule/default/molecule.yml b/molecule/molecule/default/molecule.yml index a61647cb..63027eaa 100644 --- a/molecule/molecule/default/molecule.yml +++ b/molecule/molecule/default/molecule.yml @@ -9,7 +9,7 @@ lint: | ansible-lint platforms: - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux8}-ansible:latest" + image: geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux8}-ansible:latest command: "" volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw diff --git a/molecule/molecule/default/verify.yml b/molecule/molecule/default/verify.yml index da17a489..e31b9bc6 100644 --- a/molecule/molecule/default/verify.yml +++ b/molecule/molecule/default/verify.yml @@ -3,7 +3,7 @@ hosts: all tasks: - - name: Verify Apache is serving web requests. - ansible.builtin.uri: - url: http://localhost/ - status_code: 200 + - name: Verify Apache is serving web requests. + ansible.builtin.uri: + url: http://localhost/ + status_code: 200 diff --git a/nodejs-role/playbook.yml b/nodejs-role/playbook.yml index 679ea9c2..cde7e85e 100644 --- a/nodejs-role/playbook.yml +++ b/nodejs-role/playbook.yml @@ -7,12 +7,12 @@ pre_tasks: - name: Import Remi GPG key. rpm_key: - key: "https://rpms.remirepo.net/RPM-GPG-KEY-remi2018" + key: https://rpms.remirepo.net/RPM-GPG-KEY-remi2018 state: present - name: Install Remi repo. dnf: - name: "https://rpms.remirepo.net/enterprise/remi-release-8.rpm" + name: https://rpms.remirepo.net/enterprise/remi-release-8.rpm state: present - name: Install EPEL repo. @@ -26,13 +26,13 @@ tasks: - name: Ensure Node.js app folder exists. - file: "path={{ node_apps_location }} state=directory" + file: path={{ node_apps_location }} state=directory - name: Copy example Node.js app to server. - copy: "src=app dest={{ node_apps_location }}" + copy: src=app dest={{ node_apps_location }} - name: Install app dependencies defined in package.json. - npm: "path={{ node_apps_location }}/app" + npm: path={{ node_apps_location }}/app - name: Check list of running Node.js apps. command: /usr/local/bin/forever list @@ -40,5 +40,5 @@ changed_when: false - name: Start example Node.js app. - command: "/usr/local/bin/forever start {{ node_apps_location }}/app/app.js" - when: "forever_list.stdout.find(node_apps_location + '/app/app.js') == -1" + command: /usr/local/bin/forever start {{ node_apps_location }}/app/app.js + when: forever_list.stdout.find(node_apps_location + '/app/app.js') == -1 diff --git a/nodejs/provisioning/playbook.yml b/nodejs/provisioning/playbook.yml index deb82db7..73a6f8ce 100644 --- a/nodejs/provisioning/playbook.yml +++ b/nodejs/provisioning/playbook.yml @@ -1,6 +1,6 @@ --- - hosts: all - become: yes + become: true vars: node_apps_location: /usr/local/opt/node @@ -11,12 +11,12 @@ - name: Import Remi GPG key. rpm_key: - key: "https://rpms.remirepo.net/RPM-GPG-KEY-remi2018" + key: https://rpms.remirepo.net/RPM-GPG-KEY-remi2018 state: present - name: Install Remi repo. dnf: - name: "https://rpms.remirepo.net/enterprise/remi-release-8.rpm" + name: https://rpms.remirepo.net/enterprise/remi-release-8.rpm state: present - name: Ensure firewalld is stopped (since this is a test server). @@ -29,13 +29,13 @@ npm: name=forever global=yes state=present - name: Ensure Node.js app folder exists. - file: "path={{ node_apps_location }} state=directory" + file: path={{ node_apps_location }} state=directory - name: Copy example Node.js app to server. - copy: "src=app dest={{ node_apps_location }}" + copy: src=app dest={{ node_apps_location }} - name: Install app dependencies defined in package.json. - npm: "path={{ node_apps_location }}/app" + npm: path={{ node_apps_location }}/app - name: Check list of running Node.js apps. command: /usr/local/bin/forever list @@ -43,5 +43,5 @@ changed_when: false - name: Start example Node.js app. - command: "/usr/local/bin/forever start {{ node_apps_location }}/app/app.js" - when: "forever_list.stdout.find(node_apps_location + '/app/app.js') == -1" + command: /usr/local/bin/forever start {{ node_apps_location }}/app/app.js + when: forever_list.stdout.find(node_apps_location + '/app/app.js') == -1 diff --git a/security/main.yml b/security/main.yml index 705b5a08..a21dca7a 100644 --- a/security/main.yml +++ b/security/main.yml @@ -22,14 +22,14 @@ regexp: "{{ item.regexp }}" line: "{{ item.line }}" state: present - validate: 'sshd -t -f %s' + validate: sshd -t -f %s with_items: - - regexp: "^PasswordAuthentication" - line: "PasswordAuthentication no" - - regexp: "^PermitRootLogin" - line: "PermitRootLogin no" - - regexp: "^Port" - line: "Port 2849" + - regexp: ^PasswordAuthentication + line: PasswordAuthentication no + - regexp: ^PermitRootLogin + line: PermitRootLogin no + - regexp: ^Port + line: Port 2849 notify: restart ssh # User account configuration. @@ -42,10 +42,10 @@ - name: Add sudo rights for deployment user. lineinfile: dest: /etc/sudoers - regexp: '^johndoe' - line: 'johndoe ALL=(ALL) NOPASSWD: ALL' + regexp: ^johndoe + line: "johndoe ALL=(ALL) NOPASSWD: ALL" state: present - validate: 'visudo -cf %s' + validate: visudo -cf %s # Remove unused software, open only required ports. - name: Remove unused packages. @@ -61,7 +61,7 @@ path: /var/log/messages owner: root group: root - mode: 0600 + mode: "0600" # Automating updates for RHEL systems. - name: Install dnf-automatic. @@ -73,7 +73,7 @@ service: name: dnf-automatic-install.timer state: started - enabled: yes + enabled: true # Automating updates for Debian systems. - name: Install unattended upgrades package. @@ -84,11 +84,11 @@ - name: Copy unattended-upgrades configuration files in place. template: - src: "../templates/{{ item }}.j2" - dest: "/etc/apt/apt.conf.d/{{ item }}" + src: ../templates/{{ item }}.j2 + dest: /etc/apt/apt.conf.d/{{ item }} owner: root group: root - mode: 0644 + mode: "0644" with_items: - 20auto-upgrades - 50unattended-upgrades @@ -105,12 +105,12 @@ state: "{{ item.state }}" port: "{{ item.port }}" zone: external - immediate: yes - permanent: yes + immediate: true + permanent: true with_items: - - { state: 'enabled', port: '22/tcp' } - - { state: 'enabled', port: '80/tcp' } - - { state: 'enabled', port: '123/udp' } + - { state: enabled, port: 22/tcp } + - { state: enabled, port: 80/tcp } + - { state: enabled, port: 123/udp } # Monitor logins and block suspect IP addresses. - name: Ensure EPEL repo is present. @@ -136,7 +136,7 @@ service: name: fail2ban state: started - enabled: yes + enabled: true # Use SELinux (Security-Enhanced Linux). - name: Install Python SELinux library. @@ -152,6 +152,6 @@ - name: Ensure httpd can connect to the network. seboolean: name: httpd_can_network_connect - state: yes - persistent: yes + state: true + persistent: true when: ansible_selinux.status == 'enabled' diff --git a/solr/provisioning/playbook.yml b/solr/provisioning/playbook.yml index 8d4427c7..d2e08e7d 100644 --- a/solr/provisioning/playbook.yml +++ b/solr/provisioning/playbook.yml @@ -15,7 +15,7 @@ - name: Download Solr. get_url: - url: "https://archive.apache.org/dist/lucene/solr/{{ solr_version }}/solr-{{ solr_version }}.tgz" + url: https://archive.apache.org/dist/lucene/solr/{{ solr_version }}/solr-{{ solr_version }}.tgz dest: "{{ download_dir }}/solr-{{ solr_version }}.tgz" checksum: "{{ solr_checksum }}" diff --git a/test-plugin/main.yml b/test-plugin/main.yml index f4cdda85..55ef69d8 100644 --- a/test-plugin/main.yml +++ b/test-plugin/main.yml @@ -5,6 +5,6 @@ my_color_choice: blue tasks: - - name: "Verify {{ my_color_choice }} is a form of blue." + - name: Verify {{ my_color_choice }} is a form of blue. assert: that: my_color_choice is blue diff --git a/tests/deployments-rolling.yml b/tests/deployments-rolling.yml index 6c2f95c7..1dd677fb 100644 --- a/tests/deployments-rolling.yml +++ b/tests/deployments-rolling.yml @@ -19,4 +19,4 @@ - import_playbook: ../deployments-rolling/playbooks/deploy.yml vars: - firewall_enable_ipv6: false \ No newline at end of file + firewall_enable_ipv6: false diff --git a/tests/security.yml b/tests/security.yml index 3639d4f0..aa42eeb3 100644 --- a/tests/security.yml +++ b/tests/security.yml @@ -25,8 +25,8 @@ copy: content: "" dest: /var/log/messages - force: no - mode: 0600 + force: false + mode: "0600" # Security test. - import_playbook: ../security/main.yml diff --git a/tests/solr.yml b/tests/solr.yml index 74dcc4b9..4cfd3463 100644 --- a/tests/solr.yml +++ b/tests/solr.yml @@ -7,7 +7,7 @@ file: path: /usr/share/man/man1 state: directory - recurse: True + recurse: true # Solr test. - import_playbook: ../solr/provisioning/playbook.yml