fix: all praise the allmighty yamllinter

.github/FUNDING.yml

@@ -1,3 +1,4 @@
+---
 # These are supported funding model platforms
 
 # https://liberapay.com/s.pantaleev/

.yamllint

@@ -0,0 +1,5 @@
+---
+extends: default
+
+rules:
+  line-length: disable

collections/requirements.yml

@@ -1,4 +1,4 @@
 ---
 collections:
   - name: community.general
-  - name: community.docker  
+  - name: community.docker

docs/configuring-playbook-bot-go-neb.md

@@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
 
 ```
 curl -X POST --header 'Content-Type: application/json' -d '{
-    "identifier": { "type": "m.id.user", "user": "bot.go-neb" },
+    "identifier": { "type": "m.id.user", "user": "bot.go-neb"},
     "password": "a strong password",
     "type": "m.login.password"
 }' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'
@@ -198,8 +198,8 @@ matrix_bot_go_neb_services:
       # Each room will get the notification with the alert rendered with the given template
       rooms:
         "!someroomid:domain.tld":
-          text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
-          html_template: "{% raw %}{{range .Alerts -}}  {{ $severity := index .Labels \"severity\" }}    {{ if eq .Status \"firing\" }}      {{ if eq $severity \"critical\"}}        <font color='red'><b>[FIRING - CRITICAL]</b></font>      {{ else if eq $severity \"warning\"}}        <font color='orange'><b>[FIRING - WARNING]</b></font>      {{ else }}        <b>[FIRING - {{ $severity }}]</b>      {{ end }}    {{ else }}      <font color='green'><b>[RESOLVED]</b></font>    {{ end }}  {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}}   <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
+          text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}"
+          html_template: "{% raw %}{{range .Alerts -}}  {{ $severity := index .Labels \"severity\"}}    {{ if eq .Status \"firing\"}}      {{ if eq $severity \"critical\"}}        <font color='red'><b>[FIRING - CRITICAL]</b></font>      {{ else if eq $severity \"warning\"}}        <font color='orange'><b>[FIRING - WARNING]</b></font>      {{ else }}        <b>[FIRING - {{ $severity }}]</b>      {{ end }}    {{ else }}      <font color='green'><b>[RESOLVED]</b></font>    {{ end }}  {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}}   <a href=\"{{ .GeneratorURL }}\">source</a><br/>{{end -}}{% endraw %}"
           msg_type: "m.text"  # Must be either `m.text` or `m.notice`
 ```
 

docs/configuring-playbook-bot-mjolnir.md

@@ -28,7 +28,7 @@ If you use curl, you can get an access token like this:
 
 ```
 curl -X POST --header 'Content-Type: application/json' -d '{
-    "identifier": { "type": "m.id.user", "user": "bot.mjolnir" },
+    "identifier": { "type": "m.id.user", "user": "bot.mjolnir"},
     "password": "PASSWORD_FOR_THE_BOT",
     "type": "m.login.password"
 }' 'https://matrix.DOMAIN/_matrix/client/r0/login'

docs/configuring-playbook-bridge-mautrix-facebook.md

@@ -50,7 +50,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Facebook", "initial_device_display_name": "Mautrix-Facebook"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-bridge-mautrix-googlechat.md

@@ -33,7 +33,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-googlechat", "initial_device_display_name": "Mautrix-googlechat"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-bridge-mautrix-hangouts.md

@@ -35,7 +35,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-bridge-mautrix-signal.md

@@ -77,7 +77,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-bridge-mautrix-telegram.md

@@ -32,7 +32,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-bridge-mautrix-whatsapp.md

@@ -48,7 +48,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME"}, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/configuring-playbook-dimension.md

@@ -53,7 +53,7 @@ To get an access token for the Dimension user, you can follow one of two options
 
 ```
 curl -X POST --header 'Content-Type: application/json' -d '{
-    "identifier": { "type": "m.id.user", "user": "YourDimensionUsername" },
+    "identifier": { "type": "m.id.user", "user": "YourDimensionUsername"},
     "password": "YourDimensionPassword",
     "type": "m.login.password"
 }' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'

docs/configuring-playbook-email2matrix.md

@@ -40,7 +40,7 @@ To do this, you can execute a command like this:
 
 ```
 curl \
---data '{"identifier": {"type": "m.id.user", "user": "email2matrix" }, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \
+--data '{"identifier": {"type": "m.id.user", "user": "email2matrix"}, "password": "MATRIX_PASSWORD_FOR_THE_USER", "type": "m.login.password", "device_id": "Email2Matrix", "initial_device_display_name": "Email2Matrix"}' \
 https://matrix.DOMAIN/_matrix/client/r0/login
 ```
 

docs/updating-users-passwords.md

@@ -41,5 +41,5 @@ If you didn't make your account a server admin when you created it, you can use
 ### Example:
 To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command:
 ```
-curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token
+curl -XPOST -d '{ "new_password": "correct_horse_battery_staple"}' "https://matrix.<domain>/_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token
 ```

examples/haproxy/docker-compose.yml

@@ -1,7 +1,8 @@
+---
 version: '3'
 services:
   nginx:
-    image: local/nginx 
+    image: local/nginx
     ports:
       - 40888:80
     volumes:

examples/vars.yml

@@ -1,3 +1,4 @@
+---
 # The bare domain name which represents your Matrix identity.
 # Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
 #

group_vars/matrix_servers

@@ -265,7 +265,7 @@ matrix_beeper_linkedin_homeserver_token: "{{ '%s' | format(matrix_homeserver_gen
 
 matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 
-matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
+matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
 
 matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db') | to_uuid }}"
 
@@ -303,7 +303,7 @@ matrix_mautrix_facebook_homeserver_token: "{{ '%s' | format(matrix_homeserver_ge
 
 matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 
-matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
+matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
 
 # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
 # and point them to a migration path.
@@ -427,7 +427,7 @@ matrix_mautrix_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_g
 
 matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 
-matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
+matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true}}"
 
 # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
 # and point them to a migration path.
@@ -1367,7 +1367,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
 matrix_ma1sd_threepid_medium_email_connectors_smtp_port: 8025
 matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0
 
-matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 matrix_ma1sd_systemd_required_services_list: |
   {{
@@ -1479,7 +1479,7 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_ma1sd_
 matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"
 matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}"
 
-matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 # OCSP stapling does not make sense when self-signed certificates are used.
 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
@@ -1886,7 +1886,7 @@ matrix_client_element_integrations_rest_url: "{{ matrix_dimension_integrations_r
 matrix_client_element_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}"
 matrix_client_element_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}"
 
-matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_client_element_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 matrix_client_element_registration_enabled: "{{ matrix_synapse_enable_registration }}"
 
@@ -1924,7 +1924,7 @@ matrix_client_hydrogen_container_http_host_bind_port: "{{ '' if matrix_nginx_pro
 
 matrix_client_hydrogen_default_hs_url: "{{ matrix_homeserver_url }}"
 
-matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_client_hydrogen_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 ######################################################################
 #
@@ -1951,7 +1951,7 @@ matrix_client_cinny_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_
 
 matrix_client_cinny_default_hs_url: "{{ matrix_homeserver_url }}"
 
-matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_client_cinny_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 ######################################################################
 #
@@ -2042,7 +2042,7 @@ matrix_synapse_turn_uris: |
 
 matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
 
-matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 matrix_synapse_systemd_required_services_list: |
   {{
@@ -2228,7 +2228,7 @@ matrix_registration_shared_secret: |-
 
 matrix_registration_server_location: "{{ matrix_homeserver_container_url }}"
 
-matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
 
@@ -2320,7 +2320,7 @@ matrix_dendrite_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if
 
 matrix_dendrite_disable_tls_validation: "{{ true if matrix_ssl_retrieval_method == 'self-signed' else false }}"
 
-matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
+matrix_dendrite_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true}}"
 
 matrix_dendrite_trusted_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else ['matrix.org', 'vector.im'] }}"
 

roles/matrix-aux/tasks/main.yml

@@ -1,3 +1,5 @@
+---
+
 - import_tasks: "{{ role_path }}/tasks/setup.yml"
   when: run_stop|bool
   tags:

roles/matrix-awx/defaults/main.yml

@@ -1,3 +1,5 @@
+---
+
 matrix_awx_enabled: true
 
 # Defaults for 'Customise Website + Access Export' template

roles/matrix-awx/tasks/backup_server.yml

@@ -1,3 +1,4 @@
+---
 
 - name: Record Backup Server variables locally on AWX
   delegate_to: 127.0.0.1
@@ -38,18 +39,18 @@
     credential: "{{ member_id }} - AWX SSH Key"
     survey_enabled: true
     survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/backup_server.json') }}"
-    become_enabled: yes
+    become_enabled: true
     state: present
     verbosity: 1
     tower_host: "https://{{ awx_host }}"
     tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
-    validate_certs: yes
+    validate_certs: true
   tags: use-survey
 
 - name: Include vars in matrix_vars.yml
   include_vars:
     file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
-  no_log: True
+  no_log: true
 
 - name: Copy new 'matrix_vars.yml' to target machine
   copy:
@@ -58,8 +59,8 @@
     mode: '0660'
   tags: use-survey
 
-- name: Run initial backup of /matrix/ and snapshot the database simultaneously 
-  command: "{{ item }}" 
+- name: Run initial backup of /matrix/ and snapshot the database simultaneously
+  command: "{{ item }}"
   with_items:
     - borgmatic -c /root/.config/borgmatic/config_1.yaml
     - /bin/sh /usr/local/bin/awx-export-service.sh 1 0

roles/matrix-awx/tasks/bridge_discord_appservice.yml

@@ -1,3 +1,4 @@
+---
 
 - name: Record Bridge Discord AppService variables locally on AWX
   delegate_to: 127.0.0.1
@@ -33,7 +34,7 @@
 - name: Copy new 'Bridge Discord Appservice' survey.json to target machine
   copy:
     src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
-    dest:  '/matrix/awx/bridge_discord_appservice.json'
+    dest: '/matrix/awx/bridge_discord_appservice.json'
     mode: '0660'
 
 - name: Recreate 'Bridge Discord Appservice' job template
@@ -54,4 +55,4 @@
     verbosity: 1
     tower_host: "https://{{ awx_host }}"
     tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
-    validate_certs: yes
+    validate_certs: true

roles/matrix-awx/tasks/cache_matrix_variables.yml

@@ -1,3 +1,4 @@
+---
 
 - name: Collect current datetime
   set_fact:

roles/matrix-awx/tasks/create_session_token.yml

@@ -1,3 +1,4 @@
+---
 
 - name: Create a AWX session token for executing modules
   awx.awx.tower_token:
@@ -7,4 +8,4 @@
     tower_host: "https://{{ awx_host }}"
     tower_oauthtoken: "{{ awx_master_token }}"
   register: awx_session_token
-  no_log: True
+  no_log: true

roles/matrix-awx/tasks/create_user.yml

@@ -1,3 +1,4 @@
+---
 #
 # Create user and define if they are admin
 #