Make the FQCN warning happy again

This commit is contained in:
Salt 2022-06-16 23:45:29 -05:00
parent 210c335e90
commit 7f6b52b225
42 changed files with 108 additions and 107 deletions

View File

@ -1,8 +1,8 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: restart cron - name: restart cron
service: name=cron state=restarted ansible.builtin.service: name=cron state=restarted
become: yes become: yes
- name: regen initramfs - name: regen initramfs
command: /usr/sbin/update-initramfs -c -k all ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
become: yes become: yes

View File

@ -5,7 +5,7 @@
- hosts: all - hosts: all
tasks: tasks:
- name: collect service facts - name: collect service facts
service_facts: ansible.builtin.service_facts:
tags: [ always ] tags: [ always ]
roles: roles:
- role: common - role: common

View File

@ -5,8 +5,8 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: assure scanner user - name: assure scanner user
user: name=scanner state=absent ansible.builtin.user: name=scanner state=absent
tags: [ scanner, greenbone ] tags: [ scanner, greenbone ]
- name: assure scanner user sudoers rule - name: assure scanner user sudoers rule
lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent ansible.builtin.lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent
tags: [ scanner, greenbone ] tags: [ scanner, greenbone ]

View File

@ -5,5 +5,5 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: touch ansible timestamp file - name: touch ansible timestamp file
file: path=/var/lib/ansible-last-run state=touch mode='0644' ansible.builtin.file: path=/var/lib/ansible-last-run state=touch mode='0644'
changed_when: no changed_when: no

View File

@ -5,7 +5,7 @@
- hosts: device_roles_workstation - hosts: device_roles_workstation
tasks: tasks:
- name: assure vm-fs-1 nfs mountpoint - name: assure vm-fs-1 nfs mountpoint
file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755 ansible.builtin.file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755
tags: [ desktop, nfs ] tags: [ desktop, nfs ]
- name: assure vm-fs-1 nfs mount - name: assure vm-fs-1 nfs mount
mount: path=/nfs/vm-fs-1.home.mgmt.desu.ltd src=vm-fs-1.home.mgmt.desu.ltd:/nfs fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted mount: path=/nfs/vm-fs-1.home.mgmt.desu.ltd src=vm-fs-1.home.mgmt.desu.ltd:/nfs fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted

View File

@ -78,7 +78,7 @@
tags: [ docker ] tags: [ docker ]
tasks: tasks:
- name: assure nfs mount directory - name: assure nfs mount directory
file: path=/data/syncthing/data state=directory mode=0755 ansible.builtin.file: path=/data/syncthing/data state=directory mode=0755
tags: [ storage ] tags: [ storage ]
- name: assure nfs mount - name: assure nfs mount
mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
@ -89,7 +89,7 @@
- app/syncthing.yml - app/syncthing.yml
tags: [ always ] tags: [ always ]
- name: assure movement cronjobs - name: assure movement cronjobs
cron: ansible.builtin.cron:
name: "{{ item.name }}" name: "{{ item.name }}"
minute: 0 minute: 0
hour: 5 hour: 5
@ -116,14 +116,14 @@
dest: Pictures/Screenshots/Vidya/Cyberpunk 2077 dest: Pictures/Screenshots/Vidya/Cyberpunk 2077
tags: [ cron ] tags: [ cron ]
- name: assure zone identifier cleanup cronjob - name: assure zone identifier cleanup cronjob
cron: ansible.builtin.cron:
name: cleanup zone.identtifier name: cleanup zone.identtifier
minute: 0 minute: 0
hour: 3 hour: 3
job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete' job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete'
tags: [ cron ] tags: [ cron ]
- name: assure filename sanitize cronjobs - name: assure filename sanitize cronjobs
cron: ansible.builtin.cron:
name: "sanitize {{ item }}" name: "sanitize {{ item }}"
minute: 0 minute: 0
hour: 4 hour: 4

View File

@ -5,7 +5,7 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: assure nfs mount directory - name: assure nfs mount directory
file: path=/nfs/projects state=directory mode=0755 ansible.builtin.file: path=/nfs/projects state=directory mode=0755
tags: [ storage ] tags: [ storage ]
- name: assure nfs mount - name: assure nfs mount
mount: path=/nfs/projects src=192.168.190.1:/nfs/projects fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted mount: path=/nfs/projects src=192.168.190.1:/nfs/projects fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted

View File

@ -5,7 +5,7 @@
- hosts: vm-fs-1.home.mgmt.desu.ltd - hosts: vm-fs-1.home.mgmt.desu.ltd
tasks: tasks:
- name: assure nfs directory - name: assure nfs directory
file: path=/nfs state=directory mode=0755 ansible.builtin.file: path=/nfs state=directory mode=0755
roles: roles:
- role: backup - role: backup
vars: vars:

View File

@ -10,7 +10,7 @@
pull: yes pull: yes
pre_tasks: pre_tasks:
- name: assure nfs mount directory - name: assure nfs mount directory
file: path=/data state=directory mode=0755 ansible.builtin.file: path=/data state=directory mode=0755
tags: [ pis, storage ] tags: [ pis, storage ]
- name: assure nfs mount - name: assure nfs mount
mount: path=/data/shared src=192.168.190.1:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted mount: path=/data/shared src=192.168.190.1:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted

View File

@ -25,7 +25,7 @@
overwrite: yes overwrite: yes
tasks: tasks:
- name: clear host errors before dns loop - name: clear host errors before dns loop
meta: clear_host_errors ansible.builtin.meta: clear_host_errors
- name: configure dns - name: configure dns
block: block:
- name: configure main mgmt dns - name: configure main mgmt dns

View File

@ -6,7 +6,7 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: install raspi packages - name: install raspi packages
apt: ansible.builtin.apt:
name: name:
- libraspberrypi-bin - libraspberrypi-bin
tags: [ pis, packages ] tags: [ pis, packages ]

View File

@ -6,9 +6,9 @@
- name: configure system76 for apt - name: configure system76 for apt
block: block:
- name: ensure system76 repo - name: ensure system76 repo
apt_repository: repo="ppa:system76-dev/stable" ansible.builtin.apt_repository: repo="ppa:system76-dev/stable"
- name: ensure system76 packages - name: ensure system76 packages
apt: ansible.builtin.apt:
name: name:
- firmware-manager - firmware-manager
- kamoso - kamoso

View File

@ -136,7 +136,7 @@
pull: yes pull: yes
pre_tasks: pre_tasks:
- name: clear host errors - name: clear host errors
meta: clear_host_errors ansible.builtin.meta: clear_host_errors
tasks: tasks:
- name: ensure docker network - name: ensure docker network
docker_network: name=web docker_network: name=web

View File

@ -19,7 +19,7 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: disable ansible-pull when not tagged - name: disable ansible-pull when not tagged
systemd: name={{ item }} state=stopped enabled=no ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
with_items: with_items:
- ansible-pull.timer - ansible-pull.timer
- ansible-pull.service - ansible-pull.service

View File

@ -14,7 +14,7 @@
serial: 1 serial: 1
tasks: tasks:
- name: check for reboot-required - name: check for reboot-required
stat: path=/var/run/reboot-required ansible.builtin.stat: path=/var/run/reboot-required
register: s register: s
- name: reboot - name: reboot
block: block:
@ -30,7 +30,7 @@
delegate_to: web3.dallas.mgmt.desu.ltd delegate_to: web3.dallas.mgmt.desu.ltd
rescue: rescue:
- name: notify of failure to reboot - name: notify of failure to reboot
debug: msg="Miscellaneous failure when scheduling downtime" ansible.builtin.debug: msg="Miscellaneous failure when scheduling downtime"
- name: reboot - name: reboot
reboot: reboot_timeout=600 ansible.builtin.reboot: reboot_timeout=600
when: s.stat.exists when: s.stat.exists

View File

@ -12,10 +12,10 @@
tags: [ nagios, git ] tags: [ nagios, git ]
tasks: tasks:
- name: assure nagios plugin packages - name: assure nagios plugin packages
apt: name=monitoring-plugins,nagios-plugins-contrib ansible.builtin.apt: name=monitoring-plugins,nagios-plugins-contrib
tags: [ nagios ] tags: [ nagios ]
- name: assure nagios user - name: assure nagios user
user: name=nagios-checker state=present system=yes ansible.builtin.user: name=nagios-checker state=present system=yes
tags: [ nagios ] tags: [ nagios ]
- name: assure nagios user ssh key - name: assure nagios user ssh key
authorized_key: authorized_key:
@ -24,10 +24,10 @@
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNavw28C0mKIQVRLQDW2aoovliU1XCGaenDhIMwumK/ Nagios monitoring" key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNavw28C0mKIQVRLQDW2aoovliU1XCGaenDhIMwumK/ Nagios monitoring"
tags: [ nagios ] tags: [ nagios ]
- name: assure nagios user sudo rule file - name: assure nagios user sudo rule file
file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve ansible.builtin.file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve
tags: [ nagios, sudo ] tags: [ nagios, sudo ]
- name: assure nagios user sudo rules - name: assure nagios user sudo rules
lineinfile: ansible.builtin.lineinfile:
path: /etc/sudoers.d/50-nagios-checker path: /etc/sudoers.d/50-nagios-checker
line: "nagios-checker ALL = (root) NOPASSWD: {{ item }}" line: "nagios-checker ALL = (root) NOPASSWD: {{ item }}"
with_items: with_items:
@ -39,6 +39,6 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: disable nagios user when not tagged - name: disable nagios user when not tagged
user: name=nagios-checker state=absent remove=yes ansible.builtin.user: name=nagios-checker state=absent remove=yes
when: "'tags_nagios' not in group_names" when: "'tags_nagios' not in group_names"
tags: [ nagios ] tags: [ nagios ]

View File

@ -24,7 +24,7 @@
gather_facts: no gather_facts: no
tasks: tasks:
- name: disable snmpd when not tagged - name: disable snmpd when not tagged
systemd: name={{ item }} state=stopped enabled=no ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
with_items: with_items:
- snmpd.service - snmpd.service
when: "'tags_snmp' not in group_names and item in services" when: "'tags_snmp' not in group_names and item in services"

View File

@ -25,8 +25,8 @@
- /srv/desu.ltd/nc:/var/www/html/data - /srv/desu.ltd/nc:/var/www/html/data
tags: [ docker, nextcloud ] tags: [ docker, nextcloud ]
- name: assure nextcloud cron cronjob - name: assure nextcloud cron cronjob
cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php" ansible.builtin.cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php"
tags: [ docker, nextcloud, cron ] tags: [ docker, nextcloud, cron ]
- name: assure nextcloud update cronjob - name: assure nextcloud update cronjob
cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all" ansible.builtin.cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all"
tags: [ docker, nextcloud, cron ] tags: [ docker, nextcloud, cron ]

View File

@ -1,13 +1,13 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: assure admin user - name: assure admin user
user: ansible.builtin.user:
name: "{{ adminuser_name }}" name: "{{ adminuser_name }}"
append: "{{ adminuser_groups_append }}" append: "{{ adminuser_groups_append }}"
groups: "{{ adminuser_groups + adminuser_groups_extra }}" groups: "{{ adminuser_groups + adminuser_groups_extra }}"
shell: "{{ adminuser_shell }}" shell: "{{ adminuser_shell }}"
- name: assure admin user ssh key - name: assure admin user ssh key
user: ansible.builtin.user:
name: "{{ adminuser_name }}" name: "{{ adminuser_name }}"
generate_ssh_key: yes generate_ssh_key: yes
ssh_key_type: "{{ adminuser_ssh_key_type }}" ssh_key_type: "{{ adminuser_ssh_key_type }}"
@ -20,8 +20,8 @@
authorized_key: state=absent user={{ adminuser_name }} key={{ item }} authorized_key: state=absent user={{ adminuser_name }} key={{ item }}
loop: "{{ adminuser_ssh_unauthorized_keys }}" loop: "{{ adminuser_ssh_unauthorized_keys }}"
- name: assure admin user pass - name: assure admin user pass
user: name={{ adminuser_name }} password={{ adminuser_password }} ansible.builtin.user: name={{ adminuser_name }} password={{ adminuser_password }}
when: adminuser_password is defined when: adminuser_password is defined
- name: assure admin user sudo rule - name: assure admin user sudo rule
lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }} ansible.builtin.lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
when: adminuser_sudo when: adminuser_sudo

View File

@ -1,5 +1,5 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: restart ansiblepull timer - name: restart ansiblepull timer
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
become: yes become: yes

View File

@ -1,15 +1,15 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: assure vault password file - name: assure vault password file
copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600" ansible.builtin.copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
become: yes become: yes
become_user: ansible become_user: ansible
- name: install ansible - name: install ansible
pip: name=ansible<5,ansible-lint state=latest ansible.builtin.pip: name=ansible<5,ansible-lint state=latest
- name: configure systemd service - name: configure systemd service
template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644 ansible.builtin.template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
- name: configure systemd timer - name: configure systemd timer
template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644 ansible.builtin.template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
notify: restart ansiblepull timer notify: restart ansiblepull timer
- name: enable timer - name: enable timer
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started

View File

@ -2,5 +2,5 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: restart backup timer - name: restart backup timer
systemd: name=backup.timer state=restarted daemon_reload=yes ansible.builtin.systemd: name=backup.timer state=restarted daemon_reload=yes
become: yes become: yes

View File

@ -2,13 +2,13 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: template out backup script - name: template out backup script
template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root ansible.builtin.template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
- name: template out restore script - name: template out restore script
template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root ansible.builtin.template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
- name: configure systemd service - name: configure systemd service
template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644 ansible.builtin.template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
- name: configure systemd timer - name: configure systemd timer
template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644 ansible.builtin.template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644
notify: restart backup timer notify: restart backup timer
- name: enable timer - name: enable timer
systemd: name=backup.timer state=started enabled=yes daemon_reload=yes ansible.builtin.systemd: name=backup.timer state=started enabled=yes daemon_reload=yes

View File

@ -1,8 +1,8 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: restart cron - name: restart cron
service: name=cron state=restarted ansible.builtin.service: name=cron state=restarted
become: yes become: yes
- name: regen initramfs - name: regen initramfs
command: /usr/sbin/update-initramfs -c -k all ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
become: yes become: yes

View File

@ -1,10 +1,10 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: create ansible user - name: create ansible user
user: name=ansible password_lock=yes ansible.builtin.user: name=ansible password_lock=yes
- name: configure ansible user home directory - name: configure ansible user home directory
file: path=/home/ansible owner=ansible group=ansible ansible.builtin.file: path=/home/ansible owner=ansible group=ansible
- name: configure ansible user keys - name: configure ansible user keys
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }} authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
- name: configure ansible user sudo - name: configure ansible user sudo
lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL" ansible.builtin.lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"

View File

@ -3,9 +3,9 @@
- name: configure packages via apt - name: configure packages via apt
block: block:
- name: update apt packages - name: update apt packages
apt: upgrade=yes update_cache=yes cache_valid_time=86400 ansible.builtin.apt: upgrade=yes update_cache=yes cache_valid_time=86400
- name: install basic packages - name: install basic packages
apt: ansible.builtin.apt:
name: name:
- acl - acl
- apt-file - apt-file
@ -37,9 +37,9 @@
- vim - vim
- whois - whois
- name: remove basic packages - name: remove basic packages
apt: state=absent name=unattended-upgrades ansible.builtin.apt: state=absent name=unattended-upgrades
- name: autoremove - name: autoremove
apt: autoremove=yes purge=yes ansible.builtin.apt: autoremove=yes purge=yes
- name: autoclean - name: autoclean
apt: autoclean=yes ansible.builtin.apt: autoclean=yes
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"

View File

@ -1,11 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: configure hostname - name: configure hostname
hostname: name={{ inventory_hostname }} ansible.builtin.hostname: name={{ inventory_hostname }}
- name: ensure loopback name - name: ensure loopback name
lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}" ansible.builtin.lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}"
- name: configure timezone - name: configure timezone
timezone: name=America/Chicago timezone: name=America/Chicago
notify: restart cron notify: restart cron
- name: configure shell profile - name: configure shell profile
template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644 ansible.builtin.template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644

View File

@ -1,5 +1,5 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: regen initramfs - name: regen initramfs
command: /usr/sbin/update-initramfs -c -k all ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
become: yes become: yes

View File

@ -2,9 +2,9 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: assure xorg.conf.d - name: assure xorg.conf.d
file: path=/etc/X11/xorg.conf.d state=directory mode=0755 ansible.builtin.file: path=/etc/X11/xorg.conf.d state=directory mode=0755
- name: configure X misc - name: configure X misc
template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644 ansible.builtin.template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644
loop: loop:
# Disables mouse acceleration on all mouse peripherals # Disables mouse acceleration on all mouse peripherals
- 90-mouse-acceleration.conf - 90-mouse-acceleration.conf

View File

@ -5,26 +5,26 @@
block: block:
# Manage archs # Manage archs
- name: enable archs - name: enable archs
lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644 ansible.builtin.lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644
loop: "{{ desktop_apt_archs }}" loop: "{{ desktop_apt_archs }}"
# Manage keys # Manage keys
- name: enroll keys from keyserver - name: enroll keys from keyserver
apt_key: keyserver=keyserver.ubuntu.com id={{ item }} ansible.builtin.apt_key: keyserver=keyserver.ubuntu.com id={{ item }}
loop: "{{ desktop_apt_keys_keyserver + desktop_apt_keys_keyserver_extra }}" loop: "{{ desktop_apt_keys_keyserver + desktop_apt_keys_keyserver_extra }}"
- name: enroll keys by url - name: enroll keys by url
apt_key: url={{ item }} ansible.builtin.apt_key: url={{ item }}
loop: "{{ desktop_apt_keys_url + desktop_apt_keys_url_extra }}" loop: "{{ desktop_apt_keys_url + desktop_apt_keys_url_extra }}"
# Manage repos # Manage repos
- name: configure repos - name: configure repos
apt_repository: repo={{ item }} ansible.builtin.apt_repository: repo={{ item }}
loop: "{{ desktop_apt_repos + desktop_apt_repos_extra }}" loop: "{{ desktop_apt_repos + desktop_apt_repos_extra }}"
# Manage packages # Manage packages
- name: configure installed packages - name: configure installed packages
apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}" ansible.builtin.apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}"
- name: configure removed packages - name: configure removed packages
apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent ansible.builtin.apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent
- name: configure out-of-repo packages - name: configure out-of-repo packages
apt: deb="{{ item }}" ansible.builtin.apt: deb="{{ item }}"
loop: "{{ desktop_apt_debs + desktop_apt_debs_extra }}" loop: "{{ desktop_apt_debs + desktop_apt_debs_extra }}"
when: ansible_pkg_mgr == "apt" when: ansible_pkg_mgr == "apt"
- name: configure portage - name: configure portage
@ -35,12 +35,12 @@
synchronize: src="portage/" dest="/etc/portage/" synchronize: src="portage/" dest="/etc/portage/"
# This is my bootstrap script, which can cause damage if invoked by root again, so we remove it # This is my bootstrap script, which can cause damage if invoked by root again, so we remove it
- name: remove gentoostrap - name: remove gentoostrap
file: path=/gentoostrap.sh state=absent ansible.builtin.file: path=/gentoostrap.sh state=absent
- name: remove gentoostrap package.use - name: remove gentoostrap package.use
file: path=/etc/portage/package.use/gentoostrap state=absent ansible.builtin.file: path=/etc/portage/package.use/gentoostrap state=absent
when: ansible_os_family == "Gentoo" when: ansible_os_family == "Gentoo"
- name: configure pip3 packages - name: configure pip3 packages
pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}" ansible.builtin.pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}"
when: ansible_os_family != "Gentoo" when: ansible_os_family != "Gentoo"
- name: configure flatpak - name: configure flatpak
block: block:

View File

@ -2,7 +2,7 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: assure tmodloader {{ tmodloader_name }} directory structure - name: assure tmodloader {{ tmodloader_name }} directory structure
file: ansible.builtin.file:
state: directory state: directory
owner: "{{ tmodloader_uid }}" owner: "{{ tmodloader_uid }}"
group: "{{ tmodloader_gid }}" group: "{{ tmodloader_gid }}"
@ -18,30 +18,31 @@
- "{{ tmodloader_data_prefix }}/data/ModLoader/Mods" - "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
- "{{ tmodloader_data_prefix }}/data/ModLoader/Worlds" - "{{ tmodloader_data_prefix }}/data/ModLoader/Worlds"
- name: assure mods - name: assure mods
shell: ansible.builtin.shell:
cmd: "curl -L \"{{ tmodloader_mod_server }}\" -o \"{{ item }}.tmod\" && chown \"{{ tmodloader_uid }}:{{ tmodloader_gid }}\" \"{{ item }}.tmod\"" cmd: "curl -L \"{{ tmodloader_mod_server }}\" -o \"{{ item }}.tmod\" && chown \"{{ tmodloader_uid }}:{{ tmodloader_gid }}\" \"{{ item }}.tmod\""
chdir: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods" chdir: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
creates: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/{{ item }}.tmod" creates: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/{{ item }}.tmod"
with_list: "{{ tmodloader_mods }}" with_list: "{{ tmodloader_mods }}"
notify: "restart tmodloader {{ tmodloader_name }}" notify: "restart tmodloader {{ tmodloader_name }}"
- name: enable mods - name: enable mods
template: ansible.builtin.template:
src: enabled.json src: enabled.json
dest: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/enabled.json" dest: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/enabled.json"
owner: "{{ tmodloader_uid }}" owner: "{{ tmodloader_uid }}"
group: "{{ tmodloader_gid }}" group: "{{ tmodloader_gid }}"
mode: "0750"
notify: "restart tmodloader {{ tmodloader_name }}" notify: "restart tmodloader {{ tmodloader_name }}"
- name: assure tmodloader {{ tmodloader_name }} files - name: assure tmodloader {{ tmodloader_name }} files
file: ansible.builtin.file:
state: touch state: touch
owner: "{{ tmodloader_uid }}" owner: "{{ tmodloader_uid }}"
group: "{{ tmodloader_gid }}" group: "{{ tmodloader_gid }}"
mode: "0640" mode: "0750"
path: "{{ item }}" path: "{{ item }}"
with_items: with_items:
- "{{ tmodloader_data_prefix }}/config.txt" - "{{ tmodloader_data_prefix }}/config.txt"
- name: assure {{ tmodloader_name }} configs - name: assure {{ tmodloader_name }} configs
lineinfile: ansible.builtin.lineinfile:
state: present state: present
regexp: "^{{ item.key }}" regexp: "^{{ item.key }}"
line: "{{ item.key }}={{ item.value }}" line: "{{ item.key }}={{ item.value }}"
@ -49,7 +50,7 @@
with_dict: "{{ tmodloader_config | combine(tmodloader_config_extra) | combine(tmodloader_config_internal) }}" with_dict: "{{ tmodloader_config | combine(tmodloader_config_extra) | combine(tmodloader_config_internal) }}"
notify: "restart tmodloader {{ tmodloader_name }}" notify: "restart tmodloader {{ tmodloader_name }}"
- name: assure {{ tmodloader_name }} backup cronjob - name: assure {{ tmodloader_name }} backup cronjob
cron: ansible.builtin.cron:
user: root user: root
name: "terraria-{{ tmodloader_name }}" name: "terraria-{{ tmodloader_name }}"
minute: "*/30" minute: "*/30"

View File

@ -2,7 +2,7 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: clone git repos - name: clone git repos
git: ansible.builtin.git:
accept_hostkey: yes accept_hostkey: yes
depth: "{{ item.depth | default(1, true) }}" depth: "{{ item.depth | default(1, true) }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"

View File

@ -1,5 +1,5 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: grub mkconfig - name: grub mkconfig
command: "grub-mkconfig -o /boot/grub/grub.cfg" ansible.builtin.command: "grub-mkconfig -o /boot/grub/grub.cfg"
become: yes become: yes

View File

@ -4,5 +4,5 @@
- name: configure grub - name: configure grub
block: block:
- name: template out grub config - name: template out grub config
template: src=grub.conf dest=/etc/default/grub mode=0644 ansible.builtin.template: src=grub.conf dest=/etc/default/grub mode=0644
notify: grub mkconfig notify: grub mkconfig

View File

@ -1,12 +1,12 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: assure ingress container persist directories - name: assure ingress container persist directories
file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755 ansible.builtin.file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755
with_items: with_items:
- letsencrypt - letsencrypt
- user_conf.d - user_conf.d
- name: template out ingress configuration file - name: template out ingress configuration file
template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640" ansible.builtin.template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640"
notify: restart ingress container notify: restart ingress container
- name: assure ingress container - name: assure ingress container
docker_container: docker_container:

View File

@ -1,11 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: remove default motd items - name: remove default motd items
file: state=absent path=/etc/update-motd.d/{{ item }} ansible.builtin.file: state=absent path=/etc/update-motd.d/{{ item }}
loop: "{{ motd_remove + motd_remove_extra }}" loop: "{{ motd_remove + motd_remove_extra }}"
- name: disable motd-news - name: disable motd-news
systemd: name="{{ item }}" state=stopped enabled=no ansible.builtin.systemd: name="{{ item }}" state=stopped enabled=no
with_items: with_items:
- motd-news.timer - motd-news.timer
- name: template out motd script - name: template out motd script
template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755 ansible.builtin.template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755

View File

@ -1,6 +1,6 @@
# vim:ft=ansible: # vim:ft=ansible:
- name: assure data directory for nagios - name: assure data directory for nagios
file: path="{{ nagios_data_dir }}" state=directory mode=0755 ansible.builtin.file: path="{{ nagios_data_dir }}" state=directory mode=0755
tags: [ nagios ] tags: [ nagios ]
- name: docker deploy nagios - name: docker deploy nagios
docker_container: docker_container:
@ -27,15 +27,15 @@
- /dev/null:/opt/nagios/bin/send_nsca - /dev/null:/opt/nagios/bin/send_nsca
tags: [ docker, nagios ] tags: [ docker, nagios ]
- name: template out scripts for nagios - name: template out scripts for nagios
template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755 ansible.builtin.template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755
with_items: with_items:
- notify-by-matrix - notify-by-matrix
tags: [ nagios, template, plugins ] tags: [ nagios, template, plugins ]
- name: template out config for nagios - name: template out config for nagios
template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644 ansible.builtin.template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644
tags: [ nagios, template ] tags: [ nagios, template ]
notify: restart nagios notify: restart nagios
- name: assure config file is loaded - name: assure config file is loaded
lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg' ansible.builtin.lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
tags: [ nagios, template ] tags: [ nagios, template ]
notify: restart nagios notify: restart nagios

View File

@ -1,21 +1,21 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: assure pulse package - name: assure pulse package
apt: name=pulseaudio ansible.builtin.apt: name=pulseaudio
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: remove user pulseaudio services - name: remove user pulseaudio services
file: state=absent path={{ item }} ansible.builtin.file: state=absent path={{ item }}
loop: loop:
- /etc/systemd/user/default.target.wants/pulseaudio.service - /etc/systemd/user/default.target.wants/pulseaudio.service
- /etc/systemd/user/sockets.target.wants/pulseaudio.socket - /etc/systemd/user/sockets.target.wants/pulseaudio.socket
- name: template out configs - name: template out configs
template: src={{ item.src }} dest={{ item.dest }} mode=0644 ansible.builtin.template: src={{ item.src }} dest={{ item.dest }} mode=0644
loop: loop:
- { src: "pulse-client.conf", dest: "/etc/pulse/client.conf" } - { src: "pulse-client.conf", dest: "/etc/pulse/client.conf" }
- { src: "pulse-daemon.conf", dest: "/etc/pulse/daemon.conf" } - { src: "pulse-daemon.conf", dest: "/etc/pulse/daemon.conf" }
- { src: "pulse-default.pa", dest: "/etc/pulse/default.pa" } - { src: "pulse-default.pa", dest: "/etc/pulse/default.pa" }
- { src: "pulseaudio.service", dest: "/etc/systemd/system/pulseaudio.service" } - { src: "pulseaudio.service", dest: "/etc/systemd/system/pulseaudio.service" }
- name: assure pulse user - name: assure pulse user
user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio ansible.builtin.user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio
- name: enable pulse service - name: enable pulse service
systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes ansible.builtin.systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes

View File

@ -1,5 +1,5 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
# vim:ft=ansible: # vim:ft=ansible:
- name: reload udev - name: reload udev
command: udevadm trigger ansible.builtin.command: udevadm trigger
become: yes become: yes

View File

@ -2,6 +2,6 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: configure udev rules - name: configure udev rules
lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644 ansible.builtin.lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644
loop: "{{ udev_rules }}" loop: "{{ udev_rules }}"
notify: reload udev notify: reload udev

View File

@ -2,7 +2,7 @@
# vim:ft=ansible: # vim:ft=ansible:
--- ---
- name: restart zerotier - name: restart zerotier
systemd: ansible.builtin.systemd:
daemon_reload: yes daemon_reload: yes
name: zerotier-one.service name: zerotier-one.service
state: restarted state: restarted

View File

@ -4,24 +4,24 @@
- name: configure zerotier for apt - name: configure zerotier for apt
block: block:
- name: ensure zerotier repo key - name: ensure zerotier repo key
apt_key: url="{{ zerotier_repo_deb_key }}" ansible.builtin.apt_key: url="{{ zerotier_repo_deb_key }}"
- name: ensure zerotier repo - name: ensure zerotier repo
apt_repository: repo="{{ zerotier_repo_deb }}" ansible.builtin.apt_repository: repo="{{ zerotier_repo_deb }}"
- name: update apt cache - name: update apt cache
apt: update_cache=yes cache_valid_time=86400 ansible.builtin.apt: update_cache=yes cache_valid_time=86400
- name: ensure packages - name: ensure packages
apt: name=zerotier-one ansible.builtin.apt: name=zerotier-one
when: ansible_pkg_mgr == "apt" when: ansible_pkg_mgr == "apt"
- name: template unit file - name: template unit file
template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644 ansible.builtin.template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644
notify: restart zerotier notify: restart zerotier
- name: join networks - name: join networks
command: ansible.builtin.command:
argv: [ zerotier-cli, join, "{{ item }}" ] argv: [ zerotier-cli, join, "{{ item }}" ]
with_items: "{{ zerotier_networks_join }}" with_items: "{{ zerotier_networks_join }}"
changed_when: no changed_when: no
- name: leave networks - name: leave networks
command: ansible.builtin.command:
argv: [ zerotier-cli, leave, "{{ item }}" ] argv: [ zerotier-cli, leave, "{{ item }}" ]
register: zerotierleave register: zerotierleave
with_items: "{{ zerotier_networks_leave }}" with_items: "{{ zerotier_networks_leave }}"