From 49dd796a05d2f812427ca20f3e5954d43e8aa5e7 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:40:23 +0100 Subject: [PATCH 1/9] :rotating_light: Modernize ansible-lint silence markup Fixes the following warning when running `ansible-lint`: WARNING Replaced outdated tag '503' with 'no-handler', replace it to avoid future regressions Link: https://ansible.readthedocs.io/projects/lint/rules/no-handler/ --- host-platon.yml | 2 +- host-wittgenstein.yml | 2 +- roles/docker_setup/tasks/main.yml | 2 +- roles/nginx_https_ingress/tasks/main.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/host-platon.yml b/host-platon.yml index 41d033c..b16bb93 100644 --- a/host-platon.yml +++ b/host-platon.yml @@ -141,7 +141,7 @@ mode: "0644" register: wiringPi_copy - - name: Install wiringPi library # noqa 503 + - name: Install wiringPi library # noqa: no-handler ansible.builtin.apt: state: present deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb" diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml index c770b5f..955b425 100644 --- a/host-wittgenstein.yml +++ b/host-wittgenstein.yml @@ -94,7 +94,7 @@ force: no register: wiringPi_download - - name: Install wiringPi library # noqa 503 + - name: Install wiringPi library # noqa: no-handler ansible.builtin.apt: state: present deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb" diff --git a/roles/docker_setup/tasks/main.yml b/roles/docker_setup/tasks/main.yml index cdfedfb..5a42436 100644 --- a/roles/docker_setup/tasks/main.yml +++ b/roles/docker_setup/tasks/main.yml @@ -34,7 +34,7 @@ dest: /etc/apt/sources.list.d/docker.list register: apt_repo -- name: Update package cache # noqa 503 +- name: Update package cache # noqa: no-handler ansible.builtin.apt: update_cache: true when: apt_repo.changed diff --git a/roles/nginx_https_ingress/tasks/main.yml b/roles/nginx_https_ingress/tasks/main.yml index 64884a5..aa5a4bb 100644 --- a/roles/nginx_https_ingress/tasks/main.yml +++ b/roles/nginx_https_ingress/tasks/main.yml @@ -33,7 +33,7 @@ src: files/apt-preference-99nginx dest: /etc/apt/preferences.d/99nginx -- name: Update package cache # noqa 503 +- name: Update package cache # noqa: no-handler ansible.builtin.apt: update_cache: true when: apt_repo.changed From 3730c67be004b2fd330e42228eb9d754c8d952f1 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:49:57 +0100 Subject: [PATCH 2/9] :rotating_light: Add newline at eof Fixes the following ansible-lint warning: yaml[new-line-at-end-of-file]: No new line character at the end of file group-k3s.yml:9 --- group-k3s.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group-k3s.yml b/group-k3s.yml index e653d64..22c521d 100644 --- a/group-k3s.yml +++ b/group-k3s.yml @@ -6,4 +6,4 @@ - name: Ensure nfs-common is installed on k3s VMs ansible.builtin.apt: pkg: nfs-common - state: present \ No newline at end of file + state: present From fa7e94403f7351e855ab9e255ea1f69733ea2163 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:52:39 +0100 Subject: [PATCH 3/9] :rotating_light: Remove extra spaces Fixes the following ansible-lint warning: yaml[colons]: Too many spaces after colon host-wittgenstein.yml:149 --- host-wittgenstein.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml index 955b425..07539a1 100644 --- a/host-wittgenstein.yml +++ b/host-wittgenstein.yml @@ -146,7 +146,7 @@ TZ: "{{ timezone }}" MQTT_BROKER: "platon.n39.eu" MQTT_TOPIC_STATUS: "{{ spaceapi_topic_status }}" - MQTT_TOPIC_LASTCHANGE: "{{ spaceapi_topic_lastchange }}" + MQTT_TOPIC_LASTCHANGE: "{{ spaceapi_topic_lastchange }}" tags: - spaceapi From a9e5a509a5568814e884409f1a17dbfb203aeaec Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:55:53 +0100 Subject: [PATCH 4/9] :rotating_light: Fix wrong indentation Fixes the following ansible-lint warnings: yaml[indentation]: Wrong indentation: expected 6 but found 4 roles/nfs-host/tasks/main.yml:6 yaml[indentation]: Wrong indentation: expected 6 but found 4 roles/nginx_https_ingress/tasks/main.yml:11 yaml[indentation]: Wrong indentation: expected 6 but found 4 roles/nginx_https_ingress/tasks/main.yml:48 --- roles/nfs-host/tasks/main.yml | 6 +++--- roles/nginx_https_ingress/tasks/main.yml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/nfs-host/tasks/main.yml b/roles/nfs-host/tasks/main.yml index c1ac52d..a6423ff 100644 --- a/roles/nfs-host/tasks/main.yml +++ b/roles/nfs-host/tasks/main.yml @@ -3,9 +3,9 @@ ansible.builtin.apt: state: present name: - - nfs-kernel-server - - nfs-common - - parted + - nfs-kernel-server + - nfs-common + - parted - name: Create a new ext4 primary partition community.general.parted: diff --git a/roles/nginx_https_ingress/tasks/main.yml b/roles/nginx_https_ingress/tasks/main.yml index aa5a4bb..b922472 100644 --- a/roles/nginx_https_ingress/tasks/main.yml +++ b/roles/nginx_https_ingress/tasks/main.yml @@ -8,9 +8,9 @@ ansible.builtin.apt: state: present name: - - apt-transport-https - - ca-certificates - - gnupg2 + - apt-transport-https + - ca-certificates + - gnupg2 ### Setup APT cache for the nginx repository # @@ -45,7 +45,7 @@ state: present name: # This version of nginx comes with the ngx_stream_core_module module - - nginx + - nginx ### Configuration From 42710413d774f8c6d4ba97e76073fc6c4dc4ef4a Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:57:30 +0100 Subject: [PATCH 5/9] :rotating_light: Add missing document start Fixes the following ansible-lint warning: yaml[document-start]: Missing document start "---" host_vars/wittgenstein.n39.eu/vars.yml:1 --- host_vars/wittgenstein.n39.eu/vars.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/host_vars/wittgenstein.n39.eu/vars.yml b/host_vars/wittgenstein.n39.eu/vars.yml index 6479b44..6bca558 100644 --- a/host_vars/wittgenstein.n39.eu/vars.yml +++ b/host_vars/wittgenstein.n39.eu/vars.yml @@ -1,3 +1,4 @@ +--- server_admin: "admin+wittgenstein@netz39.de" mac: "b8:27:eb:48:f1:59" ansible_python_interpreter: /usr/bin/python3 From cbbcccdcaeca0f1e608b53b49f4253cacd23461e Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 21:58:48 +0100 Subject: [PATCH 6/9] :rotating_light: Remove extra blank line Fixes the following ansible-lint warning: yaml[empty-lines]: Too many blank lines (1 > 0) host_vars/radon.n39.eu/vars.yml:14 --- host_vars/radon.n39.eu/vars.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/host_vars/radon.n39.eu/vars.yml b/host_vars/radon.n39.eu/vars.yml index e224d5c..0fe0902 100644 --- a/host_vars/radon.n39.eu/vars.yml +++ b/host_vars/radon.n39.eu/vars.yml @@ -11,4 +11,3 @@ kiosk_grafana_user: "{{ vault_kiosk_grafana_user }}" kiosk_grafana_pass: "{{ vault_kiosk_grafana_pass }}" kiosk_mqtt_host: "mqtt.n39.eu" kiosk_mqtt_topic: "Netz39/Things/HackingDashboard/Screenshot" - From a0021c4979497f396323dd74300753c9497dfcad Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Wed, 19 Feb 2025 22:01:13 +0100 Subject: [PATCH 7/9] :rotating_light: Add more spaces before comment Fixes the following ansible-lint warnings: yaml[comments]: Too few spaces before comment host-unicorn.yml:31 yaml[comments]: Too few spaces before comment host-wittgenstein.yml:143 --- host-unicorn.yml | 14 +++++++------- host-wittgenstein.yml | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/host-unicorn.yml b/host-unicorn.yml index ebe3987..2ccca3a 100644 --- a/host-unicorn.yml +++ b/host-unicorn.yml @@ -22,13 +22,13 @@ # These fixed ports are needed. # https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used ports: - - "8080:8080/tcp" # Device command/control - - "8443:8443/tcp" # Web interface + API - - "8843:8843/tcp" # HTTPS portal - - "8880:8880/tcp" # HTTP portal - - "3478:3478/udp" # STUN service - - "6789:6789/tcp" # Speed Test (unifi5 only) - - "10001:10001/udp" # Used for device discovery. + - "8080:8080/tcp" # Device command/control + - "8443:8443/tcp" # Web interface + API + - "8843:8843/tcp" # HTTPS portal + - "8880:8880/tcp" # HTTP portal + - "3478:3478/udp" # STUN service + - "6789:6789/tcp" # Speed Test (unifi5 only) + - "10001:10001/udp" # Used for device discovery. volumes: - "{{ data_dir }}/unifi-controller/data:/unifi/data" - "{{ data_dir }}/unifi-controller/log:/unifi/log" diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml index 07539a1..c7a6869 100644 --- a/host-wittgenstein.yml +++ b/host-wittgenstein.yml @@ -140,7 +140,7 @@ detach: yes restart_policy: unless-stopped ports: - - "0.0.0.0:{{ spaceapi_host_port }}:8080" # Must be reached by pottwal + - "0.0.0.0:{{ spaceapi_host_port }}:8080" # Must be reached by pottwal # - "127.0.0.1:{{ spaceapi_host_port }}:8080" env: TZ: "{{ timezone }}" From 41ab4622b338b20f8bdb65f757b01dff77a9876a Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Thu, 20 Feb 2025 06:43:59 +0100 Subject: [PATCH 8/9] :rotating_light: Fix trivial jinja spacing warnings Fixes the following ansible-lint warnings: jinja[spacing]: Jinja2 spacing could be improved: group:Admins:{{ users | map(attribute = 'logname') | join("@pam,") }}@pam:: -> group:Admins:{{ users | map(attribute='logname') | join("@pam,") }}@pam:: (warning) host-beaker.yml:23 Jinja2 template rewrite recommendation: `group:Admins:{{ users | map(attribute='logname') | join("@pam,") }}@pam::`. jinja[spacing]: Jinja2 spacing could be improved: {{ docker_ip_ranges }} -> {{ docker_ip_ranges }} (warning) host-krypton.yml:95 Jinja2 template rewrite recommendation: `{{ docker_ip_ranges }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ item }} -> {{ item }} (warning) host-krypton.yml:98 Jinja2 template rewrite recommendation: `{{ item }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ docker_ip_ranges }} -> {{ docker_ip_ranges }} (warning) host-krypton.yml:105 Jinja2 template rewrite recommendation: `{{ docker_ip_ranges }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ item }} -> {{ item }} (warning) host-krypton.yml:108 Jinja2 template rewrite recommendation: `{{ item }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ cleanuri_amqp_user }} -> {{ cleanuri_amqp_user }} (warning) roles/cleanuri/tasks/main.yml:36 Jinja2 template rewrite recommendation: `{{ cleanuri_amqp_user }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ cleanuri_amqp_user }} -> {{ cleanuri_amqp_user }} (warning) roles/cleanuri/tasks/main.yml:53 Jinja2 template rewrite recommendation: `{{ cleanuri_amqp_user }}`. jinja[spacing]: Jinja2 spacing could be improved: {{ cleanuri_amqp_user }} -> {{ cleanuri_amqp_user }} (warning) roles/cleanuri/tasks/main.yml:70 Jinja2 template rewrite recommendation: `{{ cleanuri_amqp_user }}`. --- host-beaker.yml | 2 +- host-krypton.yml | 8 ++++---- roles/cleanuri/tasks/main.yml | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/host-beaker.yml b/host-beaker.yml index 1cf198c..ba571fa 100644 --- a/host-beaker.yml +++ b/host-beaker.yml @@ -22,6 +22,6 @@ ansible.builtin.lineinfile: path: /etc/pve/user.cfg regexp: "^group:Admins:" - line: "group:Admins:{{ users | map(attribute = 'logname') | join(\"@pam,\") }}@pam::" + line: "group:Admins:{{ users | map(attribute='logname') | join(\"@pam,\") }}@pam::" handlers: diff --git a/host-krypton.yml b/host-krypton.yml index 7a45ca0..2623afa 100644 --- a/host-krypton.yml +++ b/host-krypton.yml @@ -98,9 +98,9 @@ rule: allow port: '389' proto: tcp - from: "{{ item }}" + from: "{{ item }}" comment: LDAP Docker Access - loop: "{{ docker_ip_ranges }}" + loop: "{{ docker_ip_ranges }}" - name: Allow access to openLDAP from local docker container [2/2] become: true @@ -108,9 +108,9 @@ rule: allow port: '636' proto: tcp - from: "{{ item }}" + from: "{{ item }}" comment: LDAP Docker Access - loop: "{{ docker_ip_ranges }}" + loop: "{{ docker_ip_ranges }}" - name: Ensure container for entities validation service is running diff --git a/roles/cleanuri/tasks/main.yml b/roles/cleanuri/tasks/main.yml index b968729..9490a6f 100644 --- a/roles/cleanuri/tasks/main.yml +++ b/roles/cleanuri/tasks/main.yml @@ -35,7 +35,7 @@ env: TZ: "{{ timezone }}" AMQP_HOST: "{{ cleanuri_amqp_host }}" - AMQP_USER: "{{ cleanuri_amqp_user }}" + AMQP_USER: "{{ cleanuri_amqp_user }}" AMQP_PASS: "{{ cleanuri_amqp_pass }}" AMQP_VHOST: "{{ cleanuri_amqp_vhost }}" GATEWAY_RESULT_QUEUE: "{{ cleanuri_amqp_results }}" @@ -52,7 +52,7 @@ env: TZ: "{{ timezone }}" AMQP_HOST: "{{ cleanuri_amqp_host }}" - AMQP_USER: "{{ cleanuri_amqp_user }}" + AMQP_USER: "{{ cleanuri_amqp_user }}" AMQP_PASS: "{{ cleanuri_amqp_pass }}" AMQP_VHOST: "{{ cleanuri_amqp_vhost }}" CANONIZER_TASK_QUEUE: "{{ cleanuri_amqp_canonizer }}" @@ -69,7 +69,7 @@ env: TZ: "{{ timezone }}" AMQP_HOST: "{{ cleanuri_amqp_host }}" - AMQP_USER: "{{ cleanuri_amqp_user }}" + AMQP_USER: "{{ cleanuri_amqp_user }}" AMQP_PASS: "{{ cleanuri_amqp_pass }}" AMQP_VHOST: "{{ cleanuri_amqp_vhost }}" EXTRACTION_TASK_QUEUE: "{{ cleanuri_amqp_retrieval }}" From 71f68604d70ba231cb453f33b5a2946e8b71c02e Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Thu, 20 Feb 2025 08:07:01 +0100 Subject: [PATCH 9/9] :wrench: yamllint: Disable comment-indentation warnings Looked at the first three or five warnings, and those all look sane. The linter seems to be overly picky here. ansible-lint is happy about yaml now: % ansible-lint -t yaml Passed with production profile: 0 failure(s), 0 warning(s) on 142 files. Link: https://yamllint.readthedocs.io/en/stable/rules.html#module-yamllint.rules.comments_indentation --- .yamllint | 1 + 1 file changed, 1 insertion(+) diff --git a/.yamllint b/.yamllint index 2522155..6e223ae 100644 --- a/.yamllint +++ b/.yamllint @@ -2,6 +2,7 @@ extends: default rules: + comments-indentation: disable line-length: disable truthy: allowed-values: