From 8b2ab7753dd1eb334c6f036c8aa229f051c3f99c Mon Sep 17 00:00:00 2001
From: Alexander Dahl <alex@netz39.de>
Date: Sat, 1 Mar 2025 21:21:22 +0100
Subject: [PATCH 1/3] :rotating_light: Fix linter warnings of type
'name[casing]'
ansible-lint reads like this:
name[casing]: All names should start with an uppercase letter.
While at it: Some task/handler names were slightly adapted to better
match what should be done.
---
host-beaker.yml | 4 ++--
host-platon.yml | 16 ++++++++--------
host-pottwal.yml | 4 ++--
host-radon.yml | 4 ++--
roles/apache/handlers/main.yml | 2 +-
roles/apache/tasks/main.yml | 4 ++--
roles/apache_letsencrypt/handlers/main.yml | 2 +-
roles/apache_letsencrypt/tasks/main.yml | 4 ++--
roles/dd24_dyndns_cron/handlers/main.yml | 2 +-
roles/dd24_dyndns_cron/tasks/main.yml | 2 +-
roles/desec_dyndns_cron/handlers/main.yml | 2 +-
roles/desec_dyndns_cron/tasks/main.yml | 2 +-
roles/nfs_host/handlers/main.yml | 2 +-
roles/nfs_host/tasks/main.yml | 6 +++---
roles/nginx_https_ingress/handlers/main.yml | 2 +-
roles/nginx_https_ingress/tasks/main.yml | 6 +++---
roles/setup_http_site_forward/handlers/main.yml | 2 +-
roles/setup_http_site_forward/tasks/main.yml | 4 ++--
roles/setup_http_site_proxy/handlers/main.yml | 2 +-
roles/setup_http_site_proxy/tasks/main.yml | 4 ++--
setup-ssh.yml | 8 ++++----
21 files changed, 42 insertions(+), 42 deletions(-)
diff --git a/host-beaker.yml b/host-beaker.yml
index ba571fa..2729426 100644
--- a/host-beaker.yml
+++ b/host-beaker.yml
@@ -9,7 +9,7 @@
tasks:
- - name: enable proxmox gui login for admin users
+ - name: Enable proxmox gui login for admin users
ansible.builtin.lineinfile:
path: /etc/pve/user.cfg
regexp: "^user:{{ item.logname }}@pam"
@@ -18,7 +18,7 @@
state: present
loop: "{{ users }}"
- - name: configure proxmox admin group
+ - name: Configure proxmox admin group
ansible.builtin.lineinfile:
path: /etc/pve/user.cfg
regexp: "^group:Admins:"
diff --git a/host-platon.yml b/host-platon.yml
index b16bb93..9a54416 100644
--- a/host-platon.yml
+++ b/host-platon.yml
@@ -63,7 +63,7 @@
owner: root
group: root
mode: '0644'
- notify: restart mosquitto
+ notify: Restart mosquitto service
### Sesam for SSH access
@@ -245,7 +245,7 @@
owner: root
group: root
mode: "0644"
- notify: restart rsyslog
+ notify: Restart rsyslog
### Asterisk
@@ -258,7 +258,7 @@
owner: root
group: root
mode: "0644"
- notify: restart asterisk
+ notify: Restart asterisk
- name: Set up extensions for asterisk
# This uses the variables gatekeeper_user and door_open_command
@@ -268,14 +268,14 @@
owner: root
group: root
mode: "0644"
- notify: restart asterisk
+ notify: Restart asterisk
- name: Ensure asterisk is in the right groups
ansible.builtin.user:
name: asterisk
groups: audio,i2c,gpio
append: yes
- notify: restart asterisk
+ notify: Restart asterisk
# Asterisk now executes shell scripts with reduced privileges, so we need to
# use sudo for I2C access.
@@ -304,19 +304,19 @@
handlers:
- - name: restart mosquitto
+ - name: Restart mosquitto service
service:
name: mosquitto
state: restarted
enabled: yes
- - name: restart rsyslog
+ - name: Restart rsyslog
service:
name: rsyslog
state: restarted
enabled: yes
- - name: restart asterisk
+ - name: Restart asterisk
service:
name: asterisk
state: restarted
diff --git a/host-pottwal.yml b/host-pottwal.yml
index ed32054..4f50ab5 100644
--- a/host-pottwal.yml
+++ b/host-pottwal.yml
@@ -642,7 +642,7 @@
src: templates/pottwal/renovate-cron.j2
dest: /etc/cron.hourly/renovate-bot
mode: "0700"
- notify: reload cron
+ notify: Reload cron
tags:
- renovate
@@ -658,7 +658,7 @@
name: apache2
state: restarted
- - name: reload cron
+ - name: Reload cron
ansible.builtin.shell:
cmd: service cron reload
# Use the shell call because the task sometimes has problems finding the service state
diff --git a/host-radon.yml b/host-radon.yml
index 4fd6c4f..92131c2 100644
--- a/host-radon.yml
+++ b/host-radon.yml
@@ -53,7 +53,7 @@
src: "templates/mosquitto.conf.j2"
dest: "{{ mosquitto_data }}/config/mosquitto.conf"
mode: 0644
- notify: restart mosquitto
+ notify: Restart mosquitto container
tags:
- mosquitto
@@ -226,7 +226,7 @@
- grafana-screenshot
handlers:
- - name: restart mosquitto
+ - name: Restart mosquitto container
docker_container:
name: mosquitto
state: started
diff --git a/roles/apache/handlers/main.yml b/roles/apache/handlers/main.yml
index e307af9..3f91a65 100644
--- a/roles/apache/handlers/main.yml
+++ b/roles/apache/handlers/main.yml
@@ -1,6 +1,6 @@
# Handlers for role apache
---
-- name: restart apache2
+- name: Restart apache2
service:
name: apache2
state: restarted
diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml
index 6bfa4da..9e7a82c 100644
--- a/roles/apache/tasks/main.yml
+++ b/roles/apache/tasks/main.yml
@@ -23,7 +23,7 @@
mode: "0644"
owner: root
group: root
- notify: restart apache2
+ notify: Restart apache2
- name: Add symlink to enable configuration
ansible.builtin.file:
@@ -32,4 +32,4 @@
state: link
owner: root
group: root
- notify: restart apache2
+ notify: Restart apache2
diff --git a/roles/apache_letsencrypt/handlers/main.yml b/roles/apache_letsencrypt/handlers/main.yml
index abf4ea1..a3c935a 100644
--- a/roles/apache_letsencrypt/handlers/main.yml
+++ b/roles/apache_letsencrypt/handlers/main.yml
@@ -1,6 +1,6 @@
# Handlers for role apache_letsencrypt
---
-- name: restart apache2
+- name: Restart apache2
service:
name: apache2
state: restarted
diff --git a/roles/apache_letsencrypt/tasks/main.yml b/roles/apache_letsencrypt/tasks/main.yml
index 6acb952..1294f2d 100644
--- a/roles/apache_letsencrypt/tasks/main.yml
+++ b/roles/apache_letsencrypt/tasks/main.yml
@@ -7,7 +7,7 @@
mode: "0644"
owner: root
group: root
- notify: restart apache2
+ notify: Restart apache2
- name: Add symlink to enable configuration
ansible.builtin.file:
@@ -17,4 +17,4 @@
mode: "0644"
owner: root
group: root
- notify: restart apache2
+ notify: Restart apache2
diff --git a/roles/dd24_dyndns_cron/handlers/main.yml b/roles/dd24_dyndns_cron/handlers/main.yml
index 49c802c..10ded8f 100644
--- a/roles/dd24_dyndns_cron/handlers/main.yml
+++ b/roles/dd24_dyndns_cron/handlers/main.yml
@@ -1,6 +1,6 @@
# handlers file for cron-dd24-dyndns
---
-- name: reload cron
+- name: Reload cron
ansible.builtin.shell:
cmd: service cron reload
warn: no
diff --git a/roles/dd24_dyndns_cron/tasks/main.yml b/roles/dd24_dyndns_cron/tasks/main.yml
index 5060260..7187267 100644
--- a/roles/dd24_dyndns_cron/tasks/main.yml
+++ b/roles/dd24_dyndns_cron/tasks/main.yml
@@ -13,6 +13,6 @@
owner: root
group: root
mode: "0644"
- notify: reload cron
+ notify: Reload cron
# There is ansible.builtin.cron, but this makes configuration much
# more complicated, so we stick to the template.
diff --git a/roles/desec_dyndns_cron/handlers/main.yml b/roles/desec_dyndns_cron/handlers/main.yml
index 76bb1a9..8017c9d 100644
--- a/roles/desec_dyndns_cron/handlers/main.yml
+++ b/roles/desec_dyndns_cron/handlers/main.yml
@@ -1,6 +1,6 @@
# handlers file for desec_dyndns_cron
---
-- name: reload cron
+- name: Reload cron
ansible.builtin.shell:
cmd: service cron reload
warn: no
diff --git a/roles/desec_dyndns_cron/tasks/main.yml b/roles/desec_dyndns_cron/tasks/main.yml
index d389fb7..921b8f6 100644
--- a/roles/desec_dyndns_cron/tasks/main.yml
+++ b/roles/desec_dyndns_cron/tasks/main.yml
@@ -13,6 +13,6 @@
owner: root
group: root
mode: "0644"
- notify: reload cron
+ notify: Reload cron
# There is ansible.builtin.cron, but this makes configuration much
# more complicated, so we stick to the template.
diff --git a/roles/nfs_host/handlers/main.yml b/roles/nfs_host/handlers/main.yml
index 4cdcec5..c2a634d 100644
--- a/roles/nfs_host/handlers/main.yml
+++ b/roles/nfs_host/handlers/main.yml
@@ -1,3 +1,3 @@
---
-- name: reload nfs
+- name: Reload nfs
command: 'exportfs -ra'
diff --git a/roles/nfs_host/tasks/main.yml b/roles/nfs_host/tasks/main.yml
index a6423ff..4ad14c0 100644
--- a/roles/nfs_host/tasks/main.yml
+++ b/roles/nfs_host/tasks/main.yml
@@ -14,7 +14,7 @@
state: present
fs_type: ext4
-- name: ensure nfs mountpoints exist
+- name: Ensure nfs mountpoints exist
ansible.builtin.file:
path: "{{ item.directory }}"
state: directory
@@ -30,11 +30,11 @@
fstype: ext4
state: present
-- name: template /etc/exports
+- name: Put /etc/exports in place from template
ansible.builtin.template:
src: templates/exports.j2
dest: "/etc/exports"
- notify: reload nfs
+ notify: Reload nfs
- name: Ensure nfs is running.
ansible.builtin.service: "name=nfs-kernel-server state=started enabled=yes"
diff --git a/roles/nginx_https_ingress/handlers/main.yml b/roles/nginx_https_ingress/handlers/main.yml
index 53aebbb..66bf5d2 100644
--- a/roles/nginx_https_ingress/handlers/main.yml
+++ b/roles/nginx_https_ingress/handlers/main.yml
@@ -1,6 +1,6 @@
# Handlers für nginx-https-proxy
---
-- name: restart nginx
+- name: Restart nginx
service:
name: nginx
state: restarted
diff --git a/roles/nginx_https_ingress/tasks/main.yml b/roles/nginx_https_ingress/tasks/main.yml
index b922472..0eeed5f 100644
--- a/roles/nginx_https_ingress/tasks/main.yml
+++ b/roles/nginx_https_ingress/tasks/main.yml
@@ -56,7 +56,7 @@
owner: root
group: root
mode: '0644'
- notify: restart nginx
+ notify: Restart nginx
- name: Create directory for dehydrated forwardings
ansible.builtin.file:
@@ -74,7 +74,7 @@
group: root
mode: '0644'
loop: "{{ ingress }}"
- notify: restart nginx
+ notify: Restart nginx
- name: Setup nginx configuration
# Note the order here: The nginx configuration _needs_ he dehydrated-hosts
@@ -86,4 +86,4 @@
owner: root
group: root
mode: '0644'
- notify: restart nginx
+ notify: Restart nginx
diff --git a/roles/setup_http_site_forward/handlers/main.yml b/roles/setup_http_site_forward/handlers/main.yml
index 670471f..db1118f 100644
--- a/roles/setup_http_site_forward/handlers/main.yml
+++ b/roles/setup_http_site_forward/handlers/main.yml
@@ -1,5 +1,5 @@
---
-- name: restart apache2
+- name: Restart apache2
service:
name: apache2
state: restarted
diff --git a/roles/setup_http_site_forward/tasks/main.yml b/roles/setup_http_site_forward/tasks/main.yml
index cac1779..ca31f22 100644
--- a/roles/setup_http_site_forward/tasks/main.yml
+++ b/roles/setup_http_site_forward/tasks/main.yml
@@ -3,10 +3,10 @@
template:
src: templates/apache-docker-forward-site.j2
dest: /etc/apache2/sites-available/{{ site_name }}.conf
- notify: restart apache2
+ notify: Restart apache2
- name: Activate Apache2 site
command: a2ensite {{ site_name }}
args:
creates: /etc/apache2/sites-enabled/{{ site_name }}.conf
- notify: restart apache2
+ notify: Restart apache2
diff --git a/roles/setup_http_site_proxy/handlers/main.yml b/roles/setup_http_site_proxy/handlers/main.yml
index 670471f..db1118f 100644
--- a/roles/setup_http_site_proxy/handlers/main.yml
+++ b/roles/setup_http_site_proxy/handlers/main.yml
@@ -1,5 +1,5 @@
---
-- name: restart apache2
+- name: Restart apache2
service:
name: apache2
state: restarted
diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index c1f52d2..f644791 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -4,10 +4,10 @@
src: templates/apache-docker-proxy-site.j2
dest: /etc/apache2/sites-available/{{ site_name }}.conf
mode: "0644"
- notify: restart apache2
+ notify: Restart apache2
- name: Activate Apache2 site
command: a2ensite {{ site_name }}
args:
creates: /etc/apache2/sites-enabled/{{ site_name }}.conf
- notify: restart apache2
+ notify: Restart apache2
diff --git a/setup-ssh.yml b/setup-ssh.yml
index e5297a3..8494297 100644
--- a/setup-ssh.yml
+++ b/setup-ssh.yml
@@ -1,21 +1,21 @@
---
-- name: configure local ssh to access n39 hosts
+- name: Configure local ssh to access n39 hosts
hosts: localhost
tasks:
- - name: ensure {{ lookup('env', 'HOME') }}/.ssh/config.d/ dir is present
+ - name: Ensure {{ lookup('env', 'HOME') }}/.ssh/config.d/ dir is present
ansible.builtin.file:
path: "{{ lookup('env', 'HOME') }}/.ssh/config.d/"
state: directory
delegate_to: localhost
- - name: template ssh config for access to internal systems
+ - name: Put ssh config for access to n39 internal systems in place
ansible.builtin.template:
src: templates/ssh_config.j2
dest: "{{ lookup('env', 'HOME') }}/.ssh/config.d/n39_config"
delegate_to: localhost
- - name: ensure that n39 access config is included
+ - name: Ensure that n39 access config is included
ansible.builtin.lineinfile:
path: ~/.ssh/config
insertbefore: BOF
From e3d2e8a31b3ced4c0570a233f76c4f447ff4773e Mon Sep 17 00:00:00 2001
From: Alexander Dahl <alex@netz39.de>
Date: Sat, 1 Mar 2025 22:09:10 +0100
Subject: [PATCH 2/3] :rotating_light: Fix linter warning of type
'name[template]'
This warning:
name[template]: Jinja templates should only be at the end of 'name'
setup-ssh.yml:6 Task/Handler: Ensure {{ lookup('env', 'HOME') }}/.ssh/config.d/ dir is present
Reason for that warning is thin. Using the actual home dir here adds
not much value, so keep it symbolic.
Link: https://ansible.readthedocs.io/projects/lint/rules/name/
---
setup-ssh.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setup-ssh.yml b/setup-ssh.yml
index 8494297..58fcbcd 100644
--- a/setup-ssh.yml
+++ b/setup-ssh.yml
@@ -3,7 +3,7 @@
hosts: localhost
tasks:
- - name: Ensure {{ lookup('env', 'HOME') }}/.ssh/config.d/ dir is present
+ - name: Ensure $HOME/.ssh/config.d/ dir is present
ansible.builtin.file:
path: "{{ lookup('env', 'HOME') }}/.ssh/config.d/"
state: directory
From bc43af38d95bd1814d9e5fb095e031f890361505 Mon Sep 17 00:00:00 2001
From: Alexander Dahl <alex@netz39.de>
Date: Sun, 2 Mar 2025 09:22:05 +0100
Subject: [PATCH 3/3] :rotating_light: Add names to plays to fix name[play]
linter warnings
Adds basic descriptions on what those host are supposed to do.
---
group-all.yml | 5 ++---
group-docker_host.yml | 6 ++++--
group-k3s.yml | 3 ++-
group-proxmox.yml | 3 ++-
host-beaker.yml | 3 ++-
host-hobbes.yml | 3 ++-
host-holmium.yml | 3 ++-
host-krypton.yml | 3 ++-
host-oganesson.yml | 3 ++-
host-platon.yml | 3 ++-
host-plumbum.yml | 3 ++-
host-pottwal.yml | 3 ++-
host-radon.yml | 3 ++-
host-tau.yml | 3 ++-
host-unicorn.yml | 3 ++-
host-wittgenstein.yml | 3 ++-
16 files changed, 34 insertions(+), 19 deletions(-)
diff --git a/group-all.yml b/group-all.yml
index 2d95128..b99f764 100644
--- a/group-all.yml
+++ b/group-all.yml
@@ -1,7 +1,6 @@
---
-# tasks for all hosts
-
-- hosts: all
+- name: Tasks for all hosts
+ hosts: all
become: true
vars:
diff --git a/group-docker_host.yml b/group-docker_host.yml
index 08cfb2c..345f007 100644
--- a/group-docker_host.yml
+++ b/group-docker_host.yml
@@ -1,11 +1,13 @@
---
-- hosts: docker_host
+- name: Tasks for docker hosts
+ hosts: docker_host
become: true
roles:
- role: netz39.host_docker
-- hosts: docker_host:&location_space
+- name: Tasks for docker hosts at location space
+ hosts: docker_host:&location_space
become: true
roles:
diff --git a/group-k3s.yml b/group-k3s.yml
index 22c521d..96917bf 100644
--- a/group-k3s.yml
+++ b/group-k3s.yml
@@ -1,5 +1,6 @@
---
-- hosts: k3s
+- name: Tasks for kubernetes hosts
+ hosts: k3s
become: true
tasks:
diff --git a/group-proxmox.yml b/group-proxmox.yml
index 6ec32bb..d95a857 100644
--- a/group-proxmox.yml
+++ b/group-proxmox.yml
@@ -1,5 +1,6 @@
---
-- hosts: proxmox
+- name: Tasks for virtual machines on proxmox host
+ hosts: proxmox
become: true
tasks:
diff --git a/host-beaker.yml b/host-beaker.yml
index 2729426..4eb5817 100644
--- a/host-beaker.yml
+++ b/host-beaker.yml
@@ -1,5 +1,6 @@
---
-- hosts: beaker.n39.eu
+- name: Setup things on host 'beaker' (proxmox server im space)
+ hosts: beaker.n39.eu
become: true
vars:
diff --git a/host-hobbes.yml b/host-hobbes.yml
index af2ec88..618d07f 100644
--- a/host-hobbes.yml
+++ b/host-hobbes.yml
@@ -1,5 +1,6 @@
---
-- hosts: hobbes.n39.eu
+- name: Setup things on host 'hobbes' (raspberry pi for kiosk screen)
+ hosts: hobbes.n39.eu
become: true
vars:
diff --git a/host-holmium.yml b/host-holmium.yml
index 006f314..948f705 100644
--- a/host-holmium.yml
+++ b/host-holmium.yml
@@ -1,5 +1,6 @@
---
-- hosts: holmium.n39.eu
+- name: Setup things on host 'holmium' (http ingress vm)
+ hosts: holmium.n39.eu
become: true
vars:
diff --git a/host-krypton.yml b/host-krypton.yml
index e9119ca..8f0df64 100644
--- a/host-krypton.yml
+++ b/host-krypton.yml
@@ -1,5 +1,6 @@
---
-- hosts: krypton.n39.eu
+- name: Setup things on host 'krypton' (ldap vm)
+ hosts: krypton.n39.eu
become: true
vars:
diff --git a/host-oganesson.yml b/host-oganesson.yml
index ed2e5a0..a4cc596 100644
--- a/host-oganesson.yml
+++ b/host-oganesson.yml
@@ -1,5 +1,6 @@
---
-- hosts: oganesson.n39.eu
+- name: Setup things on host 'oganesson' (ssh jump host vm)
+ hosts: oganesson.n39.eu
become: true
vars:
diff --git a/host-platon.yml b/host-platon.yml
index 9a54416..fa03f70 100644
--- a/host-platon.yml
+++ b/host-platon.yml
@@ -1,5 +1,6 @@
---
-- hosts: platon.n39.eu
+- name: Setup things on host 'platon' (raspberry pi for entrance door)
+ hosts: platon.n39.eu
become: true
vars:
ansible_python_interpreter: /usr/bin/python3
diff --git a/host-plumbum.yml b/host-plumbum.yml
index e0c3433..19875f6 100644
--- a/host-plumbum.yml
+++ b/host-plumbum.yml
@@ -1,5 +1,6 @@
---
-- hosts: plumbum.n39.eu
+- name: Setup things on host 'plumbum' (nfs server)
+ hosts: plumbum.n39.eu
become: true
roles:
diff --git a/host-pottwal.yml b/host-pottwal.yml
index 4f50ab5..2f52a77 100644
--- a/host-pottwal.yml
+++ b/host-pottwal.yml
@@ -1,5 +1,6 @@
---
-- hosts: pottwal.n39.eu
+- name: Setup things on host 'pottwal' (the big docker container host)
+ hosts: pottwal.n39.eu
become: true
roles:
diff --git a/host-radon.yml b/host-radon.yml
index 92131c2..8b2d78d 100644
--- a/host-radon.yml
+++ b/host-radon.yml
@@ -1,5 +1,6 @@
---
-- hosts: radon.n39.eu
+- name: Setup things on host 'radon' (services for space automation)
+ hosts: radon.n39.eu
become: true
vars:
diff --git a/host-tau.yml b/host-tau.yml
index 64c7c56..5281c54 100644
--- a/host-tau.yml
+++ b/host-tau.yml
@@ -1,5 +1,6 @@
---
-- hosts: tau.netz39.de
+- name: Setup things on host 'tau' (vserver for wiki etc.)
+ hosts: tau.netz39.de
become: true
vars:
diff --git a/host-unicorn.yml b/host-unicorn.yml
index a6fe8d5..362b119 100644
--- a/host-unicorn.yml
+++ b/host-unicorn.yml
@@ -1,6 +1,7 @@
---
# this is for a dedicated vm just hosting the unifi controller.
-- hosts: unicorn.n39.eu
+- name: Setup things on host 'unicorn' (vm for ubiquiti unifi controller)
+ hosts: unicorn.n39.eu
become: true
vars:
ansible_python_interpreter: /usr/bin/python3
diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml
index 1676da0..a67c2c3 100644
--- a/host-wittgenstein.yml
+++ b/host-wittgenstein.yml
@@ -1,5 +1,6 @@
---
-- hosts: wittgenstein.n39.eu
+- name: Setup things on host 'wittgenstein' (raspberry pi for ampel and spaceapi)
+ hosts: wittgenstein.n39.eu
become: true
roles: