From f2aff9505c28bf9acc5d9b1f9844e17fac3248db Mon Sep 17 00:00:00 2001
From: Paul Maruhn <paulmaruhn@posteo.de>
Date: Mon, 15 Nov 2021 02:34:42 +0100
Subject: [PATCH] fix some linting comlaints
---
.ansible-lint | 2 ++
roles/base/tasks/gwvpn.yml | 1 +
roles/base/tasks/main.yml | 12 ++++++++----
roles/base/tasks/mesh-vpn.yml | 1 +
roles/base/tasks/powerdns.yml | 1 +
roles/base/tasks/units.yml | 10 ++++++++--
roles/base/tasks/update.yml | 8 ++++++--
roles/ffrhein-uplink/tasks/main.yml | 9 ++++++---
roles/icvpn/tasks/main.yml | 1 +
roles/icvpn/tasks/units.yml | 3 ++-
10 files changed, 36 insertions(+), 12 deletions(-)
create mode 100644 .ansible-lint
diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000..29a4403
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,2 @@
+skip_list:
+ - 208
\ No newline at end of file
diff --git a/roles/base/tasks/gwvpn.yml b/roles/base/tasks/gwvpn.yml
index c83b969..df0f4af 100644
--- a/roles/base/tasks/gwvpn.yml
+++ b/roles/base/tasks/gwvpn.yml
@@ -41,6 +41,7 @@
# download public keys to your local machine
- name: create public key files
shell:
+ creates: /etc/fastd/ffhl_mesh_gwvpn/pubkey.key
cmd: fastd --show-key -c /etc/fastd/ffhl_mesh_gwvpn/fastd.conf > /etc/fastd/ffhl_mesh_gwvpn/pubkey.key
- name: fetch public keys
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 15e8104..d20097c 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -54,8 +54,10 @@
- name: networkd templates
tags: [systemd-networkd]
block:
- - template: src=network/10-ffhl.netdev.j2 dest=/etc/systemd/network/10-ffhl.netdev
- - template: src=network/12-ffhl.network.j2 dest=/etc/systemd/network/12-ffhl.network
+ - name: apply network templates
+ template: src=network/10-ffhl.netdev.j2 dest=/etc/systemd/network/10-ffhl.netdev
+ - name: apply netowrk templates
+ template: src=network/12-ffhl.network.j2 dest=/etc/systemd/network/12-ffhl.network
- name: copy network configs
copy: src=systemd-networkd/ dest=/etc/systemd/network/
- name: restart systemd-networkd
@@ -66,8 +68,10 @@
- name: template iptables
tags: [iptables, network]
block:
- - template: src=iptables/rules.v4 dest=/etc/iptables/rules.v4
- - template: src=iptables/rules.v6 dest=/etc/iptables/rules.v6
+ - name: iptables4 template
+ template: src=iptables/rules.v4 dest=/etc/iptables/rules.v4
+ - name: iptables6 template
+ template: src=iptables/rules.v6 dest=/etc/iptables/rules.v6
- name: reload iptables
systemd:
state: restarted
diff --git a/roles/base/tasks/mesh-vpn.yml b/roles/base/tasks/mesh-vpn.yml
index 7734778..97216ee 100644
--- a/roles/base/tasks/mesh-vpn.yml
+++ b/roles/base/tasks/mesh-vpn.yml
@@ -32,6 +32,7 @@
repo: git@git.luebeck.freifunk.net:FreifunkLuebeck/fastd-keys.git
dest: /var/local/ffhl-mesh-vpn-peers
accept_hostkey: yes
+ version: HEAD
- name: add post-merge hook
template:
diff --git a/roles/base/tasks/powerdns.yml b/roles/base/tasks/powerdns.yml
index fc3158c..e55664f 100644
--- a/roles/base/tasks/powerdns.yml
+++ b/roles/base/tasks/powerdns.yml
@@ -26,6 +26,7 @@
repo: "{{ dns_repo_url }}"
dest: /var/local/ffhl-dns
accept_hostkey: yes
+ version: HEAD
- name: remove default bind-backend config
file:
diff --git a/roles/base/tasks/units.yml b/roles/base/tasks/units.yml
index 3441b35..ce21410 100644
--- a/roles/base/tasks/units.yml
+++ b/roles/base/tasks/units.yml
@@ -1,7 +1,13 @@
---
-- command: systemctl mask display-manager.service
-- command: systemctl daemon-reload
+- name: mask display-manager
+ systemd:
+ masked: yes
+ name: display-manager.service
+
+- name: reload systemd
+ systemd:
+ daemon_reload: yes
# - name: stop bird
# systemd:
diff --git a/roles/base/tasks/update.yml b/roles/base/tasks/update.yml
index 2dd4d01..1dbf223 100644
--- a/roles/base/tasks/update.yml
+++ b/roles/base/tasks/update.yml
@@ -1,8 +1,12 @@
---
-- lineinfile:
+
+- name: check and add apt sources.list contents
+ lineinfile:
path: /etc/apt/sources.list
regexp: '^deb .* main'
- line: deb http://deb.debian.org/debian stable main
+ line: deb http://deb.debian.org/debian bullseye main
+
- name: update the system
apt:
update_cache: yes
+ upgrade: safe
diff --git a/roles/ffrhein-uplink/tasks/main.yml b/roles/ffrhein-uplink/tasks/main.yml
index 11f43e2..4373961 100644
--- a/roles/ffrhein-uplink/tasks/main.yml
+++ b/roles/ffrhein-uplink/tasks/main.yml
@@ -1,6 +1,9 @@
---
-- lineinfile: state=present dest=/etc/iptables/iptables.rules line="-A POSTROUTING -o {{ snat_dev }} -j SNAT --to-source {{ snat_ip4 }}" insertafter="^\*nat$"
-- template: src=03-public-ip.network.j2 dest=/etc/systemd/network/03-public-ip.network
-- template: src=bird_ffrhein.conf.j2 dest=/etc/bird/bird_ffrhein.conf
+- name: add iptables rules
+ lineinfile: state=present dest=/etc/iptables/iptables.rules line="-A POSTROUTING -o {{ snat_dev }} -j SNAT --to-source {{ snat_ip4 }}" insertafter="^\*nat$"
+- name: add systemd-networkd .network configs
+ template: src=03-public-ip.network.j2 dest=/etc/systemd/network/03-public-ip.network
+- name: brid routing config
+ template: src=bird_ffrhein.conf.j2 dest=/etc/bird/bird_ffrhein.conf
tags:
- bird
diff --git a/roles/icvpn/tasks/main.yml b/roles/icvpn/tasks/main.yml
index 3fe5d8e..032a84a 100644
--- a/roles/icvpn/tasks/main.yml
+++ b/roles/icvpn/tasks/main.yml
@@ -30,6 +30,7 @@
git:
repo: https://github.com/freifunk/icvpn.git
dest: /etc/tinc/icvpn
+ version: HEAD
- name: apply config template
tags: [icvpn]
diff --git a/roles/icvpn/tasks/units.yml b/roles/icvpn/tasks/units.yml
index 5c645e8..c03a999 100644
--- a/roles/icvpn/tasks/units.yml
+++ b/roles/icvpn/tasks/units.yml
@@ -1,5 +1,6 @@
---
-- systemd:
+- name: restart and enable units
+ systemd:
enabled: yes
state: restarted
name: "{{ item }}"
--
GitLab