[UPD] ansible-lint

d7f31419 · Rémi - Le Filament · ee58c4dc · d7f31419 · d7f31419 · d7f31419
--- a/.ansible-lint
+++ b/.ansible-lint
+---
+warn_list:  # or 'skip_list' to silence them completely
+    - git-latest  # Git checkouts must contain explicit version
+    - ignore-errors  # Use failed_when and specify error conditions instead of using ignore_errors
+    - no-changed-when  # Commands should not change things if nothing needs doing
+    - no-handler  # Tasks that run when changed should likely be handlers
+    - package-latest  # Package installs should not use latest
--- a/.yamllint
+++ b/.yamllint
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+    braces:
+        max-spaces-inside: 1
+        level: error
+    brackets:
+        max-spaces-inside: 1
+        level: error
+    colons:
+        max-spaces-after: -1
+        level: error
+    commas:
+        max-spaces-after: -1
+        level: error
+    # comments enable
+    comments: enable
+    comments-indentation: enable
+    document-start: enable
+    empty-lines:
+        max: 3
+        level: error
+    hyphens:
+        level: error
+    indentation:
+        level: warning
+        indent-sequences: consistent
+        spaces: 4
+        check-multi-line-strings: true
+    key-duplicates: enable
+    line-length: disable
+    new-line-at-end-of-file: enable
+    new-lines:
+        type: unix
+    # trailing-spaces enable
+    trailing-spaces: enable
+    truthy: enable
--- a/handlers/main.yml
+++ b/handlers/main.yml
 ---
- name: rebuild auth docker
-  docker_compose:
+- name: Rebuild auth docker
+  community.docker.docker_compose:
      project_src: /home/docker/auth
      build: true
      recreate: always
@@ -10,7 +10,7 @@
  poll: 10
  when: not ansible_check_mode

- name: start auth docker
-  docker_compose:
+- name: Start auth docker
+  community.docker.docker_compose:
      project_src: /home/docker/auth
      remove_orphans: true
--- a/meta/main.yml
+++ b/meta/main.yml
 ---
 galaxy_info:
-  author: Rémi
+    author: lefilament
    description: This role deploys LemonLDAP v1.9 together with LDAP for SSO authentication.
    company: Le Filament (https://le-filament.com)
    license: AGPL-3.0-or-later

--- a/tasks/main.yml
+++ b/tasks/main.yml
 ---
 - name: Create docker auth repo
-  file:
+  ansible.builtin.file:
    name: /home/docker/auth/sso
    state: directory
    owner: root
@@ -9,45 +9,45 @@

 ## Install Auth docker
 - name: Install lemonldap source repo file
-  copy:
+  ansible.builtin.copy:
    src: lemonldap-ng.list
    dest: /home/docker/auth/sso/lemonldap-ng.list
    owner: root
    group: root
    mode: '0400'
-  notify: rebuild auth docker
+  notify: Rebuild auth docker

 - name: Install Dockerfile for building lemonldap
-  template:
+  ansible.builtin.template:
    src: Dockerfile-sso.j2
    dest: /home/docker/auth/sso/Dockerfile
    owner: root
    group: root
    mode: '0400'
-  notify: rebuild auth docker
+  notify: Rebuild auth docker

 - name: Install nagios.conf for serving Nagios docker
-  template:
+  ansible.builtin.template:
    src: nagios.conf.apache2.j2
    dest: /home/docker/auth/sso/nagios.conf
    owner: root
    group: root
    mode: '0644'
  when: inventory_hostname in groups['docker_nagios']
-  notify: rebuild auth docker
+  notify: Rebuild auth docker

 - name: Install Auth docker architecture
-  template:
+  ansible.builtin.template:
    src: docker-compose.yaml.j2
    dest: /home/docker/auth/docker-compose.yaml
    owner: root
    group: root
    mode: '0400'
-  notify: start auth docker
+  notify: Start auth docker

 ## Backup Auth section
 - name: Install auth backup compose file
-  template:
+  ansible.builtin.template:
    src: backup.yaml.j2
    dest: /home/docker/backups/backup-auth.yaml
    owner: root
@@ -56,7 +56,7 @@
  when: inventory_hostname in groups['maintenance_contract']

 - name: Install auth backup2 compose file
-  template:
+  ansible.builtin.template:
    src: backup2.yaml.j2
    dest: /home/docker/backups/backup2-auth.yaml
    owner: root
@@ -64,24 +64,24 @@
    mode: '0400'
  when: inventory_hostname in groups['maintenance_contract']

- name: add cron job to run data backup every day
-  cron:
+- name: Add cron job to run data backup every day
+  ansible.builtin.cron:
    name: backup auth data
    minute: "45"
    hour: "00"
    job: /usr/bin/docker exec openldap slapcat -v > /home/docker/backups/ldap_backup.ldif ; chmod 400 /home/docker/backups/ldap_backup.ldif
  when: inventory_hostname in groups['maintenance_contract']

- name: add cron job to run backup every day
-  cron:
+- name: Add cron job to run backup every day
+  ansible.builtin.cron:
    name: push auth backup to openstack
    minute: "40"
    hour: "03"
    job: /usr/bin/docker-compose -f /home/docker/backups/backup-auth.yaml run --rm backup_auth
  when: inventory_hostname in groups['maintenance_contract']

- name: add cron job to run backup2 every day
-  cron:
+- name: Add cron job to run backup2 every day
+  ansible.builtin.cron:
    name: push auth backup2 to openstack
    minute: "50"
    hour: "00"