diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000000000000000000000000000000000000..8d40d067c46c42adf88f5922bc7fc9c6407ce7bb --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,7 @@ +--- +warn_list: # or 'skip_list' to silence them completely + - git-latest # Git checkouts must contain explicit version + - ignore-errors # Use failed_when and specify error conditions instead of using ignore_errors + - no-changed-when # Commands should not change things if nothing needs doing + - no-handler # Tasks that run when changed should likely be handlers + - package-latest # Package installs should not use latest diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000000000000000000000000000000000000..fbebdb8c3eabfec06b071490a73331e2e80152fe --- /dev/null +++ b/.yamllint @@ -0,0 +1,39 @@ +--- +# Based on ansible-lint config +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + colons: + max-spaces-after: -1 + level: error + commas: + max-spaces-after: -1 + level: error + # comments enable + comments: enable + comments-indentation: enable + document-start: enable + empty-lines: + max: 3 + level: error + hyphens: + level: error + indentation: + level: warning + indent-sequences: consistent + spaces: 4 + check-multi-line-strings: true + key-duplicates: enable + line-length: disable + new-line-at-end-of-file: enable + new-lines: + type: unix + # trailing-spaces enable + trailing-spaces: enable + truthy: enable diff --git a/handlers/main.yml b/handlers/main.yml index 0622d141b978e3b379c7f8f9a0db1be7e5102dfc..792f16e71022a3d7d92f47dc1663bcbb77ecaee8 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,4 +1,4 @@ --- # handlers file for gitlab -- name: reconfigure gitlab - command: gitlab-ctl reconfigure +- name: Reconfigure gitlab + ansible.builtin.command: gitlab-ctl reconfigure diff --git a/meta/main.yml b/meta/main.yml index ce822b35d8743dbe9a8ca2b53cfce6378752b81c..cc66855fe0fd862b078d12b5a3049dabc972ab0e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,13 +1,13 @@ --- galaxy_info: - author: Rémi - description: Role for deploying and configuring GitLab CE edition - company: Le Filament (https://le-filament.com) - license: AGPL-3.0-or-later - min_ansible_version: 2.1 - platforms: - - name: Ubuntu - versions: - - focal - galaxy_tags: - - gitlab + author: lefilament + description: Role for deploying and configuring GitLab CE edition + company: Le Filament (https://le-filament.com) + license: AGPL-3.0-or-later + min_ansible_version: "2.1" + platforms: + - name: Ubuntu + versions: + - focal + galaxy_tags: + - gitlab diff --git a/tasks/main.yml b/tasks/main.yml index 8df3c5ea0a5fbf144e0d5e24b8f84147ddc984de..a492df670c09d4a2c4fe1ca56928506c9b8aa5a3 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,76 +1,75 @@ --- - name: Install apt-transport-https package - package: - name: apt-transport-https - state: latest + ansible.builtin.package: + name: apt-transport-https + state: latest async: 120 poll: 10 when: ansible_os_family == "Debian" and not ansible_check_mode # INSTALLATION - name: Add GitLab GPG key to APT - get_url: - url: "{{ gitlab_gpg_key_url }}" - dest: /etc/apt/trusted.gpg.d/gitlab.asc - mode: '0644' + ansible.builtin.get_url: + url: "{{ gitlab_gpg_key_url }}" + dest: /etc/apt/trusted.gpg.d/gitlab.asc + mode: '0644' when: ansible_os_family == "Debian" - name: Add GitLab repo to APT repositories - apt_repository: - repo: deb {{ gitlab_packages_url }}/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} main - update_cache: true + ansible.builtin.apt_repository: + repo: deb {{ gitlab_packages_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main + update_cache: true when: ansible_os_family == "Debian" - name: Install GitLab package - package: - name: "{{ packages_to_install }}" - state: latest + ansible.builtin.package: + name: "{{ packages_to_install }}" + state: latest async: 900 poll: 10 when: not ansible_check_mode - name: Check installed GitLab package - package: - name: gitlab-ce - state: latest + ansible.builtin.package: + name: gitlab-ce + state: latest when: ansible_check_mode - name: Install necessary python modules - pip: - name: ['python-swiftclient', 'python-keystoneclient'] - state: latest + ansible.builtin.pip: + name: ['python-swiftclient', 'python-keystoneclient'] + state: latest # CONFIGURATION - name: Install gitlab configuration file - template: - src: gitlab.rb.j2 - dest: "/etc/gitlab/gitlab.rb" - owner: root - group: root - mode: '0600' - notify: reconfigure gitlab - + ansible.builtin.template: + src: gitlab.rb.j2 + dest: "/etc/gitlab/gitlab.rb" + owner: root + group: root + mode: '0600' + notify: Reconfigure gitlab # BACKUP - name: Copy Backup scripts on server - template: - src: "{{ item }}.j2" - dest: /root/{{ item }} - owner: root - group: root - mode: '0700' + ansible.builtin.template: + src: "{{ item }}.j2" + dest: /root/{{ item }} + owner: root + group: root + mode: '0700' with_items: '{{ backup_scripts }}' when: inventory_hostname in groups.maintenance_contract - name: Add cron job to execute backup - cron: - name: "{{ item.name }}" - minute: "{{ item.minute | default('*') }}" - hour: "{{ item.hour | default('*') }}" - weekday: "{{ item.weekday | default('*') }}" - job: "{{ item.job }}" + ansible.builtin.cron: + name: "{{ item.name }}" + minute: "{{ item.minute | default('*') }}" + hour: "{{ item.hour | default('*') }}" + weekday: "{{ item.weekday | default('*') }}" + job: "{{ item.job }}" with_items: '{{ backup_crons }}' loop_control: - label: '{{ item.name }}' + label: '{{ item.name }}' when: inventory_hostname in groups.maintenance_contract diff --git a/vars/main.yml b/vars/main.yml index 0007088c2bb8f7e1ecf272241f817e2da03acae3..a11a0036ace381f7073dba4681719ee1158c58b0 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -2,31 +2,31 @@ gitlab_gpg_key_url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey gitlab_packages_url: https://packages.gitlab.com/gitlab/gitlab-ce packages_to_install: - - gitlab-ce - - duplicity - - python3-pip + - gitlab-ce + - duplicity + - python3-pip tmp_backup_dir: "/tmp/gitlab_backups/" backup_scripts: - - "local_gitlab_backup.sh" - - "push_gitlab_backup.sh" - - "push_gitlab_backup2.sh" + - "local_gitlab_backup.sh" + - "push_gitlab_backup.sh" + - "push_gitlab_backup2.sh" backup_crons: - - name: "remove old local gitlab backup" - job: "/usr/bin/find /var/opt/gitlab/backups/ -ctime +7 -delete" - weekday: 0 - hour: 4 - minute: 0 - - name: "local gitlab backup" - job: "/root/local_gitlab_backup.sh" - hour: 0 - minute: 35 - - name: "push gitlab backup 2" - job: "/root/push_gitlab_backup2.sh" - hour: 0 - minute: 50 - - name: "push gitlab backup" - job: "/root/push_gitlab_backup.sh" - hour: 1 - minute: 50 + - name: "remove old local gitlab backup" + job: "/usr/bin/find /var/opt/gitlab/backups/ -ctime +7 -delete" + weekday: 0 + hour: 4 + minute: 0 + - name: "local gitlab backup" + job: "/root/local_gitlab_backup.sh" + hour: 0 + minute: 35 + - name: "push gitlab backup 2" + job: "/root/push_gitlab_backup2.sh" + hour: 0 + minute: 50 + - name: "push gitlab backup" + job: "/root/push_gitlab_backup.sh" + hour: 1 + minute: 50