From 61f4d04c1e16186ab13a5d15a8117cbec987e7b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20-=20Le=20Filament?= <remi@le-filament.com>
Date: Wed, 5 Jul 2023 15:45:43 +0200
Subject: [PATCH] [UPD] ansible-lint
---
.ansible-lint | 7 +++++
.yamllint | 39 +++++++++++++++++++++++
handlers/main.yml | 4 +--
meta/main.yml | 22 ++++++-------
tasks/main.yml | 79 +++++++++++++++++++++++------------------------
vars/main.yml | 46 +++++++++++++--------------
6 files changed, 121 insertions(+), 76 deletions(-)
create mode 100644 .ansible-lint
create mode 100644 .yamllint
diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000..8d40d06
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,7 @@
+---
+warn_list: # or 'skip_list' to silence them completely
+ - git-latest # Git checkouts must contain explicit version
+ - ignore-errors # Use failed_when and specify error conditions instead of using ignore_errors
+ - no-changed-when # Commands should not change things if nothing needs doing
+ - no-handler # Tasks that run when changed should likely be handlers
+ - package-latest # Package installs should not use latest
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000..fbebdb8
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,39 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ # comments enable
+ comments: enable
+ comments-indentation: enable
+ document-start: enable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation:
+ level: warning
+ indent-sequences: consistent
+ spaces: 4
+ check-multi-line-strings: true
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: enable
+ new-lines:
+ type: unix
+ # trailing-spaces enable
+ trailing-spaces: enable
+ truthy: enable
diff --git a/handlers/main.yml b/handlers/main.yml
index 0622d14..792f16e 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,4 +1,4 @@
---
# handlers file for gitlab
-- name: reconfigure gitlab
- command: gitlab-ctl reconfigure
+- name: Reconfigure gitlab
+ ansible.builtin.command: gitlab-ctl reconfigure
diff --git a/meta/main.yml b/meta/main.yml
index ce822b3..cc66855 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,13 +1,13 @@
---
galaxy_info:
- author: RĂ©mi
- description: Role for deploying and configuring GitLab CE edition
- company: Le Filament (https://le-filament.com)
- license: AGPL-3.0-or-later
- min_ansible_version: 2.1
- platforms:
- - name: Ubuntu
- versions:
- - focal
- galaxy_tags:
- - gitlab
+ author: lefilament
+ description: Role for deploying and configuring GitLab CE edition
+ company: Le Filament (https://le-filament.com)
+ license: AGPL-3.0-or-later
+ min_ansible_version: "2.1"
+ platforms:
+ - name: Ubuntu
+ versions:
+ - focal
+ galaxy_tags:
+ - gitlab
diff --git a/tasks/main.yml b/tasks/main.yml
index 8df3c5e..a492df6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,76 +1,75 @@
---
- name: Install apt-transport-https package
- package:
- name: apt-transport-https
- state: latest
+ ansible.builtin.package:
+ name: apt-transport-https
+ state: latest
async: 120
poll: 10
when: ansible_os_family == "Debian" and not ansible_check_mode
# INSTALLATION
- name: Add GitLab GPG key to APT
- get_url:
- url: "{{ gitlab_gpg_key_url }}"
- dest: /etc/apt/trusted.gpg.d/gitlab.asc
- mode: '0644'
+ ansible.builtin.get_url:
+ url: "{{ gitlab_gpg_key_url }}"
+ dest: /etc/apt/trusted.gpg.d/gitlab.asc
+ mode: '0644'
when: ansible_os_family == "Debian"
- name: Add GitLab repo to APT repositories
- apt_repository:
- repo: deb {{ gitlab_packages_url }}/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} main
- update_cache: true
+ ansible.builtin.apt_repository:
+ repo: deb {{ gitlab_packages_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main
+ update_cache: true
when: ansible_os_family == "Debian"
- name: Install GitLab package
- package:
- name: "{{ packages_to_install }}"
- state: latest
+ ansible.builtin.package:
+ name: "{{ packages_to_install }}"
+ state: latest
async: 900
poll: 10
when: not ansible_check_mode
- name: Check installed GitLab package
- package:
- name: gitlab-ce
- state: latest
+ ansible.builtin.package:
+ name: gitlab-ce
+ state: latest
when: ansible_check_mode
- name: Install necessary python modules
- pip:
- name: ['python-swiftclient', 'python-keystoneclient']
- state: latest
+ ansible.builtin.pip:
+ name: ['python-swiftclient', 'python-keystoneclient']
+ state: latest
# CONFIGURATION
- name: Install gitlab configuration file
- template:
- src: gitlab.rb.j2
- dest: "/etc/gitlab/gitlab.rb"
- owner: root
- group: root
- mode: '0600'
- notify: reconfigure gitlab
-
+ ansible.builtin.template:
+ src: gitlab.rb.j2
+ dest: "/etc/gitlab/gitlab.rb"
+ owner: root
+ group: root
+ mode: '0600'
+ notify: Reconfigure gitlab
# BACKUP
- name: Copy Backup scripts on server
- template:
- src: "{{ item }}.j2"
- dest: /root/{{ item }}
- owner: root
- group: root
- mode: '0700'
+ ansible.builtin.template:
+ src: "{{ item }}.j2"
+ dest: /root/{{ item }}
+ owner: root
+ group: root
+ mode: '0700'
with_items: '{{ backup_scripts }}'
when: inventory_hostname in groups.maintenance_contract
- name: Add cron job to execute backup
- cron:
- name: "{{ item.name }}"
- minute: "{{ item.minute | default('*') }}"
- hour: "{{ item.hour | default('*') }}"
- weekday: "{{ item.weekday | default('*') }}"
- job: "{{ item.job }}"
+ ansible.builtin.cron:
+ name: "{{ item.name }}"
+ minute: "{{ item.minute | default('*') }}"
+ hour: "{{ item.hour | default('*') }}"
+ weekday: "{{ item.weekday | default('*') }}"
+ job: "{{ item.job }}"
with_items: '{{ backup_crons }}'
loop_control:
- label: '{{ item.name }}'
+ label: '{{ item.name }}'
when: inventory_hostname in groups.maintenance_contract
diff --git a/vars/main.yml b/vars/main.yml
index 0007088..a11a003 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -2,31 +2,31 @@
gitlab_gpg_key_url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
gitlab_packages_url: https://packages.gitlab.com/gitlab/gitlab-ce
packages_to_install:
- - gitlab-ce
- - duplicity
- - python3-pip
+ - gitlab-ce
+ - duplicity
+ - python3-pip
tmp_backup_dir: "/tmp/gitlab_backups/"
backup_scripts:
- - "local_gitlab_backup.sh"
- - "push_gitlab_backup.sh"
- - "push_gitlab_backup2.sh"
+ - "local_gitlab_backup.sh"
+ - "push_gitlab_backup.sh"
+ - "push_gitlab_backup2.sh"
backup_crons:
- - name: "remove old local gitlab backup"
- job: "/usr/bin/find /var/opt/gitlab/backups/ -ctime +7 -delete"
- weekday: 0
- hour: 4
- minute: 0
- - name: "local gitlab backup"
- job: "/root/local_gitlab_backup.sh"
- hour: 0
- minute: 35
- - name: "push gitlab backup 2"
- job: "/root/push_gitlab_backup2.sh"
- hour: 0
- minute: 50
- - name: "push gitlab backup"
- job: "/root/push_gitlab_backup.sh"
- hour: 1
- minute: 50
+ - name: "remove old local gitlab backup"
+ job: "/usr/bin/find /var/opt/gitlab/backups/ -ctime +7 -delete"
+ weekday: 0
+ hour: 4
+ minute: 0
+ - name: "local gitlab backup"
+ job: "/root/local_gitlab_backup.sh"
+ hour: 0
+ minute: 35
+ - name: "push gitlab backup 2"
+ job: "/root/push_gitlab_backup2.sh"
+ hour: 0
+ minute: 50
+ - name: "push gitlab backup"
+ job: "/root/push_gitlab_backup.sh"
+ hour: 1
+ minute: 50
--
GitLab