fix some ansible-lint warnings

8 files changed, 18 insertions, 5 deletions

diff --git a/galaxy.yml b/galaxy.yml
index dbdf256..50336e1 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -1,6 +1,8 @@
 namespace: tensin
 name: infra
 version: 0.0.9
+description: Some common Ansible roles used by me to manage things
+repository: https://github.com/egor-tensin/infra-ansible
 readme: README.md
 license: MIT
 authors:
diff --git a/roles/apt/tasks/unattended_upgrades.yml b/roles/apt/tasks/unattended_upgrades.yml
index 79327d5..7549ec2 100644
--- a/roles/apt/tasks/unattended_upgrades.yml
+++ b/roles/apt/tasks/unattended_upgrades.yml
@@ -1,5 +1,5 @@
 - name: Install unattended-upgrades
-  become:
+  become: true
   ansible.builtin.apt:
     install_recommends: false
     name: unattended-upgrades
diff --git a/roles/cloud_init_wait/tasks/main.yml b/roles/cloud_init_wait/tasks/main.yml
index 22c258d..d9ad4a0 100644
--- a/roles/cloud_init_wait/tasks/main.yml
+++ b/roles/cloud_init_wait/tasks/main.yml
@@ -1,4 +1,5 @@
-- ansible.builtin.include_role:
+- name: 'Wait for {{ cloud_init_wait_path }}'
+  ansible.builtin.include_role:
     name: file_wait
   vars:
     file_wait_path: '{{ cloud_init_wait_path }}'
diff --git a/roles/file_wait/tasks/check.yml b/roles/file_wait/tasks/check.yml
index 1a7c138..aba500b 100644
--- a/roles/file_wait/tasks/check.yml
+++ b/roles/file_wait/tasks/check.yml
@@ -14,6 +14,7 @@
   ignore_errors: true
 
 - name: If the host restarted, try again
+  when: file_wait_check is unreachable
   block:
     - name: Note a reboot happened
       ansible.builtin.set_fact:
@@ -22,4 +23,3 @@
     - name: Retry if there're more attempts
       ansible.builtin.include_tasks: check.yml
       when: (file_wait_reboots | int > 0)
-  when: file_wait_check is unreachable
diff --git a/roles/journald/tasks/main.yml b/roles/journald/tasks/main.yml
index 8602829..9b0317b 100644
--- a/roles/journald/tasks/main.yml
+++ b/roles/journald/tasks/main.yml
@@ -7,6 +7,9 @@
         section: Journal
         option: MaxLevelStore
         value: '{{ journald_log_level }}'
+        owner: root
+        group: root
+        mode: '644'
       register: edited
 
     - name: Restart systemd-journald
diff --git a/roles/systemd_edit/tasks/main.yml b/roles/systemd_edit/tasks/main.yml
index 06a0a8a..8a08e6d 100644
--- a/roles/systemd_edit/tasks/main.yml
+++ b/roles/systemd_edit/tasks/main.yml
@@ -5,6 +5,9 @@
       ansible.builtin.file:
         path: '/etc/systemd/system/{{ service_name }}.service.d'
         state: directory
+        owner: root
+        group: root
+        mode: '755'
 
     - name: 'Set up override: {{ service_name }}'
       community.general.ini_file:
@@ -13,6 +16,9 @@
         option: '{{ service_option }}'
         values: '{{ service_values }}'
         no_extra_spaces: true
+        owner: root
+        group: root
+        mode: '644'
       register: overridden
 
     - name: 'Restart service: {{ service_name }}'
diff --git a/roles/systemd_requires_mounts_for/tasks/main.yml b/roles/systemd_requires_mounts_for/tasks/main.yml
index 83639d3..c7b7542 100644
--- a/roles/systemd_requires_mounts_for/tasks/main.yml
+++ b/roles/systemd_requires_mounts_for/tasks/main.yml
@@ -1,4 +1,5 @@
-- ansible.builtin.include_role:
+- name: Set up a service to require a mounted directory
+  ansible.builtin.include_role:
     name: systemd_edit
   vars:
     service_section: Unit
diff --git a/roles/workspace/tasks/main.yml b/roles/workspace/tasks/main.yml
index e2eb943..2905ad7 100644
--- a/roles/workspace/tasks/main.yml
+++ b/roles/workspace/tasks/main.yml
@@ -5,7 +5,7 @@
     state: directory
     owner: '{{ ansible_user }}'
     group: '{{ ansible_user }}'
-    mode: '0750'
+    mode: '750'
 
 - name: Install dependencies
   become: true