aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles
diff options
context:
space:
mode:
authorEgor Tensin <Egor.Tensin@gmail.com>2023-09-01 00:26:13 +0200
committerEgor Tensin <Egor.Tensin@gmail.com>2023-09-01 00:26:13 +0200
commita89e16c44ee6d038e4f4cf435902e66558cc5cf4 (patch)
tree745201ec1b6b2e6f5239cf4feaf790fb4a138654 /roles
parentapt: don't remove after autoremoving dependencies (diff)
downloadinfra-ansible-a89e16c44ee6d038e4f4cf435902e66558cc5cf4.tar.gz
infra-ansible-a89e16c44ee6d038e4f4cf435902e66558cc5cf4.zip
sort module args, add missing state args, etc.
Diffstat (limited to 'roles')
-rw-r--r--roles/apt/tasks/main.yml4
-rw-r--r--roles/apt/tasks/unattended_upgrades.yml2
-rw-r--r--roles/apt_repo/tasks/main.yml6
-rw-r--r--roles/docker/tasks/main.yml6
-rw-r--r--roles/firewall/tasks/main.yml2
-rw-r--r--roles/letsencrypt/tasks/certbot.yml7
-rw-r--r--roles/linux_status/tasks/main.yml3
-rw-r--r--roles/my_dotfiles/tasks/main.yml4
-rw-r--r--roles/my_workspace/tasks/main.yml2
-rw-r--r--roles/my_workspace/tasks/project.yml8
-rw-r--r--roles/wireguard/tasks/main.yml2
11 files changed, 28 insertions, 18 deletions
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
index 36b8b07..530519d 100644
--- a/roles/apt/tasks/main.yml
+++ b/roles/apt/tasks/main.yml
@@ -1,9 +1,9 @@
- name: Upgrade packages
become: true
ansible.builtin.apt:
- install_recommends: false
update_cache: true
upgrade: dist
+ install_recommends: false
notify: apt_reboot
- name: Reboot if necessary
@@ -19,9 +19,9 @@
- name: Install packages
become: true
ansible.builtin.apt:
- install_recommends: false
name: '{{ apt_packages }}'
state: present
+ install_recommends: false
- name: Configure unattended-upgrades
ansible.builtin.include_tasks: unattended_upgrades.yml
diff --git a/roles/apt/tasks/unattended_upgrades.yml b/roles/apt/tasks/unattended_upgrades.yml
index 7549ec2..e9fdd05 100644
--- a/roles/apt/tasks/unattended_upgrades.yml
+++ b/roles/apt/tasks/unattended_upgrades.yml
@@ -1,9 +1,9 @@
- name: Install unattended-upgrades
become: true
ansible.builtin.apt:
- install_recommends: false
name: unattended-upgrades
state: present
+ install_recommends: false
- name: 50unattended-upgrades
become: true
diff --git a/roles/apt_repo/tasks/main.yml b/roles/apt_repo/tasks/main.yml
index 3e87d38..ef34bf5 100644
--- a/roles/apt_repo/tasks/main.yml
+++ b/roles/apt_repo/tasks/main.yml
@@ -10,13 +10,17 @@
- name: Create keys directory
ansible.builtin.file:
path: '{{ apt_repo_keys_dir }}'
- mode: '755'
state: directory
+ owner: root
+ group: root
+ mode: '755'
- name: 'Add key: {{ apt_repo_name }}'
ansible.builtin.get_url:
url: '{{ apt_repo_key_url }}'
dest: '{{ key_path }}'
+ owner: root
+ group: root
mode: '644'
notify: apt_repo_update
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 639615b..242a500 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,12 +1,12 @@
- name: Install Docker
become: true
ansible.builtin.apt:
- install_recommends: false
name:
- docker.io
- docker-compose
- policy_rc_d: 101
state: present
+ install_recommends: false
+ policy_rc_d: 101
notify: docker_restart
- name: Configure Docker logging driver
@@ -19,10 +19,10 @@
- name: Clean up Docker data
become: true
community.docker.docker_prune:
+ builder_cache: true
containers: true
images: true
images_filters:
dangling: false
networks: true
volumes: true
- builder_cache: true
diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml
index 82584e2..c17a4e3 100644
--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@@ -1,9 +1,9 @@
- name: Install iptables-persistent
become: true
ansible.builtin.apt:
- install_recommends: false
name: iptables-persistent
state: present
+ install_recommends: false
- name: Configure rule files
ansible.builtin.include_tasks: file.yml
diff --git a/roles/letsencrypt/tasks/certbot.yml b/roles/letsencrypt/tasks/certbot.yml
index 2a7664e..2eeeda5 100644
--- a/roles/letsencrypt/tasks/certbot.yml
+++ b/roles/letsencrypt/tasks/certbot.yml
@@ -6,13 +6,15 @@
block:
- name: Install snapd
ansible.builtin.apt:
- install_recommends: false
name: snapd
+ state: present
+ install_recommends: false
- name: Install Certbot
community.general.snap:
- classic: true
name: certbot
+ state: present
+ classic: true
- name: Confirm plugin containment level
ansible.builtin.command: snap set certbot trust-plugin-with-root=ok
@@ -20,6 +22,7 @@
- name: Install Certbot DigitalOcean plugin
community.general.snap:
name: certbot-dns-digitalocean
+ state: present
- name: Create Certbot symlink in /usr/bin
ansible.builtin.file:
diff --git a/roles/linux_status/tasks/main.yml b/roles/linux_status/tasks/main.yml
index 6a9f1f1..b9884fe 100644
--- a/roles/linux_status/tasks/main.yml
+++ b/roles/linux_status/tasks/main.yml
@@ -22,8 +22,9 @@
- name: Install linux-status
become: true
ansible.builtin.apt:
- install_recommends: false
name: linux-status
+ state: present
+ install_recommends: false
policy_rc_d: 101
notify: linux_status_restart
diff --git a/roles/my_dotfiles/tasks/main.yml b/roles/my_dotfiles/tasks/main.yml
index 9851658..0acdf65 100644
--- a/roles/my_dotfiles/tasks/main.yml
+++ b/roles/my_dotfiles/tasks/main.yml
@@ -1,8 +1,8 @@
- name: Pull repositories
ansible.builtin.git:
- accept_hostkey: true
- dest: '{{ my_dotfiles_dir }}'
repo: '{{ my_dotfiles_repo }}'
+ dest: '{{ my_dotfiles_dir }}'
+ accept_hostkey: true
- name: Run setup.sh
ansible.builtin.command: ./setup.sh
diff --git a/roles/my_workspace/tasks/main.yml b/roles/my_workspace/tasks/main.yml
index 48af77b..81344c3 100644
--- a/roles/my_workspace/tasks/main.yml
+++ b/roles/my_workspace/tasks/main.yml
@@ -13,6 +13,8 @@
name:
- git
- make
+ state: present
+ install_recommends: false
- name: Configure git
block:
diff --git a/roles/my_workspace/tasks/project.yml b/roles/my_workspace/tasks/project.yml
index 276d10b..c0f652c 100644
--- a/roles/my_workspace/tasks/project.yml
+++ b/roles/my_workspace/tasks/project.yml
@@ -6,9 +6,9 @@
block:
- name: 'Update repository: {{ project_name }}'
ansible.builtin.git:
- accept_hostkey: true
- dest: '{{ project_dir }}'
repo: '{{ project_url }}'
+ dest: '{{ project_dir }}'
+ accept_hostkey: true
- name: Check for Makefile
ansible.builtin.file:
@@ -33,9 +33,9 @@
- name: Run docker-compose
become: true
community.docker.docker_compose:
- build: true
- debug: true
project_src: '{{ project_dir }}'
pull: true
+ build: true
remove_orphans: true
+ debug: true
when: makefile_check is not succeeded and docker_compose_check is succeeded
diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml
index f6a09cb..955bfdb 100644
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -3,9 +3,9 @@
block:
- name: Install wireguard-tools
ansible.builtin.apt:
- install_recommends: false
name: wireguard-tools
state: present
+ install_recommends: false
- name: Write wg-quick config file
ansible.builtin.template: