From 2640e0c08751d5784908f2bcdc6e4f1426ccbcae Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Fri, 11 Aug 2023 19:40:46 +0200 Subject: fix some ansible-lint warnings --- galaxy.yml | 2 ++ roles/apt/tasks/unattended_upgrades.yml | 2 +- roles/cloud_init_wait/tasks/main.yml | 3 ++- roles/file_wait/tasks/check.yml | 2 +- roles/journald/tasks/main.yml | 3 +++ roles/systemd_edit/tasks/main.yml | 6 ++++++ roles/systemd_requires_mounts_for/tasks/main.yml | 3 ++- roles/workspace/tasks/main.yml | 2 +- 8 files changed, 18 insertions(+), 5 deletions(-) diff --git a/galaxy.yml b/galaxy.yml index dbdf256..50336e1 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,8 @@ namespace: tensin name: infra version: 0.0.9 +description: Some common Ansible roles used by me to manage things +repository: https://github.com/egor-tensin/infra-ansible readme: README.md license: MIT authors: diff --git a/roles/apt/tasks/unattended_upgrades.yml b/roles/apt/tasks/unattended_upgrades.yml index 79327d5..7549ec2 100644 --- a/roles/apt/tasks/unattended_upgrades.yml +++ b/roles/apt/tasks/unattended_upgrades.yml @@ -1,5 +1,5 @@ - name: Install unattended-upgrades - become: + become: true ansible.builtin.apt: install_recommends: false name: unattended-upgrades diff --git a/roles/cloud_init_wait/tasks/main.yml b/roles/cloud_init_wait/tasks/main.yml index 22c258d..d9ad4a0 100644 --- a/roles/cloud_init_wait/tasks/main.yml +++ b/roles/cloud_init_wait/tasks/main.yml @@ -1,4 +1,5 @@ -- ansible.builtin.include_role: +- name: 'Wait for {{ cloud_init_wait_path }}' + ansible.builtin.include_role: name: file_wait vars: file_wait_path: '{{ cloud_init_wait_path }}' diff --git a/roles/file_wait/tasks/check.yml b/roles/file_wait/tasks/check.yml index 1a7c138..aba500b 100644 --- a/roles/file_wait/tasks/check.yml +++ b/roles/file_wait/tasks/check.yml @@ -14,6 +14,7 @@ ignore_errors: true - name: If the host restarted, try again + when: file_wait_check is unreachable block: - name: Note a reboot happened ansible.builtin.set_fact: @@ -22,4 +23,3 @@ - name: Retry if there're more attempts ansible.builtin.include_tasks: check.yml when: (file_wait_reboots | int > 0) - when: file_wait_check is unreachable diff --git a/roles/journald/tasks/main.yml b/roles/journald/tasks/main.yml index 8602829..9b0317b 100644 --- a/roles/journald/tasks/main.yml +++ b/roles/journald/tasks/main.yml @@ -7,6 +7,9 @@ section: Journal option: MaxLevelStore value: '{{ journald_log_level }}' + owner: root + group: root + mode: '644' register: edited - name: Restart systemd-journald diff --git a/roles/systemd_edit/tasks/main.yml b/roles/systemd_edit/tasks/main.yml index 06a0a8a..8a08e6d 100644 --- a/roles/systemd_edit/tasks/main.yml +++ b/roles/systemd_edit/tasks/main.yml @@ -5,6 +5,9 @@ ansible.builtin.file: path: '/etc/systemd/system/{{ service_name }}.service.d' state: directory + owner: root + group: root + mode: '755' - name: 'Set up override: {{ service_name }}' community.general.ini_file: @@ -13,6 +16,9 @@ option: '{{ service_option }}' values: '{{ service_values }}' no_extra_spaces: true + owner: root + group: root + mode: '644' register: overridden - name: 'Restart service: {{ service_name }}' diff --git a/roles/systemd_requires_mounts_for/tasks/main.yml b/roles/systemd_requires_mounts_for/tasks/main.yml index 83639d3..c7b7542 100644 --- a/roles/systemd_requires_mounts_for/tasks/main.yml +++ b/roles/systemd_requires_mounts_for/tasks/main.yml @@ -1,4 +1,5 @@ -- ansible.builtin.include_role: +- name: Set up a service to require a mounted directory + ansible.builtin.include_role: name: systemd_edit vars: service_section: Unit diff --git a/roles/workspace/tasks/main.yml b/roles/workspace/tasks/main.yml index e2eb943..2905ad7 100644 --- a/roles/workspace/tasks/main.yml +++ b/roles/workspace/tasks/main.yml @@ -5,7 +5,7 @@ state: directory owner: '{{ ansible_user }}' group: '{{ ansible_user }}' - mode: '0750' + mode: '750' - name: Install dependencies become: true -- cgit v1.2.3