diff --git a/.yamllint.yml b/.yamllint.yml
index bcc5101eedb5c39816a17782656b4afc1ea0f956..f359ecb185f2f2b17d9a26793fa99063f38fdf7a 100644
--- a/.yamllint.yml
+++ b/.yamllint.yml
@@ -2,6 +2,5 @@
extends: default
rules:
- line-length:
- level: warning
+ line-length: disable
...
diff --git a/all.yml b/all.yml
index abe59634cb5002014239377304a2f1befe4a9109..692f4f0df8690698f95fda4870c47c9cec17236e 100755
--- a/all.yml
+++ b/all.yml
@@ -10,7 +10,7 @@
# Common configuration
- import_playbook: plays/mail.yml
- import_playbook: plays/nfs.yml
-#- import_playbook: plays/logs.yml TODO: rsyncd
+# - import_playbook: plays/logs.yml TODO: rsyncd
- import_playbook: plays/backup.yml # import borgbackup_client/server.yml
# - import_playbook: plays/network-interfaces.yml TODO: check this paybook
- import_playbook: plays/monitoring.yml
diff --git a/group_vars/all/home_nounou.yml b/group_vars/all/home_nounou.yml
index 24fe32d1b694ef9cd4fe3cb72e0adb62089754a9..4839e1fefffbd72ef0c465a32a1673d31a10f824 100644
--- a/group_vars/all/home_nounou.yml
+++ b/group_vars/all/home_nounou.yml
@@ -1,10 +1,10 @@
---
glob_home_nounou:
mounts:
- - ip: 172.16.10.1
- mountpoint: /pool/home
- target: /home_nounou
- name: home_nounou
- owner: root
- group: _user
- mode: '0750'
+ - ip: 172.16.10.1
+ mountpoint: /pool/home
+ target: /home_nounou
+ name: home_nounou
+ owner: root
+ group: _user
+ mode: '0750'
diff --git a/group_vars/all/network_interfaces.yml b/group_vars/all/network_interfaces.yml
index 92a95cb591d63e512e3459f7a0969b7878e83a38..9c65e27525a3537a85fe4e59e9a8594b5916e2b1 100644
--- a/group_vars/all/network_interfaces.yml
+++ b/group_vars/all/network_interfaces.yml
@@ -1,3 +1,4 @@
+---
glob_network_interfaces:
vlan:
- name: srv
diff --git a/group_vars/cachan/home_nounou.yml b/group_vars/cachan/home_nounou.yml
index 1e276cb1c75b159fcbd1a399055496f2d36f1c45..3623495da8f0d6803bac152bbf7ac6b895a43ff3 100644
--- a/group_vars/cachan/home_nounou.yml
+++ b/group_vars/cachan/home_nounou.yml
@@ -1,10 +1,10 @@
---
glob_home_nounou:
mounts:
- - ip: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
- mountpoint: /rpool/home
- target: /home_nounou
- name: home_nounou
- owner: root
- group: _user
- mode: '0750'
+ - ip: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
+ mountpoint: /rpool/home
+ target: /home_nounou
+ name: home_nounou
+ owner: root
+ group: _user
+ mode: '0750'
diff --git a/group_vars/cachan/network_interfaces.yml b/group_vars/cachan/network_interfaces.yml
index 90bca5083d5891b4467bcd6fdb2bdf2dab89c2aa..433e0478c883a269e5ac7ffa499f95a2d7dd60a7 100644
--- a/group_vars/cachan/network_interfaces.yml
+++ b/group_vars/cachan/network_interfaces.yml
@@ -1,3 +1,4 @@
+---
glob_network_interfaces:
vlan:
- name: cachan_srv
diff --git a/group_vars/dhcp.yml b/group_vars/dhcp.yml
index b181eb94dc1e75d5c2cb790ca42bbc7841f7943a..bffecd9293808b46cc32079b129914bafa84387d 100644
--- a/group_vars/dhcp.yml
+++ b/group_vars/dhcp.yml
@@ -1,13 +1,13 @@
---
glob_dhcp:
global_options:
- - { key: "interface-mtu", value: "1500" }
+ - {key: "interface-mtu", value: "1500"}
global_parameters: []
glob_service_dhcp:
name: dhcp
install_dir: /var/local/services/dhcp
- generated: yes
+ generated: true
cron:
frequency: "*/2 * * * *"
options: -q
diff --git a/group_vars/dovecot.yml b/group_vars/dovecot.yml
index 9472033b6e826ae10eb9f434d06fb114384487ce..0d6d6747887b246d3ba10e4e8890735c74075f87 100644
--- a/group_vars/dovecot.yml
+++ b/group_vars/dovecot.yml
@@ -1,3 +1,4 @@
+---
glob_dovecot:
ldap:
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ipv4 | first }}/"
diff --git a/group_vars/ethercalc.yml b/group_vars/ethercalc.yml
index bbcecf6fabb766e273c7c7a0073fdbb207d1dba9..c041775c9fa0f49598c65231fe89faf74e8314ea 100644
--- a/group_vars/ethercalc.yml
+++ b/group_vars/ethercalc.yml
@@ -1,2 +1,3 @@
+---
glob_ethercalc:
ip: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
diff --git a/group_vars/etherpad.yml b/group_vars/etherpad.yml
index c69f2ab05429ff0cb108995486769c6605ba7456..9e3441b1f73e970f54624824d7b0ec5eddd3ba50 100644
--- a/group_vars/etherpad.yml
+++ b/group_vars/etherpad.yml
@@ -1,3 +1,4 @@
+---
glob_etherpad:
instances:
- name: etherpad-lite
diff --git a/group_vars/firewall.yml b/group_vars/firewall.yml
index 5f5a97224965f584353d0e2a021570ec4f505ef1..d1035b63cfa7d39bf210e19a741fa1f7f6461f1c 100644
--- a/group_vars/firewall.yml
+++ b/group_vars/firewall.yml
@@ -1,3 +1,4 @@
+---
glob_service_firewall:
name: firewall
install_dir: /var/local/services/firewall
diff --git a/group_vars/framadate.yml b/group_vars/framadate.yml
index d4f69baced152a37609f3e635df9f04c5a157ede..a67ab310e166af960c1b37851086387f535de580 100644
--- a/group_vars/framadate.yml
+++ b/group_vars/framadate.yml
@@ -1,3 +1,4 @@
+---
glob_framadate:
contact: contact@crans.org
automatic_response: no-reply@crans.org
@@ -8,4 +9,3 @@ glob_framadate:
admin_username: framadate
admin_password: "{{ vault.framadate_password }}"
db_password: "{{ vault.framadate_password_db }}"
-
diff --git a/group_vars/horde.yml b/group_vars/horde.yml
index dd1fe13719c4158c3440731a884386d0cec8b995..e44f3b79e367112677eb92bdf1f74d1691b05d61 100644
--- a/group_vars/horde.yml
+++ b/group_vars/horde.yml
@@ -1,3 +1,4 @@
+---
glob_horde:
secret: '{{ vault.horde_secret }}'
imap: imap.adm.crans.org
@@ -13,10 +14,10 @@ glob_horde:
- "'erdnaxe'"
redirection: https://wiki.crans.org/VieCrans/PagesDeDeconnexion/ERR_CHOOSE_WEBMAIL
src_hostname: horde.crans.org
- dest_hostname : webmail.crans.org
- admin_src_hostname : horde.adm.crans.org
- admin_dest_hostname : webmail.adm.crans.org
- zone_ipv4 : 172.16.10.0/24
- zone_ipv6 : fd00:0:0:10::/64
+ dest_hostname: webmail.crans.org
+ admin_src_hostname: horde.adm.crans.org
+ admin_dest_hostname: webmail.adm.crans.org
+ zone_ipv4: 172.16.10.0/24
+ zone_ipv6: fd00:0:0:10::/64
ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
ipv6: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv6 | first }}"
diff --git a/group_vars/keepalived.yml b/group_vars/keepalived.yml
index e4c937d30c999efed4670a29b13c8206b2e5f65b..240316641b580b87d1098087394fe28aebf349c9 100644
--- a/group_vars/keepalived.yml
+++ b/group_vars/keepalived.yml
@@ -8,7 +8,7 @@ glob_keepalived:
VI_ALL:
password: "{{ vault.keepalived.password }}"
id: 60
- ipv6: yes
+ ipv6: true
notify: /var/local/services/keepalived/keepalived.py
zones:
- vlan: via
diff --git a/group_vars/mirror_backend.yml b/group_vars/mirror_backend.yml
index 98239336c5dfbf881e40e8b76240d14f0a9cfe59..2ddced1e5d4171487036946965e268c4c0b5d3d7 100644
--- a/group_vars/mirror_backend.yml
+++ b/group_vars/mirror_backend.yml
@@ -1,3 +1,4 @@
+---
glob_ftpsync:
root: /mirror/pub
mirror:
diff --git a/group_vars/postgres.yml b/group_vars/postgres.yml
index 0ecc3093eef0d9c702a657e641ae2f74b82c4346..41950e20c038ef8ad579a32ea5ab7d7a10eab836 100644
--- a/group_vars/postgres.yml
+++ b/group_vars/postgres.yml
@@ -1,3 +1,4 @@
+---
glob_postgres:
subnets:
- 172.16.10.0/24
diff --git a/group_vars/radius.yml b/group_vars/radius.yml
index e2add971a079ef554475512f0a6dd05c4233f6f0..2436425f4ba5a8ae4c0d00ff06b234252f751f37 100644
--- a/group_vars/radius.yml
+++ b/group_vars/radius.yml
@@ -17,7 +17,7 @@ glob_freeradius:
ipv6: 2001:bc8:273e::1
secret: '{{ vault.radius_secret.federez }}'
server: radius-wifi
-
+
loc_certbot:
- mail: root@crans.org
certname: crans.org
diff --git a/group_vars/radvd.yml b/group_vars/radvd.yml
index 7714cbacf703ade4eb777026384ac28d579b5821..035ed3ad5eb7a04327e7cf9b34b56fd0cd734681 100644
--- a/group_vars/radvd.yml
+++ b/group_vars/radvd.yml
@@ -1 +1,2 @@
+---
glob_radvd: {}
diff --git a/group_vars/re2o.yml b/group_vars/re2o.yml
index 09c1e7647ea04bfbb3992a3bbe09e126eccbf2e1..c83de02bfcd1eb17a300f7c665704c5852418f1e 100644
--- a/group_vars/re2o.yml
+++ b/group_vars/re2o.yml
@@ -17,8 +17,8 @@ glob_re2o:
uri: "ldap://re2o-ldap.adm.crans.org/"
dn: "cn=admin,dc=crans,dc=org"
database:
- password: "{{ vault.re2o_db_password }}"
- uri: "172.16.10.1"
+ password: "{{ vault.re2o_db_password }}"
+ uri: "172.16.10.1"
optional_apps:
- api
- captcha
diff --git a/group_vars/re2o_front.yml b/group_vars/re2o_front.yml
index c7ca4528a664f372c4dc37bdd45337bf704b2e78..83cef6ee7a3b9d538cbb456c182c8ef98692c7a9 100644
--- a/group_vars/re2o_front.yml
+++ b/group_vars/re2o_front.yml
@@ -3,8 +3,8 @@ glob_re2o_front:
server_names:
- "{{ query('ldap', 'ip', 'c3po', 'adm') | ipv4 | first }}"
- "[{{ query('ldap', 'ip', 'c3po', 'adm') | ipv6 | first }}]"
- # - "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
- # - "[{{ query('ldap', 'ip', 're2o', 'adm') | ipv6 | first }}]"
+ # - "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
+ # - "[{{ query('ldap', 'ip', 're2o', 'adm') | ipv6 | first }}]"
- re2o.adm.crans.org
- intranet.adm.crans.org
- re2o.crans.org
diff --git a/group_vars/reverseproxy.yml b/group_vars/reverseproxy.yml
index 9d1152aa05a7a074cf006613a4207ec1d23c970a..c4e104bbca21d570638ae9c6881ee05a5e63e54f 100644
--- a/group_vars/reverseproxy.yml
+++ b/group_vars/reverseproxy.yml
@@ -1,3 +1,4 @@
+---
loc_certbot:
- mail: root@crans.org
certname: crans.org
diff --git a/group_vars/roundcube.yml b/group_vars/roundcube.yml
index b0cbef02c8a5bedef5bc5df790c1ba20ce176d26..b2743bfd51191b74fbf3c3e3a759edc346ec582e 100644
--- a/group_vars/roundcube.yml
+++ b/group_vars/roundcube.yml
@@ -1,3 +1,4 @@
+---
glob_roundcube:
name: Crans
imap_server: owl.adm.crans.org
diff --git a/group_vars/rsyncd.yml b/group_vars/rsyncd.yml
index 25239265c796509cbad8e717a39d4c4637a1ad8b..2ccdab15d56eb57a9dc2058111f2683bb34a30a3 100644
--- a/group_vars/rsyncd.yml
+++ b/group_vars/rsyncd.yml
@@ -9,4 +9,3 @@ glob_rsyncd:
path: /pool/mirror/pub/videolan
comment: VideoLAN repository
hosts_allow: "*"
-
diff --git a/group_vars/server/ntp.yml b/group_vars/server/ntp.yml
index 5edaa35332b7f70fa3ed0d62c3b602fd2db51caf..504215cbd40d4d38a89d95b9fb71cfe1c8638746 100644
--- a/group_vars/server/ntp.yml
+++ b/group_vars/server/ntp.yml
@@ -1,3 +1,4 @@
+---
glob_ntp_client:
servers:
- ntp.adm.crans.org
diff --git a/group_vars/sssd.yml b/group_vars/sssd.yml
index 6787a68c142de9e05e7540b00e7dd0b44af1ea4e..c7e32a96c6d92f16c61f8b91b0d5b0fe48840ce5 100644
--- a/group_vars/sssd.yml
+++ b/group_vars/sssd.yml
@@ -1,3 +1,4 @@
+---
glob_sssd:
primary:
domain: tealc.adm.crans.org
diff --git a/group_vars/thelounge.yml b/group_vars/thelounge.yml
index 66132cd122236c7a7f69b1588d7bbd1cadaa3bb9..fee11393d59d0edd521d0b12d91d6b21245ffee9 100644
--- a/group_vars/thelounge.yml
+++ b/group_vars/thelounge.yml
@@ -1,3 +1,4 @@
+---
glob_thelounge:
public: "false"
host: "undefined"
diff --git a/host_vars/c3po.adm.crans.org.yml b/host_vars/c3po.adm.crans.org.yml
index cfd6a65811641877a99d916e59ce0686f0151d9b..5cde204461d4051fcc160eab974a5c25e3663a6c 100644
--- a/host_vars/c3po.adm.crans.org.yml
+++ b/host_vars/c3po.adm.crans.org.yml
@@ -1,2 +1,3 @@
+---
interfaces:
adm: eth0
diff --git a/host_vars/codichotomie.adm.crans.org.yml b/host_vars/codichotomie.adm.crans.org.yml
index ddb21e603310a30773630a81f0fa746c9d5a7af1..2eb6f993a4287225249a71040a352e24e4c0e15b 100644
--- a/host_vars/codichotomie.adm.crans.org.yml
+++ b/host_vars/codichotomie.adm.crans.org.yml
@@ -1,3 +1,4 @@
+---
interfaces:
adm: eth0
srv_nat: eth1
diff --git a/host_vars/daniel.adm.crans.org.yml b/host_vars/daniel.adm.crans.org.yml
index b26e6fbcbcafcf67e031615e319a07eec95e275f..a6264c08e74f1363194cabb41e0a975ee0176917 100644
--- a/host_vars/daniel.adm.crans.org.yml
+++ b/host_vars/daniel.adm.crans.org.yml
@@ -6,5 +6,5 @@ loc_slapd:
loc_postgres:
version: 11
- replica: yes
+ replica: true
addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ipaddr('address') }}"
diff --git a/host_vars/fyre.cachan-adm.crans.org.yml b/host_vars/fyre.cachan-adm.crans.org.yml
index 85ddec93fafdd0e5a2e3798ee98348ca09a062a0..5fd7f265363eef5d8ae6f00e6ca9f08ad155f0cb 100644
--- a/host_vars/fyre.cachan-adm.crans.org.yml
+++ b/host_vars/fyre.cachan-adm.crans.org.yml
@@ -22,7 +22,7 @@ loc_prometheus:
- job_name: servers
file_sd_configs:
- files:
- - '/etc/prometheus/targets_node.json'
+ - '/etc/prometheus/targets_node.json'
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
@@ -41,7 +41,7 @@ loc_prometheus:
- job_name: ups_snmp
file_sd_configs:
- files:
- - '/etc/prometheus/targets_ups_snmp.json'
+ - '/etc/prometheus/targets_ups_snmp.json'
metrics_path: /snmp
params:
module: [eatonups]
@@ -60,7 +60,7 @@ loc_prometheus:
- job_name: unifi_snmp
file_sd_configs:
- files:
- - '/etc/prometheus/targets_unifi_snmp.json'
+ - '/etc/prometheus/targets_unifi_snmp.json'
metrics_path: /snmp
params:
module: [ubiquiti_unifi]
@@ -79,7 +79,7 @@ loc_prometheus:
- job_name: nginx
file_sd_configs:
- files:
- - '/etc/prometheus/targets_nginx.json'
+ - '/etc/prometheus/targets_nginx.json'
relabel_configs:
- source_labels: [__address__]
target_label: instance
diff --git a/host_vars/gulp.cachan-adm.crans.org.yml b/host_vars/gulp.cachan-adm.crans.org.yml
index 2426c6b07c8ff33ff2401ae70013e99f52327b39..a8c822dbc45c997d4df58e632c186b7e3ff21637 100644
--- a/host_vars/gulp.cachan-adm.crans.org.yml
+++ b/host_vars/gulp.cachan-adm.crans.org.yml
@@ -17,7 +17,7 @@ loc_postgres:
- fd00:0:0:3010::/64
version: 11
hosts:
- - { db: re2o, user: re2o }
+ - {db: re2o, user: re2o}
addresses: "['gulp.cachan-adm.crans.org'] + {{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipaddr('address') }}"
backup:
dir: /var/local/db-backup
diff --git a/host_vars/irc.adm.crans.org.yml b/host_vars/irc.adm.crans.org.yml
index 17426494a3273fd04683cbd8ebe629c63f37f00f..5ac2331e204323be125fac3fb518db797e3c5e3e 100644
--- a/host_vars/irc.adm.crans.org.yml
+++ b/host_vars/irc.adm.crans.org.yml
@@ -42,20 +42,20 @@ loc_inspircd:
nick: PEB
email: root@crans.org
bind:
- - address: 185.230.79.11
- type: clients
- clair: 6667
- ssl: 6697
- - address: 2a0c:700:2::ff:fe01:2902
- type: clients
- clair: 6667
- ssl: 6697
- - address : 172.16.10.129
- type: clients
- clair: 6667
- - address: 127.0.0.1
- type: servers
- clair: 6668
+ - address: 185.230.79.11
+ type: clients
+ clair: 6667
+ ssl: 6697
+ - address: 2a0c:700:2::ff:fe01:2902
+ type: clients
+ clair: 6667
+ ssl: 6697
+ - address: 172.16.10.129
+ type: clients
+ clair: 6667
+ - address: 127.0.0.1
+ type: servers
+ clair: 6668
connect:
- name: zamok
allows:
@@ -79,7 +79,7 @@ loc_inspircd:
ipv6: fd00::10:ff:fe01:2110/128
threshold: 10
commandrate: 10000
- modes: yes
+ modes: true
dns: 185.230.79.62
services:
name: services.irc.crans.org
@@ -87,8 +87,6 @@ loc_inspircd:
recvpass: "{{ vault.irc_anope_recvpass }}"
sendpass: "{{ vault.irc_anope_sendpass }}"
-
-
loc_anope:
recvpass: "{{ vault.irc_anope_recvpass }}"
sendpass: "{{ vault.irc_anope_sendpass }}"
diff --git a/host_vars/jack.adm.crans.org.yml b/host_vars/jack.adm.crans.org.yml
index df66cd826bd026ef22d84fd0cd10cc2588de633a..2c268c93eaf18df9903d4a4af7ac2f2949540e5d 100644
--- a/host_vars/jack.adm.crans.org.yml
+++ b/host_vars/jack.adm.crans.org.yml
@@ -6,5 +6,5 @@ loc_slapd:
loc_postgres:
version: 11
- replica: yes
+ replica: true
addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ipaddr('address') }}"
diff --git a/host_vars/monitoring.adm.crans.org.yml b/host_vars/monitoring.adm.crans.org.yml
index dddad1f7e96987f9beae5bb24586b1f8bfa2701a..1a888fc669e062a0627fde28563c7da5cdff146e 100644
--- a/host_vars/monitoring.adm.crans.org.yml
+++ b/host_vars/monitoring.adm.crans.org.yml
@@ -1,3 +1,4 @@
+---
interfaces:
adm: eth0
srv_nat: eth1
@@ -10,7 +11,7 @@ loc_prometheus:
- job_name: servers
file_sd_configs:
- files:
- - '/etc/prometheus/targets_node.json'
+ - '/etc/prometheus/targets_node.json'
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
@@ -27,7 +28,7 @@ loc_prometheus:
- job_name: nginx
file_sd_configs:
- files:
- - '/etc/prometheus/targets_nginx.json'
+ - '/etc/prometheus/targets_nginx.json'
relabel_configs:
- source_labels: [__address__]
target_label: instance
@@ -63,7 +64,7 @@ loc_prometheus:
- job_name: blackbox
file_sd_configs:
- files:
- - '/etc/prometheus/targets_blackbox.json'
+ - '/etc/prometheus/targets_blackbox.json'
metrics_path: /probe
params:
module: [http_2xx] # Look for a HTTP 200 response.
@@ -89,22 +90,3 @@ loc_prometheus:
- source_labels: [instance]
target_label: __address__
replacement: '$1:3903'
-
-
-# apache:
-# targets:
-# config:
-# - job_name: apache
-# file_sd_configs:
-# - files:
-# - '/etc/prometheus/targets_apache.json'
-# relabel_configs:
-# - source_labels: [__address__]
-# target_label: instance
-# - source_labels: [instance]
-# target_label: __address__
-# replacement: '$1:9117'
-
-# bird_targets:
-# - routeur-sam.adm.crans.org
-
diff --git a/host_vars/owncloud.adm.crans.org.yml b/host_vars/owncloud.adm.crans.org.yml
index 408b5258bbbeb888d40b03fd565805088b447dbd..8663e4d64722502c7e6fcc1300d9986a41de0563 100644
--- a/host_vars/owncloud.adm.crans.org.yml
+++ b/host_vars/owncloud.adm.crans.org.yml
@@ -8,4 +8,3 @@ loc_ldap:
base_dn: "cn=admin,dc=crans,dc=org"
password: "{{ vault.ldap_master_password }}"
uri: "ldap://172.16.10.157"
-
diff --git a/host_vars/re2o.cachan-adm.crans.org.yml b/host_vars/re2o.cachan-adm.crans.org.yml
index 70efd4cf7ba25ec26bc322e6de5357d5bebb7b52..d9635258587a5aacbf0a095e993a4ec8558b20b2 100644
--- a/host_vars/re2o.cachan-adm.crans.org.yml
+++ b/host_vars/re2o.cachan-adm.crans.org.yml
@@ -30,8 +30,8 @@ loc_re2o:
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'cachan-adm') | ipv4 | first }}/"
dn: "cn=admin,dc=crans,dc=org"
database:
- password: "{{ vault.re2o_db_password }}"
- uri: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
+ password: "{{ vault.re2o_db_password }}"
+ uri: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
loc_nginx:
real_ip_from:
diff --git a/host_vars/routeur-daniel.adm.crans.org/dhcp.yml b/host_vars/routeur-daniel.adm.crans.org/dhcp.yml
index 6c59aa7f8b8510eb79630ff596c00dd3575defd6..d0960b806fc07bf5951078cac543856f4eeda804 100644
--- a/host_vars/routeur-daniel.adm.crans.org/dhcp.yml
+++ b/host_vars/routeur-daniel.adm.crans.org/dhcp.yml
@@ -1,9 +1,9 @@
---
loc_dhcp:
- authoritative: True
+ authoritative: true
subnets:
- network: "185.230.78.0/24"
- deny_unknown: True
+ deny_unknown: true
vlan: "adh"
default_lease_time: "600"
max_lease_time: "7200"
diff --git a/host_vars/routeur-daniel.adm.crans.org/radvd.yml b/host_vars/routeur-daniel.adm.crans.org/radvd.yml
index 32fb8db2fbd1c20d30854279e9602856b9455ee3..a749ccde8013c005f368309987fe04cd762921bb 100644
--- a/host_vars/routeur-daniel.adm.crans.org/radvd.yml
+++ b/host_vars/routeur-daniel.adm.crans.org/radvd.yml
@@ -1,3 +1,4 @@
+---
loc_radvd:
subnets:
- name: adh
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
index bd58f52ae0a4ae2463148f534546cd11970c9fbd..2308503550df121647397361ed6b4d6090e39477 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
@@ -1,9 +1,9 @@
---
loc_dhcp:
- authoritative: True
+ authoritative: true
subnets:
- network: "185.230.76.0/26"
- deny_unknown: True
+ deny_unknown: true
vlan: "cachan_adh"
default_lease_time: "600"
max_lease_time: "7200"
@@ -14,7 +14,7 @@ loc_dhcp:
options: []
lease_file: "/var/local/services/dhcp/generated/dhcp.cachan-adh.crans.org.list"
- network: "100.64.0.0/16"
- deny_unknown: True
+ deny_unknown: true
vlan: "adh_nat"
default_lease_time: "600"
max_lease_time: "7200"
@@ -25,7 +25,7 @@ loc_dhcp:
options: []
lease_file: "/var/local/services/dhcp/generated/dhcp.adh-nat.crans.org.list"
- network: "172.16.32.0/22"
- deny_unknown: True
+ deny_unknown: true
vlan: "infra"
default_lease_time: "600"
max_lease_time: "7200"
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/radius.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/radius.yml
index 2d3bdb39b91688b84738879c5d29272d29391e91..0b31409dcf78c3dac969a53bc60a329e72335058 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/radius.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/radius.yml
@@ -19,7 +19,7 @@ loc_re2o:
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'cachan-adm') | ipv4 | first }}/"
dn: "cn=admin,dc=crans,dc=org"
database:
- password: "{{ vault.re2o_db_password }}"
- uri: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
+ password: "{{ vault.re2o_db_password }}"
+ uri: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
optional_apps: []
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
index 8074ed0714592aef4413e717997e18f0efa37356..c35b4746269f55f4d7568e41228d56532096fc7c 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
@@ -18,7 +18,7 @@ loc_radvd:
- 2a0c:700:254::ff:fe00:99fe
- name: infra
prefix: fd00:0:0:11::/64
- no_gateway: yes
+ no_gateway: true
dnssl: infra.crans.org
dns:
- fd00::11:0:ff:fe00:9911
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
index 48abc3c8cc50c6c4483e784f5a776ff586df94bf..cbda4b8f6258876ac82d9e471d1507f023d11a56 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
@@ -8,4 +8,3 @@ interfaces:
infra: ens1
zayo: ens2
federez: enp1s3
-
diff --git a/host_vars/routeur-jack.adm.crans.org/dhcp.yml b/host_vars/routeur-jack.adm.crans.org/dhcp.yml
index 6c59aa7f8b8510eb79630ff596c00dd3575defd6..d0960b806fc07bf5951078cac543856f4eeda804 100644
--- a/host_vars/routeur-jack.adm.crans.org/dhcp.yml
+++ b/host_vars/routeur-jack.adm.crans.org/dhcp.yml
@@ -1,9 +1,9 @@
---
loc_dhcp:
- authoritative: True
+ authoritative: true
subnets:
- network: "185.230.78.0/24"
- deny_unknown: True
+ deny_unknown: true
vlan: "adh"
default_lease_time: "600"
max_lease_time: "7200"
diff --git a/host_vars/routeur-jack.adm.crans.org/radvd.yml b/host_vars/routeur-jack.adm.crans.org/radvd.yml
index 32fb8db2fbd1c20d30854279e9602856b9455ee3..a749ccde8013c005f368309987fe04cd762921bb 100644
--- a/host_vars/routeur-jack.adm.crans.org/radvd.yml
+++ b/host_vars/routeur-jack.adm.crans.org/radvd.yml
@@ -1,3 +1,4 @@
+---
loc_radvd:
subnets:
- name: adh
diff --git a/host_vars/routeur-sam.adm.crans.org/dhcp.yml b/host_vars/routeur-sam.adm.crans.org/dhcp.yml
index 6c59aa7f8b8510eb79630ff596c00dd3575defd6..d0960b806fc07bf5951078cac543856f4eeda804 100644
--- a/host_vars/routeur-sam.adm.crans.org/dhcp.yml
+++ b/host_vars/routeur-sam.adm.crans.org/dhcp.yml
@@ -1,9 +1,9 @@
---
loc_dhcp:
- authoritative: True
+ authoritative: true
subnets:
- network: "185.230.78.0/24"
- deny_unknown: True
+ deny_unknown: true
vlan: "adh"
default_lease_time: "600"
max_lease_time: "7200"
diff --git a/host_vars/routeur-sam.adm.crans.org/radvd.yml b/host_vars/routeur-sam.adm.crans.org/radvd.yml
index 32fb8db2fbd1c20d30854279e9602856b9455ee3..a749ccde8013c005f368309987fe04cd762921bb 100644
--- a/host_vars/routeur-sam.adm.crans.org/radvd.yml
+++ b/host_vars/routeur-sam.adm.crans.org/radvd.yml
@@ -1,3 +1,4 @@
+---
loc_radvd:
subnets:
- name: adh
diff --git a/host_vars/sam.adm.crans.org.yml b/host_vars/sam.adm.crans.org.yml
index 0f4a5c1f8bd043da5efd5ce0a9fc16bd0967ac10..3af86ac3ed583fa2a0295b1c4a8618703310ec93 100644
--- a/host_vars/sam.adm.crans.org.yml
+++ b/host_vars/sam.adm.crans.org.yml
@@ -6,5 +6,5 @@ loc_slapd:
loc_postgres:
version: 11
- replica: yes
+ replica: true
addresses: "['sam.adm.crans.org'] + {{ query('ldap', 'ip', 'sam', 'adm') | ipaddr('address') }}"
diff --git a/host_vars/sputnik.adm.crans.org.yml b/host_vars/sputnik.adm.crans.org.yml
index 06a6509147a75130662ff565175895a5c70fb270..4214b05474f2c522b187836a00ba3a9f7da5832a 100644
--- a/host_vars/sputnik.adm.crans.org.yml
+++ b/host_vars/sputnik.adm.crans.org.yml
@@ -73,7 +73,7 @@ loc_nginx:
servers:
- server_name:
- "wiki2.crans.org"
- ssl : "crans.org"
+ ssl: "crans.org"
access_log: "/var/log/nginx/wiki.log combined"
error_log: "/var/log/nginx/wiki.error.log"
additional_params:
diff --git a/host_vars/tealc.adm.crans.org.yml b/host_vars/tealc.adm.crans.org.yml
index e169e9e9387a272c52b9b840eca713809ba38939..69ec1cbdef5b87eac62fa321b61458dd396c135c 100644
--- a/host_vars/tealc.adm.crans.org.yml
+++ b/host_vars/tealc.adm.crans.org.yml
@@ -1,29 +1,30 @@
+---
loc_postgres:
version: 11
hosts:
- db: etherpad
user: crans
- map: { name: etherpad, system: etherpad, pg: crans }
+ map: {name: etherpad, system: etherpad, pg: crans}
- db: etherpad_tmp
user: crans
- map: { name: etherpad_tmp, system: etherpad, pg: crans }
+ map: {name: etherpad_tmp, system: etherpad, pg: crans}
- db: horde5
user: www-data
- map: { name: horde, system: www-data, pg: www-data }
+ map: {name: horde, system: www-data, pg: www-data}
- db: roundcube
user: roundcube
- map: { name: webmail, system: www-data, pg: roundcube }
- - { db: owncloud, user: owncloud }
- - { db: cas, user: cas }
- - { db: hedgedoc, user: hedgedoc }
- - { db: sqlgrey, user: sqlgrey, method: ident }
- - { db: re2o, user: re2o }
- - { db: re2o_test, user: re2o }
- - { db: constellation-dev, user: constellation-dev }
- - { db: mailman3, user: mailman3 }
- - { db: mailman3web, user: mailman3web }
- - { db: all, user: all, subnets: ['127.0.0.1/32','::1/128'], local: yes }
- - { db: replication, user: replication, local: yes }
+ map: {name: webmail, system: www-data, pg: roundcube}
+ - {db: owncloud, user: owncloud}
+ - {db: cas, user: cas}
+ - {db: hedgedoc, user: hedgedoc}
+ - {db: sqlgrey, user: sqlgrey, method: ident}
+ - {db: re2o, user: re2o}
+ - {db: re2o_test, user: re2o}
+ - {db: constellation-dev, user: constellation-dev}
+ - {db: mailman3, user: mailman3}
+ - {db: mailman3web, user: mailman3web}
+ - {db: all, user: all, subnets: ['127.0.0.1/32', '::1/128'], local: true}
+ - {db: replication, user: replication, local: true}
addresses: "['tealc.adm.crans.org'] + {{ query('ldap', 'ip', 'tealc', 'adm') | ipaddr('address') }}"
backup:
dir: /var/local/db-backup
@@ -78,7 +79,7 @@ loc_nginx:
locations:
- filter: "/"
params:
- - "autoindex on"
- - "autoindex_exact_size off"
- - "add_before_body /.html/HEADER.html"
- - "add_after_body /.html/FOOTER.html"
+ - "autoindex on"
+ - "autoindex_exact_size off"
+ - "add_before_body /.html/HEADER.html"
+ - "add_after_body /.html/FOOTER.html"
diff --git a/host_vars/voyager.adm.crans.org.yml b/host_vars/voyager.adm.crans.org.yml
index be4b13d543c5faff4726549d6b356284a4d534de..577c5097823638cac80202ae12f14d0a3aa4d426 100644
--- a/host_vars/voyager.adm.crans.org.yml
+++ b/host_vars/voyager.adm.crans.org.yml
@@ -1,3 +1,4 @@
+---
interfaces:
adm: ens18
srv_nat: ens19
diff --git a/plays/monitoring.yml b/plays/monitoring.yml
index d3f28f31d4caf376a66927939efa83ad30939047..10c3cd8f9ed8e684702b1ef7d65176d50262cb4b 100755
--- a/plays/monitoring.yml
+++ b/plays/monitoring.yml
@@ -40,8 +40,8 @@
- prometheus-nginx-exporter
# Monitor mailq with a special text exporter
-#- hosts: redisdead.adm.crans.org
-# roles: ["prometheus-node-exporter-postfix"]
+# - hosts: redisdead.adm.crans.org
+# roles: ["prometheus-node-exporter-postfix"]
# Monitor logs with mtail
- hosts: mtail
diff --git a/plays/network_interfaces.yml b/plays/network_interfaces.yml
index c3ef158572be866fe6454401bc0d1c4b2b32ad4f..a1e5f13403687e3196bffe301b2b93a6a3dda6b7 100755
--- a/plays/network_interfaces.yml
+++ b/plays/network_interfaces.yml
@@ -2,6 +2,6 @@
---
- hosts: crans_vm,!routeurs_vm
vars:
- network_interfaces: "{{ glob_network_interfaces | default({}) | combine(loc_network_interfaces | default({})) }}"
+ network_interfaces: "{{ glob_network_interfaces | default({}) | combine(loc_network_interfaces | default({})) }}"
roles:
- network-interfaces
diff --git a/plays/zamok.yml b/plays/zamok.yml
index d3cac6cb827b4e4fe55d336f24217741e0043449..6eaa496f9907eadfd5e9d4d4eafb67e05c188a84 100755
--- a/plays/zamok.yml
+++ b/plays/zamok.yml
@@ -8,5 +8,5 @@
adh: '{{ glob_adh | combine(loc_adh | default({}), recursive=True) }}'
roles:
- zamok-tools
-# - postfix
+ # - postfix
- prometheus-node-exporter-postfix
diff --git a/roles/autoconfig/tasks/main.yml b/roles/autoconfig/tasks/main.yml
index 0d06b2063facd92b705a6e9f7934c8247c552c89..8d6d9b9c098c5fbe462b6f6778829a059c0b5412 100644
--- a/roles/autoconfig/tasks/main.yml
+++ b/roles/autoconfig/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- name: Create base directory
file:
path: "{{ autoconfig.path }}/mail"
diff --git a/roles/borgbackup-server/tasks/main.yml b/roles/borgbackup-server/tasks/main.yml
index fc501928640f5578bb872476659dd08e4317276a..c2ed5232fceef4d1f2fa77d9cf008bf2f59b6ad0 100644
--- a/roles/borgbackup-server/tasks/main.yml
+++ b/roles/borgbackup-server/tasks/main.yml
@@ -11,9 +11,9 @@
- name: Create borgbackup user
user:
- create_home: yes
+ create_home: true
home: '/var/lib/borg/'
- system: yes
+ system: true
state: present
update_password: always
name: borg
diff --git a/roles/common-tools/tasks/main.yml b/roles/common-tools/tasks/main.yml
index 814ceb28921437501fb3f11690b0c08b2024667a..e9d544c774ef2d5f3da410fdbda21a2fa5405eba 100644
--- a/roles/common-tools/tasks/main.yml
+++ b/roles/common-tools/tasks/main.yml
@@ -53,7 +53,7 @@
owner: root
group: utmp
mode: '4755'
- check_mode: no
+ check_mode: false
- name: Deploy screen tmpfile
template:
diff --git a/roles/django-cas/tasks/main.yml b/roles/django-cas/tasks/main.yml
index cc854db143bc0a0a320f83d3a70bc64929d18b09..e065f2d010a1f3fc19691f06cf5ac49a9d12063a 100644
--- a/roles/django-cas/tasks/main.yml
+++ b/roles/django-cas/tasks/main.yml
@@ -17,7 +17,7 @@
git:
repo: '{{ django_cas.repo }}'
dest: '{{ django_cas.path }}'
- force: yes
+ force: true
version: master
umask: '002'
diff --git a/roles/dovecot/handlers/main.yml b/roles/dovecot/handlers/main.yml
index c46b8a74b8c28620a126d60a7e7d470f37e248d8..8f8b702c8e3567fce7fc1d2f92329c2d90041e1f 100644
--- a/roles/dovecot/handlers/main.yml
+++ b/roles/dovecot/handlers/main.yml
@@ -2,4 +2,4 @@
- name: Restart dovecot
service:
name: dovecot
- state: restarted
\ No newline at end of file
+ state: restarted
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 550b762996d2841a5e77b5a15b56abf5702ac7ca..6886b14518c49c9585beb748e9d3aaf3eb03ac29 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- name: Install dovecot
apt:
update_cache: true
@@ -23,4 +24,4 @@
- conf.d/10-ssl.conf
- conf.d/auth-system.conf.ext
- dovecot-ldap.conf.ext
- notify: Restart dovecot
\ No newline at end of file
+ notify: Restart dovecot
diff --git a/roles/etherpad/handlers/main.yml b/roles/etherpad/handlers/main.yml
index bf5b290f1a87cac6a7af8711c52928e8e987a326..7c4abcf24b6cbdf061e229defbbda8fcb02522df 100644
--- a/roles/etherpad/handlers/main.yml
+++ b/roles/etherpad/handlers/main.yml
@@ -4,5 +4,3 @@
name: "{{ item.name }}"
state: restarted
loop: "{{ etherpad.instances }}"
-
-
diff --git a/roles/framadate/tasks/main.yml b/roles/framadate/tasks/main.yml
index 130d09faa3a4bc3c2e627a7acf19020cdb86700a..75c292648f87ea897bac2c7bd4c364b61bd1b2e0 100644
--- a/roles/framadate/tasks/main.yml
+++ b/roles/framadate/tasks/main.yml
@@ -10,7 +10,7 @@
- php-mbstring
- php-mysql
- composer
- - python3-passlib # Necessary for htpasswd module
+ - python3-passlib # Necessary for htpasswd module
- python3-pymysql
- mariadb-server
register: apt_result
diff --git a/roles/freeradius/tasks/main.yml b/roles/freeradius/tasks/main.yml
index f861b90fed52de6080ad8d12d9076e772e8de712..4f65879650a32d93294faf2c62e3844e51ca588e 100644
--- a/roles/freeradius/tasks/main.yml
+++ b/roles/freeradius/tasks/main.yml
@@ -44,21 +44,21 @@
src: /var/www/re2o/freeradius_utils/auth.py
dest: /etc/freeradius/3.0/auth.py
state: link
- force: yes
+ force: true
notify: Restart freeradius
- name: Ensure ${certdir}/letsencrypt directory exists
file:
path: /etc/freeradius/3.0/certs/letsencrypt
state: directory
- recurse: yes
+ recurse: true
- name: Symlink radius certificates
file:
src: /etc/letsencrypt/live/crans.org/{{ item }}
dest: /etc/freeradius/3.0/certs/letsencrypt/{{ item }}
state: link
- force: yes
+ force: true
loop:
- fullchain.pem
- privkey.pem
@@ -68,7 +68,7 @@
path: /etc/letsencrypt/{{ item }}
group: freerad
mode: '0755'
- recurse: yes
+ recurse: true
loop:
- live
- archive
diff --git a/roles/galene/tasks/main.yml b/roles/galene/tasks/main.yml
index 0cdf228f3361d151875171a1e2be672eecaa6f63..f74c117bc4d01cc57e05b4e72a5e49fc2e7e40c4 100644
--- a/roles/galene/tasks/main.yml
+++ b/roles/galene/tasks/main.yml
@@ -75,8 +75,8 @@
- name: Enable systemd unit
systemd:
name: galene
- enabled: yes
- daemon_reload: yes
+ enabled: true
+ daemon_reload: true
state: started
- name: Indicate role in motd
diff --git a/roles/inspircd/tasks/main.yml b/roles/inspircd/tasks/main.yml
index b90cd16f9b1fcc1a9709dd40f29e54ab9247d847..8cf51fdada4e101503e806cfacb378e3527aae9b 100644
--- a/roles/inspircd/tasks/main.yml
+++ b/roles/inspircd/tasks/main.yml
@@ -1,6 +1,4 @@
---
-#- name: Install InspIRCd
-
- name: Deploy InspIRCd configuration
template:
src: "inspircd/{{ item.dest }}.j2"
@@ -9,12 +7,12 @@
owner: irc
group: irc
loop:
- - { dest: inspircd.conf, mode: "0644" }
- - { dest: links.conf, mode: "0600" }
- - { dest: power.conf, mode: "0600" }
- - { dest: opers.conf, mode: "0600" }
- - { dest: modules.conf, mode: "0600" }
- - { dest: inspircd.motd, mode: "0644" }
+ - {dest: inspircd.conf, mode: "0644"}
+ - {dest: links.conf, mode: "0600"}
+ - {dest: power.conf, mode: "0600"}
+ - {dest: opers.conf, mode: "0600"}
+ - {dest: modules.conf, mode: "0600"}
+ - {dest: inspircd.motd, mode: "0644"}
notify: Reload InspIRCd
- name: Deploy certificate refresh CRON
diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml
index a7d77af91c49d0231e7e973833e77a030e6308e1..245737e1a241b2085c5c555e4af89b29c633334a 100644
--- a/roles/keepalived/tasks/main.yml
+++ b/roles/keepalived/tasks/main.yml
@@ -56,4 +56,4 @@
name: keepalived
daemon-reload: true
state: started
- enabled: yes
+ enabled: true
diff --git a/roles/linx/tasks/main.yml b/roles/linx/tasks/main.yml
index 60214c5308ffa84aae9ed35ef948e18b4089bd83..6e71dabf19441b7b8f8e87c25fe8033853e81fe6 100644
--- a/roles/linx/tasks/main.yml
+++ b/roles/linx/tasks/main.yml
@@ -1,11 +1,11 @@
---
-#- name: Install linx
+# - name: Install linx
- name: Create linx user
user:
- create_home: yes
+ create_home: true
home: /var/lib/linx
- system: yes
+ system: true
state: present
password: "!"
update_password: always
diff --git a/roles/nfs-common/tasks/main.yml b/roles/nfs-common/tasks/main.yml
index 36ce7be5539e878e3076cb344620594edcb3b08e..ded8852528ce1b098357f33652e3e1f4d01b7e23 100644
--- a/roles/nfs-common/tasks/main.yml
+++ b/roles/nfs-common/tasks/main.yml
@@ -16,11 +16,10 @@
- name: Disable and mask rpcbind.service
systemd:
name: rpcbind.service
- enabled: no
- masked: yes
+ enabled: false
+ masked: true
- name:
systemd:
name: rpcbind.socket
- masked: yes
-
+ masked: true
diff --git a/roles/ntp-server/tasks/main.yml b/roles/ntp-server/tasks/main.yml
index 0bc25d2178fe0c9aaed6e14e4948d211c1c30539..d0542d9060ab8311b6e7b971b698ff563afa9ba4 100644
--- a/roles/ntp-server/tasks/main.yml
+++ b/roles/ntp-server/tasks/main.yml
@@ -12,7 +12,7 @@
path: /etc/default/ntp
regexp: '^NTPD_OPTS'
line: NTPD_OPTS='-g -x'
- check_mode: no
+ check_mode: false
- name: Configure NTP
template:
diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml
index 72e735bb678f6326ffecd4c11b547350a9ff1d1a..ac76fd8fa90f16da3289374ae69439056f89a6d0 100644
--- a/roles/owncloud/tasks/main.yml
+++ b/roles/owncloud/tasks/main.yml
@@ -4,7 +4,7 @@
apt:
update_cache: true
name:
- - gpg
+ - gpg
register: apt_result
retries: 3
until: apt_result is succeeded
diff --git a/roles/policyd/tasks/main.yml b/roles/policyd/tasks/main.yml
index cb0450762b1089c6da2ad47f5e9dabbd9160e349..b2330d1e03504835f006d9b1b1c6d1f3908f17b9 100644
--- a/roles/policyd/tasks/main.yml
+++ b/roles/policyd/tasks/main.yml
@@ -1,3 +1,4 @@
+---
- name: Install policyd-rate-limit
apt:
update_cache: true
@@ -17,8 +18,8 @@
dest: "{{ item.dest }}"
chmod: 0640
loop:
- - { src: policyd/policyd-rate-limit.yaml.j2, dest: /etc/policyd-rate-limit.yaml }
- - { src: policyd/policyd.py.j2, dest: /usr/lib/python3/dist-packages/policyd_rate_limit }
+ - {src: policyd/policyd-rate-limit.yaml.j2, dest: /etc/policyd-rate-limit.yaml}
+ - {src: policyd/policyd.py.j2, dest: /usr/lib/python3/dist-packages/policyd_rate_limit}
when: postfix.primary
- name: Indicate role in motd
diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml
index e90aa6a6a87b1c298ca27ca0f2d9e14f3f60b896..eea13c0cdfdd641c91da21fe48cab6278b8ae1d6 100644
--- a/roles/postgresql/tasks/main.yml
+++ b/roles/postgresql/tasks/main.yml
@@ -46,8 +46,8 @@
owner: postgres
group: postgres
loop:
- - pg_hba.conf
- - pg_ident.conf
+ - pg_hba.conf
+ - pg_ident.conf
notify:
- reload postgresql
when: 'not(postgres.replica | default(False))'
diff --git a/roles/prometheus-node-exporter/handlers/main.yml b/roles/prometheus-node-exporter/handlers/main.yml
index 4c81d63ac6a07816750b3b2cbc0df39fc0d5634d..db71ecdb7f95812db3b1d2faabbd85951710a4a3 100644
--- a/roles/prometheus-node-exporter/handlers/main.yml
+++ b/roles/prometheus-node-exporter/handlers/main.yml
@@ -6,4 +6,4 @@
- name: systemctl daemon-reload
systemd:
- daemon_reload: yes
+ daemon_reload: true
diff --git a/roles/prometheus-node-exporter/tasks/main.yml b/roles/prometheus-node-exporter/tasks/main.yml
index e72db0a359f98d708dff206feb9c575c337adb42..198fc087159665a9def35c0cbff0353918f1bb42 100644
--- a/roles/prometheus-node-exporter/tasks/main.yml
+++ b/roles/prometheus-node-exporter/tasks/main.yml
@@ -40,7 +40,7 @@
- name: systemctl daemon-reload
systemd:
- daemon_reload: yes
+ daemon_reload: true
when: override.changed
- name: Activate prometheus-node-exporter service
diff --git a/roles/re2o-ldap-replica/tasks/main.yml b/roles/re2o-ldap-replica/tasks/main.yml
index 558df2fabb6e630c6738203897f2fa781e51e094..0bcd4c8dbac29cf810ad499c9f07ff25416dfe8e 100644
--- a/roles/re2o-ldap-replica/tasks/main.yml
+++ b/roles/re2o-ldap-replica/tasks/main.yml
@@ -99,11 +99,11 @@
- name: Enable LDAPS
lineinfile:
- path: /etc/default/slapd
- regexp: '^SLAPD_SERVICES='
- line: 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
+ path: /etc/default/slapd
+ regexp: '^SLAPD_SERVICES='
+ line: 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
notify: Restart slapd
- check_mode: no
+ check_mode: false
- name: Touch installation marker
when: not installation.stat.exists
diff --git a/roles/slapd/tasks/main.yml b/roles/slapd/tasks/main.yml
index f377a77efcd73c9402c9c1d7b83cda761709c6dc..cfafc65efa38a7008cdae260fa52089a5730a172 100644
--- a/roles/slapd/tasks/main.yml
+++ b/roles/slapd/tasks/main.yml
@@ -21,15 +21,15 @@
owner: openldap
group: openldap
loop:
- - { dest: slapd.conf, mode: "0600" }
- - { dest: ldap.key, mode: "0600" }
- - { dest: ldap.pem, mode: "0644" }
+ - {dest: slapd.conf, mode: "0600"}
+ - {dest: ldap.key, mode: "0600"}
+ - {dest: ldap.pem, mode: "0644"}
notify: Restart slapd
- name: Deploy ldap services
lineinfile:
- path: /etc/default/slapd
- regexp: '^SLAPD_SERVICES='
- line: 'SLAPD_SERVICES="ldaps://{{ slapd.ip }}/ ldapi:///"'
+ path: /etc/default/slapd
+ regexp: '^SLAPD_SERVICES='
+ line: 'SLAPD_SERVICES="ldaps://{{ slapd.ip }}/ ldapi:///"'
notify: Restart slapd
- check_mode: no
+ check_mode: false
diff --git a/roles/statping/tasks/main.yml b/roles/statping/tasks/main.yml
index 03578d7083a8ec1bbabd83600c3f4faf5ffcb017..f153e0df3ccbffd6208e456ae9210059897acdde 100644
--- a/roles/statping/tasks/main.yml
+++ b/roles/statping/tasks/main.yml
@@ -3,13 +3,13 @@
unarchive:
src: https://github.com/statping/statping/releases/download/v0.90.74/statping-linux-amd64.tar.gz
dest: /usr/local/bin/
- remote_src: yes
+ remote_src: true
- name: Create statping user
user:
- create_home: yes
+ create_home: true
home: /var/lib/statping
- system: yes
+ system: true
state: present
password: "!"
update_password: always
diff --git a/roles/zamok-tools/tasks/main.yml b/roles/zamok-tools/tasks/main.yml
index ec2876e887cbe06f2d02ce906ebeb7d5f5d84a37..ed2900207939ebf031bcf71de301a3e1afa34f15 100644
--- a/roles/zamok-tools/tasks/main.yml
+++ b/roles/zamok-tools/tasks/main.yml
@@ -15,7 +15,7 @@
update_cache: true
name:
- apache2
- - bat # Rajouté par shirenn le 10/11/2021
+ - bat # Rajouté par shirenn le 10/11/2021
- bitlbee # Demande du 06/09/2017 17:40 sur #crans
- byobu
- cabal-install