Commit c7068ac5 authored by shirenn's avatar shirenn 🌊
Browse files

linter2

parent a73d5892
......@@ -3,4 +3,7 @@ extends: default
rules:
line-length: disable
braces:
min-spaces-inside: 0
max-spaces-inside: 1
...
......@@ -2,7 +2,7 @@
glob_adh:
apache:
listen_local:
- "127.0.0.1:80"
- 127.0.0.1:80
- "[::1]:80"
listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap }}"
club_vhosts:
......
---
# Custom header
dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe', 'git diff --quiet || echo dirty') }}{% endif %}"
dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe',\
\ 'git diff --quiet || echo dirty') }}{% endif %}"
ansible_header: |
+++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
Ansible managed, don't modify the file locally.
See https://gitlab.crans.org/nounous/ansible.
{% if template_fullpath is defined %}{% set _, rpath = template_fullpath.split('roles/', 1) %}Commit: {% if dirty %}({{dirty}}) {% endif %}{{ lookup('pipe', 'git log -n 1 --pretty=format:%H -- ' + template_fullpath | quote) }}
{% if dirty %}Run by: {{ ansible_env.SUDO_USER }}
{% else %}Author: {{ lookup('pipe', 'git log -n 1 --pretty=format:%an -- ' + template_fullpath | quote) }}
{% endif %}Template: roles/{{ rpath }}
{% else %}
Run by: {{ ansible_env.SUDO_USER }}
Latest commit: {% if dirty %}({{dirty}}) {% endif %}{{ lookup('pipe', 'git rev-parse HEAD') }}
{% endif %}
Ansible managed, don't modify the file locally.
See https://gitlab.crans.org/nounous/ansible.
{% if template_fullpath is defined %}{% set _, rpath = template_fullpath.split('roles/', 1) %}Commit: {% if dirty %}({{ dirty }}) {% endif %}{{ lookup('pipe', 'git log -n 1 --pretty=format:%H -- ' + template_fullpath | quote) }}
{% if dirty %}Run by: {{ ansible_env.SUDO_USER }}
{% else %}Author: {{ lookup('pipe', 'git log -n 1 --pretty=format:%an -- ' + template_fullpath | quote) }}
{% endif %}Template: roles/{{ rpath }}
{% else %}
Run by: {{ ansible_env.SUDO_USER }}
Latest commit: {% if dirty %}({{ dirty }}) {% endif %}{{ lookup('pipe', 'git rev-parse HEAD') }}
{% endif %}
+++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
......@@ -11,8 +11,8 @@ glob_borg:
remote:
- borg@backup-ft.adm.crans.org:/backup/borg-server/{{ ansible_hostname }}
retention:
- ["daily", 4]
- ["monthly", 6]
- [daily, 4]
- [monthly, 6]
consistency_check:
- disabled
extra_init:
......
......@@ -7,4 +7,4 @@ glob_home_nounou:
name: home_nounou
owner: root
group: _user
mode: '0750'
mode: "0750"
---
glob_ldap:
uri: 'ldap://re2o-ldap.adm.crans.org/'
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
uri: ldap://re2o-ldap.adm.crans.org/
users_base: cn=Utilisateurs,dc=crans,dc=org
servers:
- 172.16.10.1
- 172.16.10.11
- 172.16.10.12
- 172.16.10.13
base: 'dc=crans,dc=org'
base: dc=crans,dc=org
......@@ -14,10 +14,11 @@ glob_network_interfaces:
- name: san
id: 4
extra:
- "mtu 9000"
- mtu 9000
- name: adm
id: 10
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first }}"
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first\
\ }}"
- name: adh
id: 12
gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"
......
---
glob_root:
passwd_hash: '{{ vault.root.passwd_hash }}'
passwd_hash: "{{ vault.root.passwd_hash }}"
......@@ -12,4 +12,4 @@ glob_service_ssh_known_hosts:
frequency: "*/10 * * * *"
config:
ldap:
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
server: ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}
......@@ -8,6 +8,6 @@ glob_service_proxy:
generated: false
cron:
frequency: "* * * * *"
options: "--alter"
options: --alter
proto_id: 201
main_interface: ens18
......@@ -7,4 +7,4 @@ loc_home_nounou:
name: home_nounou
owner: root
group: _user
mode: '0750'
mode: "0750"
......@@ -2,4 +2,4 @@
loc_service_ssh_known_hosts:
config:
ldap:
server: "ldaps://{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
server: ldaps://{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}
......@@ -12,4 +12,4 @@ logos:
where: /usr/share/belenios-server/logo.png
owner: root
group: root
mode: '0644'
mode: "0644"
......@@ -13,7 +13,7 @@ glob_service_certbot:
remote: https://gitlab.adm.crans.org/nounous/certbot
version: main
config:
"crans.org":
crans.org:
zone: _acme-challenge.crans.org
server: 172.16.10.147
port: 53
......
......@@ -4,41 +4,41 @@ glob_constellation:
admins:
- ('Root', 'root@crans.org')
allowed_hosts:
- 'constellation.crans.org'
- 'intranet.crans.org'
- constellation.crans.org
- intranet.crans.org
email:
ssl: false
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
port: 25
user: ''
password: ''
from: "root@crans.org"
from_full: "Crans <root@crans.org>"
user: ""
password: ""
from: root@crans.org
from_full: Crans <root@crans.org>
database:
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
port: 5432
user: 'constellation'
user: constellation
password: "{{ vault.constellation.django_db_password }}"
name: 'constellation'
name: constellation
front: true
crontab: true
applications:
- 'access'
- 'billing'
- 'dnsmanager'
- 'firewall'
- 'layers'
- 'management'
- 'member'
- 'topography'
- 'unix'
- access
- billing
- dnsmanager
- firewall
- layers
- management
- member
- topography
- unix
stripe:
private_key: '{{ vault.constellation.stripe.live.private_key }}'
public_key: '{{ vault.constellation.stripe.live.public_key }}'
private_key: "{{ vault.constellation.stripe.live.private_key }}"
public_key: "{{ vault.constellation.stripe.live.public_key }}"
note:
url: 'https://note.crans.org/'
client_id: '{{ vault.constellation.note.client_id }}'
client_secret: '{{ vault.constellation.note.client_secret }}'
url: https://note.crans.org/
client_id: "{{ vault.constellation.note.client_id }}"
client_secret: "{{ vault.constellation.note.client_secret }}"
debug: false
owner: root
group: _nounou
......
......@@ -6,25 +6,25 @@ loc_nginx:
- ssl: false
default: true
server_name:
- "constellation.crans.org"
- "intranet.crans.org"
- constellation.crans.org
- intranet.crans.org
locations:
- filter: "/static"
- filter: /static
params:
- "alias {% if constellation.version == 'main' %}/var/lib/constellation/static/{% else %}/var/local/constellation/static/{% endif %}"
- alias {% if constellation.version == 'main' %}/var/lib/constellation/static/{% else %}/var/local/constellation/static/{% endif %}
- filter: "/media"
- filter: /media
params:
- "alias {% if constellation.version == 'main' %}/var/lib/constellation/media/{% else %}/var/local/constellation/media/{% endif %}"
- alias {% if constellation.version == 'main' %}/var/lib/constellation/media/{% else %}/var/local/constellation/media/{% endif %}
- filter: "/doc"
- filter: /doc
params:
- "alias /var/www/constellation-doc/"
- alias /var/www/constellation-doc/
- filter: "/"
- filter: /
params:
- "uwsgi_pass constellation"
- "include /etc/nginx/uwsgi_params"
- uwsgi_pass constellation
- include /etc/nginx/uwsgi_params
upstreams:
- name: 'constellation'
server: 'unix:///var/run/uwsgi/app/constellation/constellation.sock'
- name: constellation
server: unix:///var/run/uwsgi/app/constellation/constellation.sock
---
glob_dhcp:
global_options:
- {key: "interface-mtu", value: "1500"}
- { key: interface-mtu, value: "1500" }
global_parameters: []
glob_service_dhcp:
name: dhcp
install_dir: /var/local/services/dhcp
......
---
glob_django_cas:
repo: 'http://gitlab.adm.crans.org/nounous/django-cas.git'
path: '/var/local/django-cas'
repo: http://gitlab.adm.crans.org/nounous/django-cas.git
path: /var/local/django-cas
ldap:
dn: 'cn=Utilisateurs,dc=crans,dc=org'
dn: cn=Utilisateurs,dc=crans,dc=org
password: "{{ vault.cas.ldap.password }}"
user: 'cn=cas,ou=service-users,dc=crans,dc=org'
user: cn=cas,ou=service-users,dc=crans,dc=org
server: 172.16.10.157
db:
host: tealc.adm.crans.org
password: "{{ vault.cas.database.password }}"
secret_key: "{{ vault.cas.secret_key }}"
mail:
address: 'root@crans.org'
address: root@crans.org
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
port: 25
loc_nginx:
service_name: "cas"
service_name: cas
ssl: []
servers:
- server_name:
......@@ -29,16 +29,16 @@ loc_nginx:
- auth.adm.crans.org
default: true
locations:
- filter: "/cas"
- filter: /cas
params:
- "rewrite ^/cas$ / redirect"
- "rewrite ^/cas/(.*)$ /$1 redirect"
- rewrite ^/cas$ / redirect
- rewrite ^/cas/(.*)$ /$1 redirect
- filter: "/static"
- filter: /static
params:
- "alias /var/local/django-cas/cas/local_static"
- alias /var/local/django-cas/cas/local_static
- filter: "/"
- filter: /
params:
- "uwsgi_pass unix:///var/run/uwsgi/app/cas/socket"
- "include uwsgi_params"
- uwsgi_pass unix:///var/run/uwsgi/app/cas/socket
- include uwsgi_params
---
glob_bind:
default:
format: 'bak.%s'
format: bak.%s
zones:
'_acme-challenge.crans.org':
'_acme-challenge.adm.crans.org':
'adh.crans.org': {}
'adm.crans.org': {}
'cachan-adm.crans.org': {}
'crans.eu': {}
'crans.fr': {}
'crans.org': {}
'lists.crans.org': {}
'san.crans.org': {}
'renater.crans.org': {}
'ens.crans.org': {}
'lp.crans.org': {}
'admissibles.crans.org': {}
'76.230.185.in-addr.arpa': {}
'77.230.185.in-addr.arpa': {}
'78.230.185.in-addr.arpa': {}
'79.230.185.in-addr.arpa': {}
'0.0.7.0.c.0.a.2.ip6.arpa': {}
_acme-challenge.crans.org:
_acme-challenge.adm.crans.org:
adh.crans.org: {}
adm.crans.org: {}
cachan-adm.crans.org: {}
crans.eu: {}
crans.fr: {}
crans.org: {}
lists.crans.org: {}
san.crans.org: {}
renater.crans.org: {}
ens.crans.org: {}
lp.crans.org: {}
admissibles.crans.org: {}
76.230.185.in-addr.arpa: {}
77.230.185.in-addr.arpa: {}
78.230.185.in-addr.arpa: {}
79.230.185.in-addr.arpa: {}
0.0.7.0.c.0.a.2.ip6.arpa: {}
---
glob_dovecot:
ldap:
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/"
dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
uri: ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/
dn: cn=dovecot,ou=service-users,dc=crans,dc=org
pass: "{{ vault.dovecot_dnpass }}"
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
home_path: '/home_adh'
users_base: cn=Utilisateurs,dc=crans,dc=org
home_path: /home_adh
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap | join(', ') }}"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment