linter2

c7068ac5 · shirenn · a73d5892 · c7068ac5 · c7068ac5 · c7068ac5
Commit c7068ac5 authored Jul 05, 2022 by shirenn 🌊
--- a/.yamllint.yml
+++ b/.yamllint.yml
@@ -3,4 +3,7 @@ extends: default

 rules:
  line-length: disable
+  braces:
+    min-spaces-inside: 0
+    max-spaces-inside: 1
 ...
--- a/group_vars/adh_server.yml
+++ b/group_vars/adh_server.yml
@@ -2,7 +2,7 @@
 glob_adh:
  apache:
    listen_local:
-      - "127.0.0.1:80"
+      - 127.0.0.1:80
      - "[::1]:80"
    listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap }}"
    club_vhosts:

--- a/group_vars/all/ansible-header.yml
+++ b/group_vars/all/ansible-header.yml
 ---
 # Custom header
-dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe', 'git diff --quiet || echo dirty') }}{% endif %}"
+dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe',\
+  \ 'git diff --quiet || echo dirty') }}{% endif %}"
 ansible_header: |
-    +++++++++++++++++++++++++++++++++++++++++++++++++++
+  +++++++++++++++++++++++++++++++++++++++++++++++++++

-       Ansible managed, don't modify the file locally.
-       See https://gitlab.crans.org/nounous/ansible.
-       {% if template_fullpath is defined %}{% set _, rpath = template_fullpath.split('roles/', 1) %}Commit: {% if dirty %}({{dirty}}) {% endif %}{{ lookup('pipe', 'git log -n 1 --pretty=format:%H -- ' + template_fullpath | quote) }}
-       {% if dirty %}Run by: {{ ansible_env.SUDO_USER }}
-       {% else %}Author: {{ lookup('pipe', 'git log -n 1 --pretty=format:%an -- ' + template_fullpath | quote) }}
-       {% endif %}Template: roles/{{ rpath }}
-       {% else %}
-       Run by: {{ ansible_env.SUDO_USER }}
-       Latest commit: {% if dirty %}({{dirty}}) {% endif %}{{ lookup('pipe', 'git rev-parse HEAD') }}
-       {% endif %}
+     Ansible managed, don't modify the file locally.
+     See https://gitlab.crans.org/nounous/ansible.
+     {% if template_fullpath is defined %}{% set _, rpath = template_fullpath.split('roles/', 1) %}Commit: {% if dirty %}({{ dirty }}) {% endif %}{{ lookup('pipe', 'git log -n 1 --pretty=format:%H -- ' + template_fullpath | quote) }}
+     {% if dirty %}Run by: {{ ansible_env.SUDO_USER }}
+     {% else %}Author: {{ lookup('pipe', 'git log -n 1 --pretty=format:%an -- ' + template_fullpath | quote) }}
+     {% endif %}Template: roles/{{ rpath }}
+     {% else %}
+     Run by: {{ ansible_env.SUDO_USER }}
+     Latest commit: {% if dirty %}({{ dirty }}) {% endif %}{{ lookup('pipe', 'git rev-parse HEAD') }}
+     {% endif %}

-    +++++++++++++++++++++++++++++++++++++++++++++++++++
+  +++++++++++++++++++++++++++++++++++++++++++++++++++
--- a/group_vars/all/borg.yml
+++ b/group_vars/all/borg.yml
@@ -11,8 +11,8 @@ glob_borg:
  remote:
    - borg@backup-ft.adm.crans.org:/backup/borg-server/{{ ansible_hostname }}
  retention:
-    - ["daily", 4]
-    - ["monthly", 6]
+    - [daily, 4]
+    - [monthly, 6]
  consistency_check:
    - disabled
  extra_init:

--- a/group_vars/all/home_nounou.yml
+++ b/group_vars/all/home_nounou.yml
@@ -7,4 +7,4 @@ glob_home_nounou:
      name: home_nounou
      owner: root
      group: _user
-      mode: '0750'
+      mode: "0750"
--- a/group_vars/all/ldap.yml
+++ b/group_vars/all/ldap.yml
 ---
 glob_ldap:
-  uri: 'ldap://re2o-ldap.adm.crans.org/'
-  users_base: 'cn=Utilisateurs,dc=crans,dc=org'
+  uri: ldap://re2o-ldap.adm.crans.org/
+  users_base: cn=Utilisateurs,dc=crans,dc=org
  servers:
    - 172.16.10.1
    - 172.16.10.11
    - 172.16.10.12
    - 172.16.10.13
-  base: 'dc=crans,dc=org'
+  base: dc=crans,dc=org
--- a/group_vars/all/network_interfaces.yml
+++ b/group_vars/all/network_interfaces.yml
@@ -14,10 +14,11 @@ glob_network_interfaces:
    - name: san
      id: 4
      extra:
-        - "mtu 9000"
+        - mtu 9000
    - name: adm
      id: 10
-      dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first }}"
+      dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first\
+        \ }}"
    - name: adh
      id: 12
      gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"

--- a/group_vars/all/root.yml
+++ b/group_vars/all/root.yml
 ---
 glob_root:
-  passwd_hash: '{{ vault.root.passwd_hash }}'
+  passwd_hash: "{{ vault.root.passwd_hash }}"
--- a/group_vars/all/ssh_known_hosts.yml
+++ b/group_vars/all/ssh_known_hosts.yml
@@ -12,4 +12,4 @@ glob_service_ssh_known_hosts:
    frequency: "*/10 * * * *"
  config:
    ldap:
-      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
+      server: ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}
--- a/group_vars/arpproxy.yml
+++ b/group_vars/arpproxy.yml
@@ -8,6 +8,6 @@ glob_service_proxy:
  generated: false
  cron:
    frequency: "* * * * *"
-    options: "--alter"
+    options: --alter
  proto_id: 201
  main_interface: ens18
--- a/group_vars/aurore/home_nounou.yml
+++ b/group_vars/aurore/home_nounou.yml
@@ -7,4 +7,4 @@ loc_home_nounou:
      name: home_nounou
      owner: root
      group: _user
-      mode: '0750'
+      mode: "0750"
--- a/group_vars/aurore/ssh_known_hosts.yml
+++ b/group_vars/aurore/ssh_known_hosts.yml
@@ -2,4 +2,4 @@
 loc_service_ssh_known_hosts:
  config:
    ldap:
-      server: "ldaps://{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
+      server: ldaps://{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}
--- a/group_vars/belenios.yml
+++ b/group_vars/belenios.yml
@@ -12,4 +12,4 @@ logos:
    where: /usr/share/belenios-server/logo.png
    owner: root
    group: root
-    mode: '0644'
+    mode: "0644"
--- a/group_vars/certbot.yml
+++ b/group_vars/certbot.yml
@@ -13,7 +13,7 @@ glob_service_certbot:
    remote: https://gitlab.adm.crans.org/nounous/certbot
    version: main
  config:
-    "crans.org":
+    crans.org:
      zone: _acme-challenge.crans.org
      server: 172.16.10.147
      port: 53

--- a/group_vars/constellation.yml
+++ b/group_vars/constellation.yml
@@ -4,41 +4,41 @@ glob_constellation:
  admins:
    - ('Root', 'root@crans.org')
  allowed_hosts:
-    - 'constellation.crans.org'
-    - 'intranet.crans.org'
+    - constellation.crans.org
+    - intranet.crans.org
  email:
    ssl: false
    host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
    port: 25
-    user: ''
-    password: ''
-    from: "root@crans.org"
-    from_full: "Crans <root@crans.org>"
+    user: ""
+    password: ""
+    from: root@crans.org
+    from_full: Crans <root@crans.org>
  database:
    host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
    port: 5432
-    user: 'constellation'
+    user: constellation
    password: "{{ vault.constellation.django_db_password }}"
-    name: 'constellation'
+    name: constellation
  front: true
  crontab: true
  applications:
-    - 'access'
-    - 'billing'
-    - 'dnsmanager'
-    - 'firewall'
-    - 'layers'
-    - 'management'
-    - 'member'
-    - 'topography'
-    - 'unix'
+    - access
+    - billing
+    - dnsmanager
+    - firewall
+    - layers
+    - management
+    - member
+    - topography
+    - unix
  stripe:
-    private_key: '{{ vault.constellation.stripe.live.private_key }}'
-    public_key: '{{ vault.constellation.stripe.live.public_key }}'
+    private_key: "{{ vault.constellation.stripe.live.private_key }}"
+    public_key: "{{ vault.constellation.stripe.live.public_key }}"
  note:
-    url: 'https://note.crans.org/'
-    client_id: '{{ vault.constellation.note.client_id }}'
-    client_secret: '{{ vault.constellation.note.client_secret }}'
+    url: https://note.crans.org/
+    client_id: "{{ vault.constellation.note.client_id }}"
+    client_secret: "{{ vault.constellation.note.client_secret }}"
  debug: false
  owner: root
  group: _nounou

--- a/group_vars/constellation_front.yml
+++ b/group_vars/constellation_front.yml
@@ -6,25 +6,25 @@ loc_nginx:
    - ssl: false
      default: true
      server_name:
-        - "constellation.crans.org"
-        - "intranet.crans.org"
+        - constellation.crans.org
+        - intranet.crans.org
      locations:
-        - filter: "/static"
+        - filter: /static
          params:
-            - "alias {% if constellation.version == 'main' %}/var/lib/constellation/static/{% else %}/var/local/constellation/static/{% endif %}"
+            - alias {% if constellation.version == 'main' %}/var/lib/constellation/static/{% else %}/var/local/constellation/static/{% endif %}

-        - filter: "/media"
+        - filter: /media
          params:
-            - "alias {% if constellation.version == 'main' %}/var/lib/constellation/media/{% else %}/var/local/constellation/media/{% endif %}"
+            - alias {% if constellation.version == 'main' %}/var/lib/constellation/media/{% else %}/var/local/constellation/media/{% endif %}

-        - filter: "/doc"
+        - filter: /doc
          params:
-            - "alias /var/www/constellation-doc/"
+            - alias /var/www/constellation-doc/

-        - filter: "/"
+        - filter: /
          params:
-            - "uwsgi_pass constellation"
-            - "include /etc/nginx/uwsgi_params"
+            - uwsgi_pass constellation
+            - include /etc/nginx/uwsgi_params
  upstreams:
-    - name: 'constellation'
-      server: 'unix:///var/run/uwsgi/app/constellation/constellation.sock'
+    - name: constellation
+      server: unix:///var/run/uwsgi/app/constellation/constellation.sock
--- a/group_vars/dhcp.yml
+++ b/group_vars/dhcp.yml
 ---
 glob_dhcp:
  global_options:
-    - {key: "interface-mtu", value: "1500"}
+    - { key: interface-mtu, value: "1500" }
  global_parameters: []
-
 glob_service_dhcp:
  name: dhcp
  install_dir: /var/local/services/dhcp

--- a/group_vars/django_cas.yml
+++ b/group_vars/django_cas.yml
 ---
 glob_django_cas:
-  repo: 'http://gitlab.adm.crans.org/nounous/django-cas.git'
-  path: '/var/local/django-cas'
+  repo: http://gitlab.adm.crans.org/nounous/django-cas.git
+  path: /var/local/django-cas
  ldap:
-    dn: 'cn=Utilisateurs,dc=crans,dc=org'
+    dn: cn=Utilisateurs,dc=crans,dc=org
    password: "{{ vault.cas.ldap.password }}"
-    user: 'cn=cas,ou=service-users,dc=crans,dc=org'
+    user: cn=cas,ou=service-users,dc=crans,dc=org
    server: 172.16.10.157
  db:
    host: tealc.adm.crans.org
    password: "{{ vault.cas.database.password }}"
  secret_key: "{{ vault.cas.secret_key }}"
  mail:
-    address: 'root@crans.org'
+    address: root@crans.org
    host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
    port: 25

 loc_nginx:
-  service_name: "cas"
+  service_name: cas
  ssl: []
  servers:
    - server_name:
@@ -29,16 +29,16 @@ loc_nginx:
        - auth.adm.crans.org
      default: true
      locations:
-        - filter: "/cas"
+        - filter: /cas
          params:
-            - "rewrite ^/cas$ / redirect"
-            - "rewrite ^/cas/(.*)$ /$1 redirect"
+            - rewrite ^/cas$ / redirect
+            - rewrite ^/cas/(.*)$ /$1 redirect

-        - filter: "/static"
+        - filter: /static
          params:
-            - "alias /var/local/django-cas/cas/local_static"
+            - alias /var/local/django-cas/cas/local_static

-        - filter: "/"
+        - filter: /
          params:
-            - "uwsgi_pass unix:///var/run/uwsgi/app/cas/socket"
-            - "include uwsgi_params"
+            - uwsgi_pass unix:///var/run/uwsgi/app/cas/socket
+            - include uwsgi_params
--- a/group_vars/dns_authoritative.yml
+++ b/group_vars/dns_authoritative.yml
 ---
 glob_bind:
  default:
-    format: 'bak.%s'
+    format: bak.%s
  zones:
-    '_acme-challenge.crans.org':
-    '_acme-challenge.adm.crans.org':
-    'adh.crans.org': {}
-    'adm.crans.org': {}
-    'cachan-adm.crans.org': {}
-    'crans.eu': {}
-    'crans.fr': {}
-    'crans.org': {}
-    'lists.crans.org': {}
-    'san.crans.org': {}
-    'renater.crans.org': {}
-    'ens.crans.org': {}
-    'lp.crans.org': {}
-    'admissibles.crans.org': {}
-    '76.230.185.in-addr.arpa': {}
-    '77.230.185.in-addr.arpa': {}
-    '78.230.185.in-addr.arpa': {}
-    '79.230.185.in-addr.arpa': {}
-    '0.0.7.0.c.0.a.2.ip6.arpa': {}
+    _acme-challenge.crans.org:
+    _acme-challenge.adm.crans.org:
+    adh.crans.org: {}
+    adm.crans.org: {}
+    cachan-adm.crans.org: {}
+    crans.eu: {}
+    crans.fr: {}
+    crans.org: {}
+    lists.crans.org: {}
+    san.crans.org: {}
+    renater.crans.org: {}
+    ens.crans.org: {}
+    lp.crans.org: {}
+    admissibles.crans.org: {}
+    76.230.185.in-addr.arpa: {}
+    77.230.185.in-addr.arpa: {}
+    78.230.185.in-addr.arpa: {}
+    79.230.185.in-addr.arpa: {}
+    0.0.7.0.c.0.a.2.ip6.arpa: {}
--- a/group_vars/dovecot.yml
+++ b/group_vars/dovecot.yml
 ---
 glob_dovecot:
  ldap:
-    uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/"
-    dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
+    uri: ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/
+    dn: cn=dovecot,ou=service-users,dc=crans,dc=org
    pass: "{{ vault.dovecot_dnpass }}"
-    users_base: 'cn=Utilisateurs,dc=crans,dc=org'
-  home_path: '/home_adh'
+    users_base: cn=Utilisateurs,dc=crans,dc=org
+  home_path: /home_adh
  inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap | join(', ') }}"