fix ansible-lint lints

6 files changed, 21 insertions, 17 deletions

diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml
new file mode 100644
index 0000000..e4f3da5
--- /dev/null
+++ b/.config/ansible-lint.yml
@@ -0,0 +1,3 @@
+skip_list:
+  - package-latest  # Package installs should not use latest.
+  - yaml[commas]    # Violations reported by yamllint.
diff --git a/roles/packages/tasks/main.yml b/roles/packages/tasks/main.yml
index d3f0720..c9218bc 100644
--- a/roles/packages/tasks/main.yml
+++ b/roles/packages/tasks/main.yml
@@ -1,19 +1,19 @@
 ---
 - name: Install EPEL
-  become: True
+  become: true
   ansible.builtin.package:
     name: epel-release
     state: latest
   when: ansible_facts['os_family'] == 'RedHat'
 
-#- name: Update all packages
-#  become: True
-#  ansible.builtin.package:
-#    name: "*"
-#    state: latest
+# - name: Update all packages
+#   become: True
+#   ansible.builtin.package:
+#     name: "*"
+#     state: latest
 
 - name: Install packages
-  become: True
+  become: true
   ansible.builtin.package:
     name: "{{ item }}"
     state: latest
@@ -24,7 +24,7 @@
     - netcat
 
 - name: Set fish as default shell
-  become: True
+  become: true
   ansible.builtin.user:
     name: "{{ USER }}"
-    shell: /usr/bin/fish
\ No newline at end of file
+    shell: /usr/bin/fish
diff --git a/roles/sshd/handlers/main.yml b/roles/sshd/handlers/main.yml
index 429dd83..2aadb6d 100644
--- a/roles/sshd/handlers/main.yml
+++ b/roles/sshd/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Restart sshd
-  become: True
+  become: true
   ansible.builtin.service:
     name: sshd
-    state: restarted
\ No newline at end of file
+    state: restarted
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index c4dd9ea..a0f2ba3 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Configure sshd
-  become: True
-  lineinfile:
+  become: true
+  ansible.builtin.lineinfile:
     dest: "/etc/ssh/sshd_config"
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
@@ -10,4 +10,4 @@
     - { regex: '^(#\s*)?PermitEmptyPasswords'  , line: 'PermitEmptyPasswords no' }
     - { regex: '^(#\s*)?PermitRootLogin'       , line: 'PermitRootLogin no' }
     - { regex: '^(#\s*)?PasswordAuthentication', line: 'PasswordAuthentication no' }
-    - { regex: '^(#\s*)?UsePAM'                , line: 'UsePAM yes' }
\ No newline at end of file
+    - { regex: '^(#\s*)?UsePAM'                , line: 'UsePAM yes' }
diff --git a/roles/webserver/handlers/main.yml b/roles/webserver/handlers/main.yml
index 3e327d5..d75a7f3 100644
--- a/roles/webserver/handlers/main.yml
+++ b/roles/webserver/handlers/main.yml
@@ -3,4 +3,4 @@
   containers.podman.podman_container:
     name: webserver
     state: started
-    restart: yes
\ No newline at end of file
+    restart: true
diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml
index a849f2c..b17536e 100644
--- a/roles/webserver/tasks/main.yml
+++ b/roles/webserver/tasks/main.yml
@@ -5,6 +5,7 @@
     dest: "{{ DATA_ROOT }}/nginx"
     owner: "{{ USER }}"
     group: "{{ USER }}"
+    mode: '0644'
   loop:
     - www
     - user_conf.d
@@ -43,7 +44,7 @@
     jump: REDIRECT
     to_ports: "{{ item.to }}"
     comment: "Redirect web traffic {{ item.from }} -> {{ item.to }}"
-  become: yes
+  become: true
   loop:
     - { from: 80 , to: 8080 }
-    - { from: 443, to: 8443 }
\ No newline at end of file
+    - { from: 443, to: 8443 }