diff options
-rw-r--r-- | .config/ansible-lint.yml | 3 | ||||
-rw-r--r-- | roles/packages/tasks/main.yml | 18 | ||||
-rw-r--r-- | roles/sshd/handlers/main.yml | 4 | ||||
-rw-r--r-- | roles/sshd/tasks/main.yml | 6 | ||||
-rw-r--r-- | roles/webserver/handlers/main.yml | 2 | ||||
-rw-r--r-- | roles/webserver/tasks/main.yml | 5 |
6 files changed, 21 insertions, 17 deletions
diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml new file mode 100644 index 0000000..e4f3da5 --- /dev/null +++ b/.config/ansible-lint.yml @@ -0,0 +1,3 @@ +skip_list: + - package-latest # Package installs should not use latest. + - yaml[commas] # Violations reported by yamllint. diff --git a/roles/packages/tasks/main.yml b/roles/packages/tasks/main.yml index d3f0720..c9218bc 100644 --- a/roles/packages/tasks/main.yml +++ b/roles/packages/tasks/main.yml @@ -1,19 +1,19 @@ --- - name: Install EPEL - become: True + become: true ansible.builtin.package: name: epel-release state: latest when: ansible_facts['os_family'] == 'RedHat' -#- name: Update all packages -# become: True -# ansible.builtin.package: -# name: "*" -# state: latest +# - name: Update all packages +# become: True +# ansible.builtin.package: +# name: "*" +# state: latest - name: Install packages - become: True + become: true ansible.builtin.package: name: "{{ item }}" state: latest @@ -24,7 +24,7 @@ - netcat - name: Set fish as default shell - become: True + become: true ansible.builtin.user: name: "{{ USER }}" - shell: /usr/bin/fish
\ No newline at end of file + shell: /usr/bin/fish diff --git a/roles/sshd/handlers/main.yml b/roles/sshd/handlers/main.yml index 429dd83..2aadb6d 100644 --- a/roles/sshd/handlers/main.yml +++ b/roles/sshd/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: Restart sshd - become: True + become: true ansible.builtin.service: name: sshd - state: restarted
\ No newline at end of file + state: restarted diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index c4dd9ea..a0f2ba3 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Configure sshd - become: True - lineinfile: + become: true + ansible.builtin.lineinfile: dest: "/etc/ssh/sshd_config" regexp: "{{ item.regex }}" line: "{{ item.line }}" @@ -10,4 +10,4 @@ - { regex: '^(#\s*)?PermitEmptyPasswords' , line: 'PermitEmptyPasswords no' } - { regex: '^(#\s*)?PermitRootLogin' , line: 'PermitRootLogin no' } - { regex: '^(#\s*)?PasswordAuthentication', line: 'PasswordAuthentication no' } - - { regex: '^(#\s*)?UsePAM' , line: 'UsePAM yes' }
\ No newline at end of file + - { regex: '^(#\s*)?UsePAM' , line: 'UsePAM yes' } diff --git a/roles/webserver/handlers/main.yml b/roles/webserver/handlers/main.yml index 3e327d5..d75a7f3 100644 --- a/roles/webserver/handlers/main.yml +++ b/roles/webserver/handlers/main.yml @@ -3,4 +3,4 @@ containers.podman.podman_container: name: webserver state: started - restart: yes
\ No newline at end of file + restart: true diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml index a849f2c..b17536e 100644 --- a/roles/webserver/tasks/main.yml +++ b/roles/webserver/tasks/main.yml @@ -5,6 +5,7 @@ dest: "{{ DATA_ROOT }}/nginx" owner: "{{ USER }}" group: "{{ USER }}" + mode: '0644' loop: - www - user_conf.d @@ -43,7 +44,7 @@ jump: REDIRECT to_ports: "{{ item.to }}" comment: "Redirect web traffic {{ item.from }} -> {{ item.to }}" - become: yes + become: true loop: - { from: 80 , to: 8080 } - - { from: 443, to: 8443 }
\ No newline at end of file + - { from: 443, to: 8443 } |