ansible-playbooks/general#85 Linting

8347b105 · jurgenhaas · 30afcd00 · 8347b105 · 8347b105 · 8347b105
Commit 8347b105 authored 5 years ago by jurgenhaas
--- a/tasks/admin_keys.yml
+++ b/tasks/admin_keys.yml
@@ -3,16 +3,17 @@

 - block:

-  - name: "Read public key of admin user"
-    command: 'cat /home/{{ username }}/.ssh/id_rsa.pub'
+  - name: Read public key of admin user
+    command: cat /home/{{ username }}/.ssh/id_rsa.pub
    register: pubkey

-  - name: "Distribute public key of admin user"
+  - name: Distribute public key of admin user
    authorized_key:
      user: '{{ username }}'
      key: '{{ hostvars[item].pubkey.stdout }} {{ item }}'
-      path: '/home/{{ username }}/.ssh/fresh_auth_keys_tunnel_{{ item }}'
+      path: /home/{{ username }}/.ssh/fresh_auth_keys_tunnel_{{ item }}
    with_items: '{{ groups.all }}'
    when: item != "localhost" and inventory_hostname != "localhost" and hostvars[item].pubkey is defined

-  tags: 'Keys'
+  tags:
+    - Keys
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -27,8 +27,8 @@
    - name: User keys
      include_tasks: user_keys.yml
      with_flattened:
-        - '{{ admins }}'
-        - '{{ jailusers }}'
+        - {{ admins }}
+        - {{ jailusers }}
      loop_control:
        loop_var: username
      tags:

--- a/tasks/reset.yml
+++ b/tasks/reset.yml
 ---
 # file: roles/commonkeys/tasks/reset.yml

- name: "Remove previous hostname from known_hosts"
+- name: Remove previous hostname from known_hosts
  known_hosts:
    name: '{{ hostname }}'
-    state: 'absent'
+    state: absent
  become: no

- name: "Remove previous ip from known_hosts"
+- name: Remove previous ip from known_hosts
  known_hosts:
    name: "{{ hostvars[hostname]['static_ipv4']|default(hostvars[hostname]['ansible_default_ipv4']['address']) }}"
-    state: 'absent'
+    state: absent
  become: no

- name: "Include all hosts into /etc/hosts"
+- name: Include all hosts into /etc/hosts
  lineinfile:
-    dest: '/etc/hosts'
+    dest: /etc/hosts
    regexp: "^{{ hostvars[hostname]['static_ipv4']|default(hostvars[hostname]['ansible_default_ipv4']['address']) }} "
    line: "{{ hostvars[hostname]['static_ipv4']|default(hostvars[hostname]['ansible_default_ipv4']['address']) }} {{ hostname }}"
--- a/tasks/user_keys.yml
+++ b/tasks/user_keys.yml
@@ -3,47 +3,48 @@

 - block:

-  - name: "Keys | Remove the fresh auth file in case it does already exist"
+  - name: Keys | Remove the fresh auth file in case it does already exist
    file:
-      path: '/home/{{ username }}/.ssh/auth_keys_fresh'
-      state: 'absent'
+      path: /home/{{ username }}/.ssh/auth_keys_fresh
+      state: absent

-  - name: "Keys | Install Public Keys For Desktop-To-Server Communication in a fresh file"
+  - name: Keys | Install Public Keys For Desktop-To-Server Communication in a fresh file
    authorized_key:
      user: '{{ username }}'
      key: "{{ lookup('file', inventory_dir + '/files/keys/' + username + '.d2s.pub') }}"
-      path: '/home/{{ username }}/.ssh/fresh_auth_keys_{{ username }}'
+      path: /home/{{ username }}/.ssh/fresh_auth_keys_{{ username }}
      key_options: "{{ users[username]['ssh_key_options']|default(omit) }}"

-  - name: "Keys | Merge all public keys"
-    shell: 'cat /home/{{ username }}/.ssh/fresh_auth_keys* > /home/{{ username }}/.ssh/auth_keys_fresh'
+  - name: Keys | Merge all public keys
+    shell: cat /home/{{ username }}/.ssh/fresh_auth_keys* > /home/{{ username }}/.ssh/auth_keys_fresh

-  - name: "Keys | Remove temp files"
+  - name: Keys | Remove temp files
    file:
      path: '{{ item }}'
-      state: 'absent'
+      state: absent
    with_fileglob:
-      - '/home/{{ username }}/.ssh/fresh_auth_keys_*'
+      - /home/{{ username }}/.ssh/fresh_auth_keys_*

-  - name: "Keys | Set ownership of authorized key file"
+  - name: Keys | Set ownership of authorized key file
    file:
-      path: '/home/{{ username }}/.ssh/auth_keys_fresh'
+      path: /home/{{ username }}/.ssh/auth_keys_fresh
      owner: '{{ username }}'
-      group: 'root'
+      group: root

-  - name: "Keys | Set permission for authorized key file"
+  - name: Keys | Set permission for authorized key file
    file:
-      path: '/home/{{ username }}/.ssh/auth_keys_fresh'
-      mode: '600'
+      path: /home/{{ username }}/.ssh/auth_keys_fresh
+      mode: 600

-  - name: "Keys | Make sure the authorized_keys file exists"
+  - name: Keys | Make sure the authorized_keys file exists
    file:
-      name: '/home/{{ username }}/.ssh/authorized_keys'
-      state: 'touch'
+      name: /home/{{ username }}/.ssh/authorized_keys
+      state: touch

-  - name: "Keys | Move the fresh auth file to replace the old one"
-    shell: 'rm /home/{{ username }}/.ssh/authorized_keys && mv /home/{{ username }}/.ssh/auth_keys_fresh /home/{{ username }}/.ssh/authorized_keys'
+  - name: Keys | Move the fresh auth file to replace the old one
+    shell: rm /home/{{ username }}/.ssh/authorized_keys && mv /home/{{ username }}/.ssh/auth_keys_fresh /home/{{ username }}/.ssh/authorized_keys
    args:
-      executable: '/bin/bash'
+      executable: /bin/bash

-  tags: 'Keys'
+  tags:
+    - Keys