From b7f371bc9a015ad9f15df1338c86f8baee125af4 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Mon, 10 Jun 2019 20:20:26 +0200
Subject: [PATCH] ansible-playbooks/general#85 Linting [skip-ci]
---
tasks/initjail.yml | 16 ++---
tasks/initjailusers.yml | 28 ++++-----
tasks/install.yml | 18 +++---
tasks/jailkit.yml | 134 ++++++++++++++++++++--------------------
4 files changed, 100 insertions(+), 96 deletions(-)
diff --git a/tasks/initjail.yml b/tasks/initjail.yml
index 57e95e2..ac57edb 100644
--- a/tasks/initjail.yml
+++ b/tasks/initjail.yml
@@ -9,20 +9,20 @@
- name: Create Apache Group
group:
- name='{{ drupal.jail.name }}'
+ name: '{{ drupal.jail.name }}'
- name: Create Apache User
user:
- name='{{ drupal.jail.name }}'
- shell='/bin/false'
- group='{{ drupal.jail.name }}'
- groups='www-data'
+ name: '{{ drupal.jail.name }}'
+ shell: /bin/false
+ group: '{{ drupal.jail.name }}'
+ groups: www-data
- name: Apply Apache User to Jail
shell: jk_jailuser -m -j {{ jailroot }}/{{ drupal.jail.name }} {{ drupal.jail.name }}
- name: Add main Apache User to Jail Group
user:
- name='www-data'
- groups='{{ drupal.jail.name }}'
- append=yes
+ name: www-data
+ groups: '{{ drupal.jail.name }}'
+ append: yes
diff --git a/tasks/initjailusers.yml b/tasks/initjailusers.yml
index 49d1243..9f1abc6 100644
--- a/tasks/initjailusers.yml
+++ b/tasks/initjailusers.yml
@@ -4,7 +4,7 @@
- name: Get User ID
command: id -u {{ username }}
register: userid
- changed_when: false
+ changed_when: no
tags:
- always
@@ -22,15 +22,15 @@
'.zshrc'
]
when: item.0.jail is defined and username in item.0.jail.users and (limit_site is not defined or limit_site == 'False' or item.0.id is not defined or limit_site == item.0.id)
- ignore_errors: true
+ ignore_errors: yes
tags:
- JailUserInit
- name: Add User to Jail Group
user:
- name='{{ username }}'
- groups='{{ item.jail.name }}'
- append=yes
+ name: '{{ username }}'
+ groups: '{{ item.jail.name }}'
+ append: yes
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (username in item.jail.users or username in admins) and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
tags:
@@ -38,10 +38,10 @@
- name: Add User To Jail /etc/passwd
lineinfile:
- dest='{{ jailroot }}/{{ item.jail.name }}/etc/passwd'
- state=present
- regexp='^{{ username }}:'
- line='{{ username }}:x:{{ userid.stdout }}:0::/var/www{{ item.webRoot|default("") }}:/bin/bash'
+ dest: '{{ jailroot }}/{{ item.jail.name }}/etc/passwd'
+ state: present
+ regexp: '^{{ username }}:'
+ line: '{{ username }}:x:{{ userid.stdout }}:0::/var/www{{ item.webRoot|default("") }}:/bin/bash'
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and username in item.jail.users and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
tags:
@@ -49,11 +49,11 @@
- name: File Modes and Ownership
file:
- path='{{ jailroot }}/{{ item.jail.name }}/home/{{ username }}'
- owner='{{ username }}'
- state='directory'
- recurse=yes
- follow=no
+ path: '{{ jailroot }}/{{ item.jail.name }}/home/{{ username }}'
+ owner: '{{ username }}'
+ state: directory
+ recurse: yes
+ follow: no
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (username in item.jail.users or username in admins) and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
tags:
diff --git a/tasks/install.yml b/tasks/install.yml
index 3ebfb28..7b6e51e 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -3,25 +3,27 @@
- name: Make sure an empty directory /tmp/jailkit exists
file:
- path='/tmp/jailkit'
- state='{{ item }}'
+ path: /tmp/jailkit
+ state: '{{ item }}'
with_items:
- absent
- directory
- name: Download JailKit
get_url:
- url='http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz'
- dest='/tmp/jailkit-2.17.tar.gz'
+ url: http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
+ dest: /tmp/jailkit-2.17.tar.gz
- name: Unpack JailKit
unarchive:
- src='/tmp/jailkit-2.17.tar.gz'
- dest='/tmp/jailkit'
- copy=no
+ src: /tmp/jailkit-2.17.tar.gz
+ dest: /tmp/jailkit
+ copy: no
- name: Compile JailKit
- shell: "{{ item }} chdir=/tmp/jailkit/jailkit-2.17"
+ shell: '{{ item }}'
+ args:
+ chdir: /tmp/jailkit/jailkit-2.17
with_items:
- ./configure
- make
diff --git a/tasks/jailkit.yml b/tasks/jailkit.yml
index ba00cf7..a8db6cb 100644
--- a/tasks/jailkit.yml
+++ b/tasks/jailkit.yml
@@ -22,48 +22,49 @@
- name: Check JailKit Requirement
shell: ls /usr/sbin/jk_init
register: jailkit_available
- failed_when: false
- changed_when: false
+ failed_when: no
+ changed_when: no
- import_tasks: install.yml
when: jailkit_available is defined and jailkit_available.stdout != '/usr/sbin/jk_init'
- name: Create Jail Root Directory
file:
- path='{{ jailroot }}'
- state='directory'
- owner='root'
- group='root'
- mode='755'
+ path: '{{ jailroot }}'
+ state: directory
+ owner: root
+ group: root
+ mode: 0755
- name: Python Components
- pip: name=pick
+ pip:
+ name: pick
- name: Jail Script
template:
- src='jail'
- dest='/usr/local/bin/jail'
- owner='root'
- group='root'
- mode='755'
+ src: jail
+ dest: /usr/local/bin/jail
+ owner: root
+ group: root
+ mode: 0755
- name: Basic Config
template:
- src='jk_init.ini'
- dest='/etc/jailkit/jk_init.ini'
- owner='root'
- group='root'
- mode='644'
+ src: jk_init.ini
+ dest: /etc/jailkit/jk_init.ini
+ owner: root
+ group: root
+ mode: 0644
tags:
- always
- name: Create Jail Directory
file:
- path='{{ jailroot }}/{{ item.jail.name }}'
- state='directory'
- owner='root'
- group='root'
- mode='755'
+ path: '{{ jailroot }}/{{ item.jail.name }}'
+ state: directory
+ owner: root
+ group: root
+ mode: 0755
register: jail_available
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
@@ -77,41 +78,41 @@
- name: Ensure tmp Directory
file:
- path='{{ jailroot }}/{{ item.jail.name }}/tmp'
- state='directory'
- owner='root'
- group='root'
- mode='777'
+ path: '{{ jailroot }}/{{ item.jail.name }}/tmp'
+ state: directory
+ owner: root
+ group: root
+ mode: 0777
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: Ensure var and log Directory
file:
- path='{{ jailroot }}/{{ item.jail.name }}/var/log'
- state='directory'
- owner='root'
- group='root'
- mode='755'
+ path: '{{ jailroot }}/{{ item.jail.name }}/var/log'
+ state: directory
+ owner: root
+ group: root
+ mode: 0755
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: Ensure Apache Log Directory
file:
- path='{{ jailroot }}/{{ item.jail.name }}/var/log/apache2'
- state='directory'
- owner='root'
- group='{{ item.jail.name }}'
- mode='755'
+ path: '{{ jailroot }}/{{ item.jail.name }}/var/log/apache2'
+ state: directory
+ owner: root
+ group: '{{ item.jail.name }}'
+ mode: 0755
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: Install logrotate script
template:
- src='etc-logrotate-apache2'
- dest='/etc/logrotate.d/apache2-{{ item.jail.name }}'
- owner='root'
- group='root'
- mode='644'
+ src: etc-logrotate-apache2
+ dest: /etc/logrotate.d/apache2-{{ item.jail.name }}
+ owner: root
+ group: root
+ mode: 0644
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
tags:
@@ -119,11 +120,11 @@
- name: Ensure Apache Web Directory
file:
- path='{{ jailroot }}/{{ item.jail.name }}/var/www{{ item.webRoot|default("") }}'
- state='directory'
- owner='{{ item.jail.name }}'
- group='{{ item.jail.name }}'
- mode='755'
+ path: '{{ jailroot }}/{{ item.jail.name }}/var/www{{ item.webRoot|default("") }}'
+ state: directory
+ owner: '{{ item.jail.name }}'
+ group: '{{ item.jail.name }}'
+ mode: 0755
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
@@ -131,31 +132,32 @@
- name: Remove PHP PHP Default Pool
file:
- path='/etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/www.conf'
- state='absent'
+ path: /etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/www.conf
+ state: absent
- name: Create PHP Pool
template:
- src='php_pool.conf'
- dest='/etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/{{ item.jail.name }}.conf'
- owner='root'
- group='root'
- mode='644'
+ src: php_pool.conf
+ dest: /etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/{{ item.jail.name }}.conf
+ owner: root
+ group: root
+ mode: 0644
with_items: '{{ drupal_settings|default([]) }}'
when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
tags:
- ApacheConfig
- notify: "Restart PHP-FPM"
+ notify:
+ - Restart PHP-FPM
when: php_fpm
- name: Copy Jail Start Script to user home directory
template:
- src='.jail'
- dest='/home/{{ username }}/.jail'
- owner='{{ username }}'
- group='root'
- mode='755'
+ src: .jail
+ dest: /home/{{ username }}/.jail
+ owner: '{{ username }}'
+ group: root
+ mode: 0755
with_flattened:
- {{ admins }}
- {{ jailusers }}
@@ -181,11 +183,11 @@
- name: Update config files
template:
- src='{{ item }}.ini'
- dest='/etc/jailkit/{{ item }}.ini'
- owner=root
- group=root
- mode='644'
+ src: '{{ item }}.ini'
+ dest: /etc/jailkit/{{ item }}.ini
+ owner: root
+ group: root
+ mode: 0644
with_items:
- jk_chrootsh
- jk_uchroot
--
GitLab