ansible-playbooks/general#85 Linting

f1c0bf1f · jurgenhaas · 06010f4b · f1c0bf1f · f1c0bf1f · f1c0bf1f
Commit f1c0bf1f authored 5 years ago by jurgenhaas
--- a/defaults/main.yml
+++ b/defaults/main.yml
 jailkit: false
-jailroot: '/jails'
+jailroot: /jails
 jailsite_init_force: false
 jailuser_init: false
-jailkit_components: 'extendedshell git jk_lsh rsync scp sftp ssh php drush netutils'
+jailkit_components: extendedshell git jk_lsh rsync scp sftp ssh php drush netutils
 jailusers: []
--- a/tasks/initjail.yml
+++ b/tasks/initjail.yml
 ---
 # file: roles/jailkit/tasks/initjail.yml
- name: "Init Jail"
+- name: Init Jail
  shell: jk_init -j {{ jailroot }}/{{ drupal.jail.name }} {{ jailkit_components }}
- name: "Copy Tools"
+- name: Copy Tools
  shell: jk_cp -j {{ jailroot }}/{{ drupal.jail.name }} -o -s -f /bin/bash /usr/bin/groups /etc/group /usr/bin/tput
- name: "Create Apache Group"
+- name: Create Apache Group
  group:
    name='{{ drupal.jail.name }}'
- name: "Create Apache User"
+- name: Create Apache User
  user:
    name='{{ drupal.jail.name }}'
    shell='/bin/false'
    group='{{ drupal.jail.name }}'
    groups='www-data'
- name: "Apply Apache User to Jail"
+- name: Apply Apache User to Jail
  shell: jk_jailuser -m -j {{ jailroot }}/{{ drupal.jail.name }} {{ drupal.jail.name }}
- name: "Add main Apache User to Jail Group"
+- name: Add main Apache User to Jail Group
  user:
    name='www-data'
    groups='{{ drupal.jail.name }}'

--- a/tasks/initjailusers.yml
+++ b/tasks/initjailusers.yml
 ---
 # file: roles/jailkit/tasks/initjailusers.yml
- name: "Get User ID"
+- name: Get User ID
  command: id -u {{ username }}
  register: userid
  changed_when: false
-  tags: 'always'
+  tags:
+    - always
- name: "Copy user home directory into jails"
+- name: Copy user home directory into jails
  shell: jk_cp -j {{ jailroot }}/{{ item.0.jail.name }} -o -s -f /home/{{ username }}/{{ item.1 }}
  with_nested:
-    - '{{ drupal_settings|default([]) }}'
+    - {{ drupal_settings|default([]) }}
    - ['.bashrc',
       '.config',
       '.git-prompt.sh',
@@ -22,18 +23,20 @@
      ]
  when: item.0.jail is defined and username in item.0.jail.users and (limit_site is not defined or limit_site == 'False' or item.0.id is not defined or limit_site == item.0.id)
  ignore_errors: true
-  tags: 'JailUserInit'
+  tags:
+    - JailUserInit
- name: "Add User to Jail Group"
+- name: Add User to Jail Group
  user:
    name='{{ username }}'
    groups='{{ item.jail.name }}'
    append=yes
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (username in item.jail.users or username in admins) and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
-  tags: 'SetPermissions'
+  tags:
+    - SetPermissions
- name: "Add User To Jail /etc/passwd"
+- name: Add User To Jail /etc/passwd
  lineinfile:
    dest='{{ jailroot }}/{{ item.jail.name }}/etc/passwd'
    state=present
@@ -41,9 +44,10 @@
    line='{{ username }}:x:{{ userid.stdout }}:0::/var/www{{ item.webRoot|default("") }}:/bin/bash'
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and username in item.jail.users and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
-  tags: 'SetPermissions'
+  tags:
+    - SetPermissions
- name: "File Modes and Ownership"
+- name: File Modes and Ownership
  file:
    path='{{ jailroot }}/{{ item.jail.name }}/home/{{ username }}'
    owner='{{ username }}'
@@ -53,5 +57,5 @@
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (username in item.jail.users or username in admins) and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
  tags:
-    - 'JailUserInit'
+    - JailUserInit
-    - 'SetPermissions'
+    - SetPermissions
--- a/tasks/install.yml
+++ b/tasks/install.yml
 ---
 # file: roles/jailkit/tasks/install.yml
- name: "Make sure an empty directory /tmp/jailkit exists"
+- name: Make sure an empty directory /tmp/jailkit exists
  file:
    path='/tmp/jailkit'
    state='{{ item }}'
@@ -9,18 +9,18 @@
    - absent
    - directory
- name: "Download JailKit"
+- name: Download JailKit
  get_url:
    url='http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz'
    dest='/tmp/jailkit-2.17.tar.gz'
- name: "Unpack JailKit"
+- name: Unpack JailKit
  unarchive:
    src='/tmp/jailkit-2.17.tar.gz'
    dest='/tmp/jailkit'
    copy=no
- name: "Compile JailKit"
+- name: Compile JailKit
  shell: "{{ item }} chdir=/tmp/jailkit/jailkit-2.17"
  with_items:
    - ./configure

--- a/tasks/jailkit.yml
+++ b/tasks/jailkit.yml
@@ -3,22 +3,23 @@
 ---
 # file: roles/jailkit/tasks/jailkit.yml
- include_tasks: '../../php/tasks/variables.yml'
+- include_tasks: ../../php/tasks/variables.yml
-  tags: 'always'
+  tags:
+    - always
- name: "Reset Permissions in User Homes"
+- name: Reset Permissions in User Homes
  file:
-    path: '/home/{{ item }}'
+    path: /home/{{ item }}
-    state: 'directory'
+    state: directory
    owner: '{{ item }}'
-    group: 'root'
+    group: root
    recurse: yes
    follow: no
  with_flattened:
-    - '{{ admins }}'
+    - {{ admins }}
-    - '{{ jailusers }}'
+    - {{ jailusers }}
- name: "Check JailKit Requirement"
+- name: Check JailKit Requirement
  shell: ls /usr/sbin/jk_init
  register: jailkit_available
  failed_when: false
@@ -27,7 +28,7 @@
 - import_tasks: install.yml
  when: jailkit_available is defined and jailkit_available.stdout != '/usr/sbin/jk_init'
- name: "Create Jail Root Directory"
+- name: Create Jail Root Directory
  file:
    path='{{ jailroot }}'
    state='directory'
@@ -35,10 +36,10 @@
    group='root'
    mode='755'
- name: "Python Components"
+- name: Python Components
  pip: name=pick
- name: "Jail Script"
+- name: Jail Script
  template:
    src='jail'
    dest='/usr/local/bin/jail'
@@ -46,16 +47,17 @@
    group='root'
    mode='755'
- name: "Basic Config"
+- name: Basic Config
  template:
    src='jk_init.ini'
    dest='/etc/jailkit/jk_init.ini'
    owner='root'
    group='root'
    mode='644'
-  tags: 'always'
+  tags:
+    - always
- name: "Create Jail Directory"
+- name: Create Jail Directory
  file:
    path='{{ jailroot }}/{{ item.jail.name }}'
    state='directory'
@@ -66,14 +68,14 @@
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: "Init Jails"
+- name: Init Jails
  include_tasks: initjail.yml
  with_items: '{{ drupal_settings|default([]) }}'
  loop_control:
    loop_var: drupal
  when: drupal.jail is defined and (jail_available is changed or jailsite_init_force) and (limit_site is not defined or limit_site == 'False' or drupal.id is not defined or limit_site == drupal.id)
- name: "Ensure tmp Directory"
+- name: Ensure tmp Directory
  file:
    path='{{ jailroot }}/{{ item.jail.name }}/tmp'
    state='directory'
@@ -83,7 +85,7 @@
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: "Ensure var and log Directory"
+- name: Ensure var and log Directory
  file:
    path='{{ jailroot }}/{{ item.jail.name }}/var/log'
    state='directory'
@@ -93,7 +95,7 @@
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: "Ensure Apache Log Directory"
+- name: Ensure Apache Log Directory
  file:
    path='{{ jailroot }}/{{ item.jail.name }}/var/log/apache2'
    state='directory'
@@ -103,7 +105,7 @@
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
- name: "Install logrotate script"
+- name: Install logrotate script
  template:
    src='etc-logrotate-apache2'
    dest='/etc/logrotate.d/apache2-{{ item.jail.name }}'
@@ -112,9 +114,10 @@
    mode='644'
  with_items: '{{ drupal_settings|default([]) }}'
  when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
-  tags: 'logrotate'
+  tags:
+    - logrotate
- name: "Ensure Apache Web Directory"
+- name: Ensure Apache Web Directory
  file:
    path='{{ jailroot }}/{{ item.jail.name }}/var/www{{ item.webRoot|default("") }}'
    state='directory'
@@ -126,12 +129,12 @@
 - block:
-  - name: "Remove PHP PHP Default Pool"
+  - name: Remove PHP PHP Default Pool
    file:
      path='/etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/www.conf'
      state='absent'
-  - name: "Create PHP Pool"
+  - name: Create PHP Pool
    template:
      src='php_pool.conf'
      dest='/etc/{{ php_base_dir|default("php5") }}/fpm/pool.d/{{ item.jail.name }}.conf'
@@ -141,12 +144,12 @@
    with_items: '{{ drupal_settings|default([]) }}'
    when: item.jail is defined and (limit_site is not defined or limit_site == 'False' or item.id is not defined or limit_site == item.id)
    tags:
-      - 'ApacheConfig'
+      - ApacheConfig
    notify: "Restart PHP-FPM"
  when: php_fpm
- name: "Copy Jail Start Script to user home directory"
+- name: Copy Jail Start Script to user home directory
  template:
    src='.jail'
    dest='/home/{{ username }}/.jail'
@@ -154,29 +157,29 @@
    group='root'
    mode='755'
  with_flattened:
-    - '{{ admins }}'
+    - {{ admins }}
-    - '{{ jailusers }}'
+    - {{ jailusers }}
  loop_control:
    loop_var: username
  when: username != tunnel_user_name
  tags:
-    - 'JailUserInit'
+    - JailUserInit
-    - 'SetPermissions'
+    - SetPermissions
-    - 'shells'
+    - shells
- name: "Init Users"
+- name: Init Users
  include_tasks: initjailusers.yml
  with_flattened:
-    - '{{ admins }}'
+    - {{ admins }}
-    - '{{ jailusers }}'
+    - {{ jailusers }}
  loop_control:
    loop_var: username
  when: username != tunnel_user_name and jailuser_init
  tags:
-    - 'JailUserInit'
+    - JailUserInit
-    - 'SetPermissions'
+    - SetPermissions
- name: "Update config files"
+- name: Update config files
  template:
    src='{{ item }}.ini'
    dest='/etc/jailkit/{{ item }}.ini'
@@ -184,17 +187,17 @@
    group=root
    mode='644'
  with_items:
-    - 'jk_chrootsh'
+    - jk_chrootsh
-    - 'jk_uchroot'
+    - jk_uchroot
-    - 'jk_update'
+    - jk_update
-    - 'jk_socketd'
+    - jk_socketd
- name: "Update Jails"
+- name: Update Jails
  include_tasks: updatejail.yml
  with_items: '{{ drupal_settings|default([]) }}'
  loop_control:
    loop_var: drupal
  when: drupal.jail is defined and (limit_site is not defined or limit_site == 'False' or drupal.id is not defined or limit_site == drupal.id)
  tags:
-    - 'UpdateJails'
+    - UpdateJails
-    - 'shells'
+    - shells
--- a/tasks/main.yml
+++ b/tasks/main.yml
 ---
 # file: roles/jailkit/tasks/main.yml
- name: "JailKit Role"
+- name: JailKit Role
-  set_fact: role_jailkit_started=true
+  set_fact:
-  tags: 'always'
+    role_jailkit_started: yes
+  tags:
+    - always
 - block:
  - import_tasks: jailkit.yml
-  when: '"jailkit" not in excluded_roles and jailkit'
+  when: not excluded_roles or "jailkit" not in excluded_roles and jailkit
--- a/tasks/updatejail.yml
+++ b/tasks/updatejail.yml
@@ -3,37 +3,37 @@
 - block:
-  - name: "JailKit Update Components"
+  - name: JailKit Update Components
    shell: jk_init -j {{ jailroot }}/{{ drupal.jail.name }} {{ jailkit_components }}
-  - name: "JailKit Update Directories"
+  - name: JailKit Update Directories
    shell: jk_update -j {{ jailroot }}/{{ drupal.jail.name }} --skip=/etc/drush/aliases.drushrc.php /bin /dev /etc /home /lib /lib64 /opt /usr
-  - name: "Reset Permissions in User Homes"
+  - name: Reset Permissions in User Homes
    file:
      path: '{{ jailroot }}/{{ drupal.jail.name }}/home/{{ item }}'
-      state: 'directory'
+      state: directory
      owner: '{{ item }}'
-      group: 'root'
+      group: root
      recurse: yes
      follow: no
    with_flattened:
-      - '{{ admins }}'
+      - {{ admins }}
-      - '{{ jailusers }}'
+      - {{ jailusers }}
-  - name: "Set shell for crontabs"
+  - name: Set shell for crontabs
    cron:
-      name: 'SHELL'
+      name: SHELL
      env: yes
-      value: '/usr/sbin/jk_chrootsh'
+      value: /usr/sbin/jk_chrootsh
      user: '{{ drupal.jail.name }}'
-  - name: "Ensure proper symlink for PHP executable in Jail"
+  - name: Ensure proper symlink for PHP executable in Jail
    file:
-      src: '/usr/bin/php{{ php_version }}'
+      src: /usr/bin/php{{ php_version }}
      dest: '{{ jailroot }}/{{ drupal.jail.name }}/etc/alternatives/php'
-      state: 'link'
+      state: link
  tags:
-    - 'UpdateJails'
+    - UpdateJails
-    - 'shells'
+    - shells