Fix ansible-lint

2f0f1796 · Adrian K. · 3a35f79b · 2f0f1796 · 2f0f1796 · 2f0f1796
Commit 2f0f1796 authored 3 years ago by Adrian K.
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -11,7 +11,7 @@ haproxy_wanted_acme_domains: []
 haproxy_acme_backend_name: "acmetool"
 _haproxy_ssl_options: 'no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets'
-_haproxy_ssl_ciphers: 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'  # noqa line-length
+_haproxy_ssl_ciphers: 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'  # noqa yaml[line-length]
 _haproxy_ssl_ciphersuites: 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256'
 haproxy_default_compression_algo: gzip

--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,11 +3,11 @@
 # handlers file for haproxy
 - name: restart haproxy
-  service:
+  ansible.builtin.service:
    name: haproxy
    state: restarted
 - name: reload haproxy
-  service:
+  ansible.builtin.service:
    name: haproxy
    state: reloaded
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -3,7 +3,7 @@ galaxy_info:
  author: Fachschaft Informatik, TU Dortmund
  description: Install and configure a HAProxy reverse proxy
  license: Apache-2.0
-  min_ansible_version: 2.9
+  min_ansible_version: "2.9"
  platforms:
    - name: Ubuntu
      versions:

--- a/tasks/certpaths.yml
+++ b/tasks/certpaths.yml
 ---
 - name: "{{ item.name }}: Generate certpaths file"
  notify: reload haproxy
-  template:
+  ansible.builtin.template:
    src: certpaths.j2
    dest: "/etc/haproxy/{{ item.name }}.certpaths"
    owner: root

--- a/tasks/configure.yml
+++ b/tasks/configure.yml
 ---
 - name: Collect all extern certpaths
-  set_fact:
+  ansible.builtin.set_fact:
    haproxy_wanted_certpaths: "{{ haproxy_wanted_certs }} + {{ (item.ssl | default([])).cert | default([]) }}"
  loop: "{{ haproxy_frontends }}"
  when: haproxy_frontends is defined
 - name: Collect all LE certs
-  set_fact:
+  ansible.builtin.set_fact:
    haproxy_wanted_acme_domains: "{{ haproxy_wanted_acme_domains }} + {{ (item.ssl | default([])).acme_domains | default([]) }}"
  loop: "{{ haproxy_frontends }}"
  when: haproxy_frontends is defined
 - name: Check if haproxy backend is already configured
-  lineinfile:
+  ansible.builtin.lineinfile:
    path: /etc/haproxy/haproxy.cfg
    line: "backend {{ haproxy_acme_backend_name }}"
    state: present
@@ -34,7 +34,7 @@
 ## ASSEMBLE CONFIG - FRONTEND
 - name: 'Create directory for the frontend'
-  file:
+  ansible.builtin.file:
    path: "{{ haproxy_config_dir }}/frontends.d"
    state: directory
    owner: root
@@ -42,21 +42,21 @@
    mode: 0755
 - name: "List files for the frontends"
-  find:
+  ansible.builtin.find:
    paths: "{{ haproxy_config_dir }}/frontends.d"
    patterns: "*.cfg"
  register: directory_contents
  changed_when: false
 - name: "Remove unmanaged files for the frontends"
-  file:
+  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  when: (item.path | basename) not in (haproxy_frontends | json_query('[*].name') | map('regex_replace',  '(^.*$)', '\\1.cfg') | list)
  loop: "{{ directory_contents.files }}"
 - name: 'Build up the frontends'
-  template:
+  ansible.builtin.template:
    src: "frontend.cfg"
    dest: "{{ haproxy_config_dir }}/frontends.d/{{ item.name }}.cfg"
    owner: root
@@ -68,7 +68,7 @@
 ## ASSEMBLE CONFIG - BACKEND
 - name: 'Create directory for the backends'
-  file:
+  ansible.builtin.file:
    path: "{{ haproxy_config_dir }}/backends.d"
    state: directory
    owner: root
@@ -76,21 +76,21 @@
    mode: 0755
 - name: "List files for the backends"
-  find:
+  ansible.builtin.find:
    paths: "{{ haproxy_config_dir }}/backends.d"
    patterns: "*.cfg"
  register: directory_contents
  changed_when: false
 - name: "Remove unmanaged files for the backends"
-  file:
+  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  when: (item.path | basename) not in (haproxy_backends | json_query('[*].name') | map('regex_replace',  '(^.*$)', '\\1.cfg') | list)
  loop: "{{ directory_contents.files }}"
 - name: 'Build up the backends'
-  template:
+  ansible.builtin.template:
    src: "backend.cfg"
    dest: "{{ haproxy_config_dir }}/backends.d/{{ item.name }}.cfg"
    owner: root
@@ -102,7 +102,7 @@
 ## ASSEMBLE CONFIG - LISTEN
 - name: 'Create directory for the listen sections'
-  file:
+  ansible.builtin.file:
    path: "{{ haproxy_config_dir }}/listen.d"
    state: directory
    owner: root
@@ -110,21 +110,21 @@
    mode: 0755
 - name: "List files the listen sections"
-  find:
+  ansible.builtin.find:
    paths: "{{ haproxy_config_dir }}/listen.d"
    patterns: "*.cfg"
  register: directory_contents
  changed_when: false
 - name: "Remove unmanaged files the listen sections"
-  file:
+  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  when: (item.path | basename) not in (haproxy_listen | json_query('[*].name') | map('regex_replace',  '(^.*$)', '\\1.cfg') | list)
  loop: "{{ directory_contents.files }}"
 - name: 'Build up the listen sections'
-  template:
+  ansible.builtin.template:
    src: "listen.cfg"
    dest: "{{ haproxy_config_dir }}/listen.d/{{ item.name }}.cfg"
    owner: root
@@ -136,7 +136,7 @@
 ## ASSEMBLE CONFIG - USERLIST
 - name: 'Create directory for the userlists'
-  file:
+  ansible.builtin.file:
    path: "{{ haproxy_config_dir }}/userlists.d"
    state: directory
    owner: root
@@ -144,21 +144,21 @@
    mode: 0755
 - name: "List files for the userlists"
-  find:
+  ansible.builtin.find:
    paths: "{{ haproxy_config_dir }}/userlists.d"
    patterns: "*.cfg"
  register: directory_contents
  changed_when: false
 - name: "Remove unmanaged files for the userlists"
-  file:
+  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  when: (item.path | basename) not in (haproxy_userlists | json_query('[*].name') | map('regex_replace',  '(^.*$)', '\\1.cfg') | list)
  loop: "{{ directory_contents.files }}"
 - name: 'Build up the userlist sections'
-  template:
+  ansible.builtin.template:
    src: userlist.cfg
    dest: "{{ haproxy_config_dir }}/userlists.d/{{ item.name }}.cfg"
    owner: root
@@ -170,7 +170,7 @@
 ## ASSEMBLE CONFIG - GLOBAL & DEFAULT
 - name: 'Create  the compiled folder'
-  file:
+  ansible.builtin.file:
    path: "{{ haproxy_config_dir }}/compiled"
    state: directory
    owner: root
@@ -178,11 +178,11 @@
    mode: 0755
 - name: 'Merge global config'
-  set_fact:
+  ansible.builtin.set_fact:
    haproxy_global_final: "{{ _haproxy_global | combine(haproxy_global, recursive=true) }}"
 - name: 'Build up the global config'
-  template:
+  ansible.builtin.template:
    src: "global.cfg"
    dest: "{{ haproxy_config_dir }}/compiled/01-global.cfg"
    owner: root
@@ -190,11 +190,11 @@
    mode: 0644
 - name: 'Merge default config'
-  set_fact:
+  ansible.builtin.set_fact:
    haproxy_defaults_final: "{{ _haproxy_defaults | combine(haproxy_defaults, recursive=true) }}"
 - name: 'Build up the default config'
-  template:
+  ansible.builtin.template:
    src: "defaults.cfg"
    dest: "{{ haproxy_config_dir }}/compiled/02-defaults.cfg"
    owner: root
@@ -205,7 +205,7 @@
 ## ASSEMBLE FINAL CONFIG
 - name: 'Assemble the backends configuration file'
-  assemble:
+  ansible.builtin.assemble:
    src: "{{ haproxy_config_dir }}/backends.d"
    dest: "{{ haproxy_config_dir }}/compiled/03-backends.cfg"
    owner: root
@@ -213,7 +213,7 @@
    mode: 0644
 - name: 'Assemble the frontends configuration file'
-  assemble:
+  ansible.builtin.assemble:
    src: "{{ haproxy_config_dir }}/frontends.d"
    dest: "{{ haproxy_config_dir }}/compiled/04-frontends.cfg"
    owner: root
@@ -221,7 +221,7 @@
    mode: 0644
 - name: 'Assemble the listen sections configuration file'
-  assemble:
+  ansible.builtin.assemble:
    src: "{{ haproxy_config_dir }}/listen.d"
    dest: "{{ haproxy_config_dir }}/compiled/05-listen.cfg"
    owner: root
@@ -229,7 +229,7 @@
    mode: 0644
 - name: 'Assemble the userlists sections configuration file'
-  assemble:
+  ansible.builtin.assemble:
    src: "{{ haproxy_config_dir }}/userlists.d"
    dest: "{{ haproxy_config_dir }}/compiled/06-userlists.cfg"
    owner: root
@@ -237,7 +237,7 @@
    mode: 0644
 - name: 'Assemble the final configuration file'
-  assemble:
+  ansible.builtin.assemble:
    src: "{{ haproxy_config_dir }}/compiled"
    dest: "{{ haproxy_config_file }}"
    owner: root

--- a/tasks/install.yml
+++ b/tasks/install.yml
 ---
 - name: Add HAProxy 2.6 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.6'
    state: present
 - name: Remove HAProxy 2.5 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.5'
    state: absent
 - name: Remove HAProxy 2.4 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.4'
    state: absent
 - name: Remove HAProxy 2.3 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.3'
    state: absent
 - name: Remove HAProxy 2.2 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.2'
    state: absent
 - name: Remove HAProxy 2.1 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.1'
    state: absent
 - name: Remove HAProxy 2.0 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-2.0'
    state: absent
 - name: Remove HAProxy 1.8 PPA
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'ppa:vbernat/haproxy-1.8'
    state: absent
 - name: Install HAProxy
-  apt:
+  ansible.builtin.apt:
    name: "haproxy=2.6.*"
    state: present
    update_cache: true
 - name: 'Enable haproxy unit'
-  systemd:
+  ansible.builtin.systemd:
    name: haproxy
    enabled: true
 - name: 'Ensure chroot directory exists'
-  file:
+  ansible.builtin.file:
    name: "{{ haproxy_global.chroot }}"
    state: directory
    owner: root
@@ -61,7 +61,7 @@
  when: haproxy_global.chroot is defined and haproxy_global.chroot
 - name: Create service override directory
-  file:
+  ansible.builtin.file:
    path: /etc/systemd/system/haproxy.service.d
    state: directory
    owner: root
@@ -69,7 +69,7 @@
    mode: 0755
 - name: Copy service override
-  copy:
+  ansible.builtin.copy:
    dest: /etc/systemd/system/haproxy.service.d/override.conf
    content: |
      [Unit]

--- a/tasks/standalone_tls.yml
+++ b/tasks/standalone_tls.yml
 ---
 - name: Copy temporary haproxy.cfg
-  template:
+  ansible.builtin.template:
    src: tls_temp.cfg
    dest: /etc/haproxy/haproxy.cfg
    owner: root
@@ -8,6 +8,6 @@
    mode: 0644
 - name: Restart haproxy
-  systemd:
+  ansible.builtin.systemd:
    name: haproxy
    state: restarted
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
 ---
 - name: "<{{ item }}> Gather Cert stats"
-  stat:
+  ansible.builtin.stat:
    path: "/var/lib/acme/live/{{ item }}/haproxy"
  register: cert
 - name: "<{{ item }}> Run acmetool (Make sure your system is accessible from the internet!)"
-  shell: "acmetool want --batch {{ item }}"
+  ansible.builtin.command: "acmetool want --batch {{ item }}"
  register: result
  changed_when: "result.stdout"
  when: not cert.stat.exists