Fix lint nagging
This commit is contained in:
parent
129f2c249c
commit
15f84e1b1f
50 changed files with 56 additions and 33 deletions
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
skip_list:
|
||||
- fqcn-builtins
|
||||
- meta-no-info
|
||||
|
||||
# vim: ft=yaml.ansible
|
||||
|
|
|
|||
|
|
@ -1,2 +0,0 @@
|
|||
dependencies:
|
||||
- role: setup-mariadb
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: 2px-apache2
|
||||
- role: 2px-mariadb
|
||||
- role: 2px_apache2
|
||||
- role: 2px_mariadb
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup-apache2
|
||||
- role: setup_apache2
|
||||
- role: certbot
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
apt:
|
||||
name: libapache2-mod-wsgi-py3
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
notify: Reload apache2 service
|
||||
|
||||
- name: Enable wsgi module
|
||||
|
|
@ -28,6 +28,7 @@
|
|||
template:
|
||||
src: 2px.info.conf.j2
|
||||
dest: /etc/apache2/sites-available/2px.info.conf
|
||||
mode: 0644
|
||||
notify: Reload apache2 service
|
||||
|
||||
- name: Activate vHost
|
||||
3
roles/2px_mariadb/meta/main.yml
Normal file
3
roles/2px_mariadb/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup_mariadb
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- include_vars: vault.yml
|
||||
- name: Include vault variables
|
||||
include_vars: vault.yml
|
||||
|
||||
- name: Create 2px database
|
||||
become: true
|
||||
|
|
@ -1,2 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup-nftables
|
||||
- role: setup_nftables
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
apt:
|
||||
name: certbot
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Create acme directory
|
||||
become: true
|
||||
|
|
@ -25,10 +25,10 @@
|
|||
|
||||
- name: Copy apache confs
|
||||
become: true
|
||||
copy: src={{ item.src }} dest={{ item.dest }}
|
||||
copy: src={{ item.src }} dest={{ item.dest }} mode=0644
|
||||
with_items:
|
||||
- { src: 'acme.conf', dest: '/etc/apache2/conf-available/acme.conf' }
|
||||
- { src: 'ssl-options.conf', dest: '/etc/apache2/conf-available/ssl-options.conf' }
|
||||
- {src: 'acme.conf', dest: '/etc/apache2/conf-available/acme.conf'}
|
||||
- {src: 'ssl-options.conf', dest: '/etc/apache2/conf-available/ssl-options.conf'}
|
||||
|
||||
|
||||
- name: Enable apache confs
|
||||
|
|
@ -46,6 +46,7 @@
|
|||
copy:
|
||||
src: http-certbot.conf
|
||||
dest: /etc/nftables/input.d/http-certbot.conf
|
||||
mode: 0640
|
||||
notify: Reload nftables service
|
||||
|
||||
- name: Allow incoming HTTPS
|
||||
|
|
@ -53,4 +54,5 @@
|
|||
copy:
|
||||
src: https.conf
|
||||
dest: /etc/nftables/input.d/https.conf
|
||||
mode: 0640
|
||||
notify: Reload nftables service
|
||||
|
|
|
|||
|
|
@ -1,2 +0,0 @@
|
|||
dependencies:
|
||||
- role: setup-fail2ban
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
dependencies:
|
||||
- role: setup-mariadb
|
||||
|
|
@ -8,6 +8,7 @@
|
|||
get_url:
|
||||
url: "https://dl.gitea.io/gitea/{{ gitea_binary.json.latest.version }}/gitea-{{ gitea_binary.json.latest.version }}-linux-{{ gitea_binary_arch }}.asc"
|
||||
dest: "/tmp/gitea-{{ gitea_binary.json.latest.version }}.asc"
|
||||
mode: 0644
|
||||
|
||||
- name: Verify gitea binary with gpg
|
||||
command: "gpg --verify /tmp/gitea-{{ gitea_binary.json.latest.version }}.asc /home/git/gitea-{{ gitea_binary.json.latest.version }}"
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: gitea-fail2ban
|
||||
- role: gitea-mariadb
|
||||
- role: gitea-apache2
|
||||
- role: gitea_fail2ban
|
||||
- role: gitea_mariadb
|
||||
- role: gitea_apache2
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- include_vars: vault.yml
|
||||
- name: Include vault variables
|
||||
include_vars: vault.yml
|
||||
|
||||
- name: Install needed packages
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup-apache2
|
||||
- role: setup_apache2
|
||||
- role: certbot
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
- name: Enable proxy modules
|
||||
become: true
|
||||
apache2_module:
|
||||
|
|
@ -13,6 +14,7 @@
|
|||
template:
|
||||
src: git.tunuifranken.info.conf.j2
|
||||
dest: /etc/apache2/sites-available/git.tunuifranken.info.conf
|
||||
mode: 0644
|
||||
notify: Reload apache2 service
|
||||
|
||||
- name: Activate vHost
|
||||
3
roles/gitea_fail2ban/meta/main.yml
Normal file
3
roles/gitea_fail2ban/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup_fail2ban
|
||||
3
roles/gitea_mariadb/meta/main.yml
Normal file
3
roles/gitea_mariadb/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup_mariadb
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- include_vars: vault.yml
|
||||
- name: Include vault variables
|
||||
include_vars: vault.yml
|
||||
|
||||
- name: Create gitea database
|
||||
become: true
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
dependencies:
|
||||
- role: setup-fail2ban
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
apt:
|
||||
name: apache2
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
notify: Start apache2 service
|
||||
|
||||
- name: Remove default html dir
|
||||
|
|
@ -38,3 +38,4 @@
|
|||
file:
|
||||
path: /var/www/empty
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
apt:
|
||||
name: fail2ban
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
|
||||
- name: Configure fail2ban for nftables
|
||||
become: true
|
||||
|
|
@ -6,7 +6,7 @@
|
|||
- mariadb-server
|
||||
- python3-pymysql
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
notify: Start mariadb service
|
||||
|
||||
- name: Initialize mariadb
|
||||
3
roles/setup_nftables/meta/main.yml
Normal file
3
roles/setup_nftables/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup_fail2ban
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
apt:
|
||||
name: nftables
|
||||
state: present
|
||||
update_cache: yes
|
||||
update_cache: true
|
||||
notify: Start nftables service
|
||||
|
||||
- name: Start nftables
|
||||
|
|
@ -79,7 +79,7 @@
|
|||
group: root
|
||||
mode: 0640
|
||||
with_fileglob:
|
||||
- output.d/*
|
||||
- output.d/*
|
||||
notify: Restart nftables service
|
||||
|
||||
- name: Setup netfilter.log
|
||||
|
|
@ -1,2 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: tunuifranken-apache2
|
||||
- role: tunuifranken_apache2
|
||||
|
|
|
|||
|
|
@ -9,6 +9,6 @@
|
|||
git:
|
||||
repo: git@tunuifranken.info:flyingscorpio/tunuifranken.info.git
|
||||
dest: "{{ dir_tunuifranken }}"
|
||||
clone: yes
|
||||
clone: true
|
||||
version: main
|
||||
update: no
|
||||
update: false
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: setup-apache2
|
||||
- role: setup_apache2
|
||||
- role: certbot
|
||||
|
|
@ -13,6 +13,7 @@
|
|||
template:
|
||||
src: tunuifranken.info.conf.j2
|
||||
dest: /etc/apache2/sites-available/tunuifranken.info.conf
|
||||
mode: 0644
|
||||
notify: Reload apache2 service
|
||||
|
||||
- name: Activate vHost
|
||||
Loading…
Reference in a new issue