Fix lint nagging

.config/ansible-lint.yml

@@ -1,5 +1,6 @@
 ---
 skip_list:
   - fqcn-builtins
+  - meta-no-info
 
 # vim: ft=yaml.ansible

roles/2px-mariadb/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-  - role: setup-mariadb

roles/2px/meta/main.yml

@@ -1,3 +1,4 @@
+---
 dependencies:
-  - role: 2px-apache2
-  - role: 2px-mariadb
+  - role: 2px_apache2
+  - role: 2px_mariadb

roles/2px_apache2/meta/main.yml

@@ -1,3 +1,4 @@
+---
 dependencies:
-  - role: setup-apache2
+  - role: setup_apache2
   - role: certbot

roles/2px_apache2/tasks/main.yml

@@ -13,7 +13,7 @@
   apt:
     name: libapache2-mod-wsgi-py3
     state: present
-    update_cache: yes
+    update_cache: true
   notify: Reload apache2 service
 
 - name: Enable wsgi module
@@ -28,6 +28,7 @@
   template:
     src: 2px.info.conf.j2
     dest: /etc/apache2/sites-available/2px.info.conf
+    mode: 0644
   notify: Reload apache2 service
 
 - name: Activate vHost

roles/2px_mariadb/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: setup_mariadb

roles/2px_mariadb/tasks/main.yml

@@ -1,5 +1,6 @@
 ---
-- include_vars: vault.yml
+- name: Include vault variables
+  include_vars: vault.yml
 
 - name: Create 2px database
   become: true

roles/certbot/meta/main.yml

@@ -1,2 +1,3 @@
+---
 dependencies:
-  - role: setup-nftables
+  - role: setup_nftables

roles/certbot/tasks/main.yml

@@ -4,7 +4,7 @@
   apt:
     name: certbot
     state: present
-    update_cache: yes
+    update_cache: true
 
 - name: Create acme directory
   become: true
@@ -25,10 +25,10 @@
 
 - name: Copy apache confs
   become: true
-  copy: src={{ item.src }} dest={{ item.dest }}
+  copy: src={{ item.src }} dest={{ item.dest }} mode=0644
   with_items:
-    - { src: 'acme.conf', dest: '/etc/apache2/conf-available/acme.conf' }
-    - { src: 'ssl-options.conf', dest: '/etc/apache2/conf-available/ssl-options.conf' }
+    - {src: 'acme.conf', dest: '/etc/apache2/conf-available/acme.conf'}
+    - {src: 'ssl-options.conf', dest: '/etc/apache2/conf-available/ssl-options.conf'}
 
 
 - name: Enable apache confs
@@ -46,6 +46,7 @@
   copy:
     src: http-certbot.conf
     dest: /etc/nftables/input.d/http-certbot.conf
+    mode: 0640
   notify: Reload nftables service
 
 - name: Allow incoming HTTPS
@@ -53,4 +54,5 @@
   copy:
     src: https.conf
     dest: /etc/nftables/input.d/https.conf
+    mode: 0640
   notify: Reload nftables service

roles/gitea-fail2ban/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-  - role: setup-fail2ban

roles/gitea-mariadb/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-  - role: setup-mariadb

roles/gitea/handlers/main.yml

@@ -8,6 +8,7 @@
   get_url:
     url: "https://dl.gitea.io/gitea/{{ gitea_binary.json.latest.version }}/gitea-{{ gitea_binary.json.latest.version }}-linux-{{ gitea_binary_arch }}.asc"
     dest: "/tmp/gitea-{{ gitea_binary.json.latest.version }}.asc"
+    mode: 0644
 
 - name: Verify gitea binary with gpg
   command: "gpg --verify /tmp/gitea-{{ gitea_binary.json.latest.version }}.asc /home/git/gitea-{{ gitea_binary.json.latest.version }}"

roles/gitea/meta/main.yml

@@ -1,4 +1,5 @@
+---
 dependencies:
-  - role: gitea-fail2ban
-  - role: gitea-mariadb
-  - role: gitea-apache2
+  - role: gitea_fail2ban
+  - role: gitea_mariadb
+  - role: gitea_apache2

roles/gitea/tasks/main.yml

@@ -1,5 +1,6 @@
 ---
-- include_vars: vault.yml
+- name: Include vault variables
+  include_vars: vault.yml
 
 - name: Install needed packages
   become: true

roles/gitea_apache2/meta/main.yml

@@ -1,3 +1,4 @@
+---
 dependencies:
-  - role: setup-apache2
+  - role: setup_apache2
   - role: certbot

roles/gitea_apache2/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Enable proxy modules
   become: true
   apache2_module:
@@ -13,6 +14,7 @@
   template:
     src: git.tunuifranken.info.conf.j2
     dest: /etc/apache2/sites-available/git.tunuifranken.info.conf
+    mode: 0644
   notify: Reload apache2 service
 
 - name: Activate vHost

roles/gitea_fail2ban/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: setup_fail2ban

roles/gitea_mariadb/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: setup_mariadb

roles/gitea_mariadb/tasks/main.yml

@@ -1,5 +1,6 @@
 ---
-- include_vars: vault.yml
+- name: Include vault variables
+  include_vars: vault.yml
 
 - name: Create gitea database
   become: true

roles/setup-nftables/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-  - role: setup-fail2ban

roles/setup_apache2/tasks/main.yml

@@ -4,7 +4,7 @@
   apt:
     name: apache2
     state: present
-    update_cache: yes
+    update_cache: true
   notify: Start apache2 service
 
 - name: Remove default html dir
@@ -38,3 +38,4 @@
   file:
     path: /var/www/empty
     state: directory
+    mode: 0755

roles/setup_fail2ban/tasks/main.yml

@@ -4,7 +4,7 @@
   apt:
     name: fail2ban
     state: present
-    update_cache: yes
+    update_cache: true
 
 - name: Configure fail2ban for nftables
   become: true

roles/setup_mariadb/tasks/main.yml

@@ -6,7 +6,7 @@
       - mariadb-server
       - python3-pymysql
     state: present
-    update_cache: yes
+    update_cache: true
   notify: Start mariadb service
 
 - name: Initialize mariadb

roles/setup_nftables/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: setup_fail2ban

roles/setup_nftables/tasks/main.yml

@@ -4,7 +4,7 @@
   apt:
     name: nftables
     state: present
-    update_cache: yes
+    update_cache: true
   notify: Start nftables service
 
 - name: Start nftables

roles/tunuifranken/meta/main.yml

@@ -1,2 +1,3 @@
+---
 dependencies:
-  - role: tunuifranken-apache2
+  - role: tunuifranken_apache2

roles/tunuifranken/tasks/main.yml

@@ -9,6 +9,6 @@
   git:
     repo: git@tunuifranken.info:flyingscorpio/tunuifranken.info.git
     dest: "{{ dir_tunuifranken }}"
-    clone: yes
+    clone: true
     version: main
-    update: no
+    update: false

roles/tunuifranken_apache2/meta/main.yml

@@ -1,3 +1,4 @@
+---
 dependencies:
-  - role: setup-apache2
+  - role: setup_apache2
   - role: certbot

roles/tunuifranken_apache2/tasks/main.yml

@@ -13,6 +13,7 @@
   template:
     src: tunuifranken.info.conf.j2
     dest: /etc/apache2/sites-available/tunuifranken.info.conf
+    mode: 0644
   notify: Reload apache2 service
 
 - name: Activate vHost