av/pet-project-server
1
0
Fork 0
Code Pull Requests Actions Activity

Fix linting
All checks were successful
Linting / YAML Lint (push) Successful in 9s
Details
Linting / Ansible Lint (push) Successful in 19s
Details

Browse Source
This commit is contained in:
Anton Vakhrushev
2025-11-28 20:37:39 +03:00
parent 23a2bae7ec
commit 9dff413867
10 changed files with 33 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.yamllint.yml
View File

@@ -1,5 +1,9 @@
extends: default extends: default
ignore:
- ".ansible/"
- "galaxy.roles/"
rules: rules:
# Правила, требуемые ansible-lint # Правила, требуемые ansible-lint
comments: comments:

22
Taskfile.yml
View File

@@ -21,11 +21,11 @@ tasks:
ssh: ssh:
cmds: cmds:
- ssh {{.REMOTE_USER}}@{{.REMOTE_HOST}} - ssh {{.REMOTE_USER}}@{{.REMOTE_HOST}}
btop: btop:
cmds: cmds:
- ssh {{.REMOTE_USER}}@{{.REMOTE_HOST}} -t btop - ssh {{.REMOTE_USER}}@{{.REMOTE_HOST}} -t btop
encrypt: encrypt:
cmds: cmds:
@@ -44,20 +44,20 @@ tasks:
DEST_FILE: "temp/configuration.yml" DEST_FILE: "temp/configuration.yml"
cmds: cmds:
- > - >
ansible localhost ansible localhost
--module-name template --module-name template
--args "src=files/authelia/configuration.template.yml dest={{.DEST_FILE}}" --args "src=files/authelia/configuration.template.yml dest={{.DEST_FILE}}"
--extra-vars "@vars/secrets.yml" --extra-vars "@vars/secrets.yml"
--extra-vars "@files/authelia/secrets.yml" --extra-vars "@files/authelia/secrets.yml"
- defer: rm -f {{.DEST_FILE}} - defer: rm -f {{.DEST_FILE}}
- > - >
{{.AUTHELIA_DOCKER}} {{.AUTHELIA_DOCKER}}
validate-config --config /data/{{.DEST_FILE}} validate-config --config /data/{{.DEST_FILE}}
authelia-gen-random-string: authelia-gen-random-string:
summary: | summary: |
Generate random string. Generate random string.
Usage example: Usage example:
task authelia-gen-random-string LEN=64 task authelia-gen-random-string LEN=64
vars: vars:
LEN: '{{ .LEN | default 10 }}' LEN: '{{ .LEN | default 10 }}'
@@ -76,5 +76,5 @@ tasks:
format-py-files: format-py-files:
cmds: cmds:
- >- - >-
docker run --rm -u {{.USER_ID}}:{{.GROUP_ID}} -v $PWD:/app -w /app pyfound/black:latest_release black . docker run --rm -u {{.USER_ID}}:{{.GROUP_ID}} -v $PWD:/app -w /app pyfound/black:latest_release black .

15
files/authelia/configuration.template.yml
View File

@@ -408,12 +408,12 @@ identity_validation:
## ##
## The available providers are: `file`, `ldap`. You must use only one of these providers. ## The available providers are: `file`, `ldap`. You must use only one of these providers.
authentication_backend: authentication_backend:
## Password Change Options. ## Password Change Options.
password_change: password_change:
## Disable both the HTML element and the API for password change functionality. ## Disable both the HTML element and the API for password change functionality.
disable: true disable: true
## Password Reset Options. ## Password Reset Options.
password_reset: password_reset:
## Disable both the HTML element and the API for reset password functionality. ## Disable both the HTML element and the API for reset password functionality.
@@ -896,8 +896,8 @@ session:
## Important: Kubernetes (or HA) users must read https://www.authelia.com/t/statelessness ## Important: Kubernetes (or HA) users must read https://www.authelia.com/t/statelessness
## ##
redis: redis:
host: 'authelia_redis' host: 'authelia_redis'
port: 6379 port: 6379
## Use a unix socket instead ## Use a unix socket instead
# host: '/var/run/redis/redis.sock' # host: '/var/run/redis/redis.sock'
@@ -1292,7 +1292,8 @@ identity_providers:
## configured has the RS256 algorithm. For RSA keys (RS or PS) the minimum is a 2048 bit key. ## configured has the RS256 algorithm. For RSA keys (RS or PS) the minimum is a 2048 bit key.
jwks: jwks:
- -
## Key ID embedded into the JWT header for key matching. Must be an alphanumeric string with 7 or less characters. ## Key ID embedded into the JWT header for key matching.
## Must be an alphanumeric string with 7 or less characters.
## This value is automatically generated if not provided. It's recommended to not configure this. ## This value is automatically generated if not provided. It's recommended to not configure this.
# key_id: 'example' # key_id: 'example'
@@ -1383,7 +1384,7 @@ identity_providers:
clients: clients:
- -
client_name: 'Miniflux' client_name: 'Miniflux'
client_id: '{{ oidc__miniflux__client_id }}' client_id: '{{ oidc__miniflux__client_id }}'
client_secret: '{{ oidc__miniflux__client_secret }}' client_secret: '{{ oidc__miniflux__client_secret }}'
redirect_uris: redirect_uris:
- 'https://miniflux.vakhrushev.me/oauth2/oidc/callback' - 'https://miniflux.vakhrushev.me/oauth2/oidc/callback'
@@ -1397,7 +1398,7 @@ identity_providers:
- 'authorization_code' - 'authorization_code'
access_token_signed_response_alg: 'none' access_token_signed_response_alg: 'none'
userinfo_signed_response_alg: 'none' userinfo_signed_response_alg: 'none'
token_endpoint_auth_method: 'client_secret_basic' token_endpoint_auth_method: 'client_secret_basic'
- -
client_name: 'Wakapi' client_name: 'Wakapi'

2
files/homepage/docker-compose.template.yml
View File

@@ -1,4 +1,5 @@
services: services:
homepage_app: homepage_app:
# noinspection ComposeUnknownValues # noinspection ComposeUnknownValues
image: "{{ registry_homepage_nginx_image }}" image: "{{ registry_homepage_nginx_image }}"
@@ -10,4 +11,3 @@ services:
networks: networks:
web_proxy_network: web_proxy_network:
external: true external: true

3
files/netdata/docker-compose.template.yml
View File

@@ -1,4 +1,3 @@
services: services:
netdata: netdata:
@@ -17,7 +16,7 @@ services:
- "{{ config_dir }}:/etc/netdata" - "{{ config_dir }}:/etc/netdata"
- "{{ (data_dir, 'lib') | path_join }}:/var/lib/netdata" - "{{ (data_dir, 'lib') | path_join }}:/var/lib/netdata"
- "{{ (data_dir, 'cache') | path_join }}:/var/cache/netdata" - "{{ (data_dir, 'cache') | path_join }}:/var/cache/netdata"
# Netdata system volumes # Netdata system volumes
- "/:/host/root:ro,rslave" - "/:/host/root:ro,rslave"
- "/etc/group:/host/etc/group:ro" - "/etc/group:/host/etc/group:ro"
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"

6
files/outline/docker-compose.template.yml
View File

@@ -20,9 +20,9 @@ services:
FORCE_HTTPS: 'true' FORCE_HTTPS: 'true'
SECRET_KEY: '{{ outline_secret_key }}' SECRET_KEY: '{{ outline_secret_key }}'
UTILS_SECRET: '{{ outline_utils_secret }}' UTILS_SECRET: '{{ outline_utils_secret }}'
DATABASE_URL: 'postgres://{{ outline_postgres_user }}:{{ outline_postgres_password }}@outline_postgres:5432/{{ outline_postgres_database }}' DATABASE_URL: 'postgres://{{ outline_postgres_user }}:{{ outline_postgres_password }}@outline_postgres:5432/{{ outline_postgres_database }}' # yamllint disable-line rule:line-length
PGSSLMODE: 'disable' PGSSLMODE: 'disable'
REDIS_URL: 'redis://outline_redis:6379' REDIS_URL: 'redis://outline_redis:6379'
FILE_STORAGE: 's3' FILE_STORAGE: 's3'
FILE_STORAGE_UPLOAD_MAX_SIZE: '262144000' FILE_STORAGE_UPLOAD_MAX_SIZE: '262144000'
@@ -34,7 +34,7 @@ services:
AWS_S3_UPLOAD_BUCKET_NAME: '{{ outline_s3_bucket }}' AWS_S3_UPLOAD_BUCKET_NAME: '{{ outline_s3_bucket }}'
AWS_S3_FORCE_PATH_STYLE: 'true' AWS_S3_FORCE_PATH_STYLE: 'true'
AWS_S3_ACL: 'private' AWS_S3_ACL: 'private'
OIDC_CLIENT_ID: '{{ outline_oidc_client_id | replace("$", "$$") }}' OIDC_CLIENT_ID: '{{ outline_oidc_client_id | replace("$", "$$") }}'
OIDC_CLIENT_SECRET: '{{ outline_oidc_client_secret | replace("$", "$$") }}' OIDC_CLIENT_SECRET: '{{ outline_oidc_client_secret | replace("$", "$$") }}'
OIDC_AUTH_URI: 'https://auth.vakhrushev.me/api/oidc/authorization' OIDC_AUTH_URI: 'https://auth.vakhrushev.me/api/oidc/authorization'

4
lefthook.yml
View File

@@ -6,9 +6,9 @@ templates:
pre-commit: pre-commit:
jobs: jobs:
- name: "gitleaks" - name: "gitleaks"
run: "gitleaks git --staged" run: "gitleaks git --staged"
- name: "check secret files" - name: "check secret files"
run: "python3 {av-hooks-dir}/pre-commit/check-secrets-encrypted-with-ansible-vault.py" run: "python3 {av-hooks-dir}/pre-commit/check-secrets-encrypted-with-ansible-vault.py"

2
playbook-homepage-registry.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: "Upload local homepage images to registry" - name: "Upload local homepage images to registry"
hosts: all hosts: all
gather_facts: no gather_facts: false
vars_files: vars_files:
- vars/ports.yml - vars/ports.yml

2
playbook-transcriber-registry.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: "Upload local transcriber images to registry" - name: "Upload local transcriber images to registry"
hosts: all hosts: all
gather_facts: no gather_facts: false
vars_files: vars_files:
- vars/ports.yml - vars/ports.yml

2
roles/eget/defaults/main.yml
View File

@@ -1,7 +1,7 @@
--- ---
# defaults file for eget # defaults file for eget
eget_version: "1.3.4" eget_version: "1.3.4"
eget_download_url: "https://github.com/zyedidia/eget/releases/download/v{{ eget_version }}/eget-{{ eget_version }}-linux_amd64.tar.gz" eget_download_url: "https://github.com/zyedidia/eget/releases/download/v{{ eget_version }}/eget-{{ eget_version }}-linux_amd64.tar.gz" # yamllint disable-line rule:line-length
eget_install_path: "/usr/bin/eget" eget_install_path: "/usr/bin/eget"
eget_download_dest: '/tmp/{{ eget_download_url | split("/") | last }}' eget_download_dest: '/tmp/{{ eget_download_url | split("/") | last }}'