Format playbooks with ansible-lint

playbook-app-homepage.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Deploy homepage application'
+- name: "Deploy homepage application"
   hosts: all
 
   vars_files:
@@ -7,59 +7,58 @@
     - vars/vars.yml
 
   vars:
-    app_name: 'homepage'
-    base_dir: '/home/major/applications/{{ app_name }}/'
-    docker_registry_prefix: 'cr.yandex/crplfk0168i4o8kd7ade'
-    homepage_web_image: '{{ homepage_web_image | default(omit) }}'
+    app_name: "homepage"
+    base_dir: "/home/major/applications/{{ app_name }}/"
+    docker_registry_prefix: "cr.yandex/crplfk0168i4o8kd7ade"
+    homepage_web_image: "{{ homepage_web_image | default(omit) }}"
 
   tasks:
-
-    - name: 'Check is web service imape passed'
+    - name: "Check is web service imape passed"
       ansible.builtin.assert:
         that:
-          - 'homepage_web_image is defined'
+          - "homepage_web_image is defined"
         fail_msg: 'You must pass variable "homepage_web_image"'
 
-    - name: 'Create full image name with container registry'
+    - name: "Create full image name with container registry"
       ansible.builtin.set_fact:
-        registry_homepage_web_image: '{{ (docker_registry_prefix, homepage_web_image) | path_join }}'
+        registry_homepage_web_image: "{{ (docker_registry_prefix, homepage_web_image) | path_join }}"
 
-    - name: 'Push web service image to remote registry'
+    - name: "Push web service image to remote registry"
       community.docker.docker_image:
         state: present
         source: local
-        name: '{{ homepage_web_image }}'
-        repository: '{{ registry_homepage_web_image }}'
+        name: "{{ homepage_web_image }}"
+        repository: "{{ registry_homepage_web_image }}"
         push: true
       delegate_to: 127.0.0.1
 
-    - name: 'Create application directories'
+    - name: "Create application directories"
       ansible.builtin.file:
-        path: '{{ item }}'
-        state: 'directory'
-        mode: '0755'
+        path: "{{ item }}"
+        state: "directory"
+        mode: "0755"
       loop:
-        - '{{ base_dir }}'
+        - "{{ base_dir }}"
 
-    - name: 'Copy application files'
+    - name: "Copy application files"
       ansible.builtin.copy:
-        src: '{{ item }}'
-        dest: '{{ base_dir }}'
-        mode: '0644'
+        src: "{{ item }}"
+        dest: "{{ base_dir }}"
+        mode: "0644"
       loop:
-        - './files/{{ app_name }}/docker-compose.yml'
+        - "./files/{{ app_name }}/docker-compose.yml"
 
-    - name: 'Set up environment variables for application'
+    - name: "Set up environment variables for application"
       ansible.builtin.template:
-        src: 'env.j2'
+        src: "env.j2"
         dest: '{{ (base_dir, ".env") | path_join }}'
-        mode: '0644'
+        mode: "0644"
       vars:
         env_dict:
-          WEB_SERVICE_IMAGE: '{{ registry_homepage_web_image }}'
-          WEB_SERVICE_PORT: '{{ homepage_port }}'
+          WEB_SERVICE_IMAGE: "{{ registry_homepage_web_image }}"
+          WEB_SERVICE_PORT: "{{ homepage_port }}"
 
-    - name: 'Run application with docker compose'
+    - name: "Run application with docker compose"
       community.docker.docker_compose_v2:
-        project_src: '{{ base_dir }}'
-        state: 'present'
+        project_src: "{{ base_dir }}"
+        state: "present"

playbook-backups.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Configure restic and backup schedule'
+- name: "Configure restic and backup schedule"
   hosts: all
 
   vars_files:
@@ -7,8 +7,7 @@
     - vars/secrets.yml
 
   tasks:
-
-    - name: 'Copy restic shell script'
+    - name: "Copy restic shell script"
       ansible.builtin.template:
         src: "files/backups/restic-shell.sh.j2"
         dest: "{{ bin_prefix }}/restic-shell.sh"
@@ -16,49 +15,49 @@
         group: root
         mode: "0700"
 
-    - name: 'Copy restic backup script'
+    - name: "Copy restic backup script"
       ansible.builtin.template:
         src: "files/backups/restic-backup.sh.j2"
         dest: "{{ bin_prefix }}/restic-backup.sh"
         owner: root
         group: root
-        mode: '0700'
+        mode: "0700"
 
-    - name: 'Create gobackup config directory'
+    - name: "Create gobackup config directory"
       ansible.builtin.file:
         path: "{{ backup_gobackup_config | dirname }}"
         state: directory
-        mode: '0755'
+        mode: "0755"
 
-    - name: 'Copy gobackup config files'
+    - name: "Copy gobackup config files"
       ansible.builtin.template:
         src: "files/backups/gobackup.yml.j2"
         dest: "{{ backup_gobackup_config }}"
         owner: root
         group: root
-        mode: '0700'
+        mode: "0700"
 
     - name: "Setup paths for backup cron file"
       ansible.builtin.cron:
-        cron_file: 'ansible_restic_backup'
-        user: 'root'
+        cron_file: "ansible_restic_backup"
+        user: "root"
         env: true
-        name: 'PATH'
-        job: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin'
+        name: "PATH"
+        job: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"
 
     - name: "Setup mail for backup cron file"
       ansible.builtin.cron:
-        cron_file: 'ansible_restic_backup'
-        user: 'root'
+        cron_file: "ansible_restic_backup"
+        user: "root"
         env: true
-        name: 'MAILTO'
-        job: ''
+        name: "MAILTO"
+        job: ""
 
     - name: "Creates a cron file for backups under /etc/cron.d"
       ansible.builtin.cron:
-        name: 'restic backup'
-        minute: '0'
-        hour: '1'
-        job: '/usr/local/bin/restic-backup.sh 2>&1 | logger -t backup'
-        cron_file: 'ansible_restic_backup'
-        user: 'root'
+        name: "restic backup"
+        minute: "0"
+        hour: "1"
+        job: "/usr/local/bin/restic-backup.sh 2>&1 | logger -t backup"
+        cron_file: "ansible_restic_backup"
+        user: "root"

playbook-caddy.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Install and configure Caddy server'
+- name: "Install and configure Caddy server"
   hosts: all
 
   vars_files:
@@ -7,18 +7,17 @@
     - vars/vars.yml
 
   tasks:
-
-    - name: 'Ensure networkd service is started (required by Caddy).'
+    - name: "Ensure networkd service is started (required by Caddy)."
       ansible.builtin.systemd:
         name: systemd-networkd
         state: started
         enabled: true
 
-    - name: 'Install and configure Caddy server'
+    - name: "Install and configure Caddy server"
       ansible.builtin.import_role:
         name: caddy_ansible.caddy_ansible
       vars:
-        caddy_github_token: '{{ caddy_vars.github_token }}'
+        caddy_github_token: "{{ caddy_vars.github_token }}"
         caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
         caddy_setcap: true
         caddy_systemd_capabilities_enabled: true

playbook-configuration.yml

@@ -6,10 +6,9 @@
     - vars/vars.yml
 
   tasks:
-
     # Applications
 
-    - import_role:
+    - ansible.builtin.import_role:
         name: docker-app
       vars:
         username: gitea
@@ -22,13 +21,13 @@
           DOCKER_PREFIX: gitea
           IMAGE_PREFIX: gitea
           CONTAINER_PREFIX: gitea
-          WEB_SERVER_PORT: '127.0.0.1:{{ gitea_port }}'
-          USER_UID: '{{ uc_result.uid }}'
-          USER_GID: '{{ uc_result.group }}'
+          WEB_SERVER_PORT: "127.0.0.1:{{ gitea_port }}"
+          USER_UID: "{{ uc_result.uid }}"
+          USER_GID: "{{ uc_result.group }}"
       tags:
         - apps
 
-    - import_role:
+    - ansible.builtin.import_role:
         name: docker-app
       vars:
         username: keycloak
@@ -41,15 +40,15 @@
           DOCKER_PREFIX: keycloak
           IMAGE_PREFIX: keycloak
           CONTAINER_PREFIX: keycloak
-          WEB_SERVER_PORT: '127.0.0.1:{{ keycloak_port }}'
-          KEYCLOAK_ADMIN: '{{ keycloak.admin_login }}'
-          KEYCLOAK_ADMIN_PASSWORD: '{{ keycloak.admin_password }}'
-          USER_UID: '{{ uc_result.uid }}'
-          USER_GID: '{{ uc_result.group }}'
+          WEB_SERVER_PORT: "127.0.0.1:{{ keycloak_port }}"
+          KEYCLOAK_ADMIN: "{{ keycloak.admin_login }}"
+          KEYCLOAK_ADMIN_PASSWORD: "{{ keycloak.admin_password }}"
+          USER_UID: "{{ uc_result.uid }}"
+          USER_GID: "{{ uc_result.group }}"
       tags:
         - apps
 
-    - import_role:
+    - ansible.builtin.import_role:
         name: docker-app
       vars:
         username: outline
@@ -62,38 +61,38 @@
           DOCKER_PREFIX: outline
           IMAGE_PREFIX: outline
           CONTAINER_PREFIX: outline
-          WEB_SERVER_PORT: '127.0.0.1:{{ outline_port }}'
-          USER_UID: '{{ uc_result.uid }}'
-          USER_GID: '{{ uc_result.group }}'
+          WEB_SERVER_PORT: "127.0.0.1:{{ outline_port }}"
+          USER_UID: "{{ uc_result.uid }}"
+          USER_GID: "{{ uc_result.group }}"
           # Postgres
-          POSTGRES_USER: '{{ outline.postgres_user }}'
-          POSTGRES_PASSWORD: '{{ outline.postgres_password }}'
-          POSTGRES_DB: 'outline'
+          POSTGRES_USER: "{{ outline.postgres_user }}"
+          POSTGRES_PASSWORD: "{{ outline.postgres_password }}"
+          POSTGRES_DB: "outline"
           # See sample https://github.com/outline/outline/blob/main/.env.sample
-          NODE_ENV: 'production'
-          SECRET_KEY: '{{ outline.secret_key }}'
-          UTILS_SECRET: '{{ outline.utils_secret }}'
-          DATABASE_URL: 'postgres://{{ outline.postgres_user }}:{{ outline.postgres_password }}@postgres:5432/outline'
-          PGSSLMODE: 'disable'
-          REDIS_URL: 'redis://redis:6379'
-          URL: 'https://outline.vakhrushev.me'
-          FILE_STORAGE: 's3'
-          AWS_ACCESS_KEY_ID: '{{ outline.s3_access_key }}'
-          AWS_SECRET_ACCESS_KEY: '{{ outline.s3_secret_key }}'
-          AWS_REGION: 'ru-central1'
-          AWS_S3_ACCELERATE_URL: ''
-          AWS_S3_UPLOAD_BUCKET_URL: 'https://storage.yandexcloud.net'
-          AWS_S3_UPLOAD_BUCKET_NAME: 'av-outline-wiki'
-          AWS_S3_FORCE_PATH_STYLE: 'true'
-          AWS_S3_ACL: 'private'
-          OIDC_CLIENT_ID: '{{ outline.oidc_client_id }}'
-          OIDC_CLIENT_SECRET: '{{ outline.oidc_client_secret }}'
-          OIDC_AUTH_URI: 'https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/auth'
-          OIDC_TOKEN_URI: 'https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/token'
-          OIDC_USERINFO_URI: 'https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/userinfo'
-          OIDC_LOGOUT_URI: 'https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/logout'
-          OIDC_USERNAME_CLAIM: 'email'
-          OIDC_DISPLAY_NAME: 'KK'
+          NODE_ENV: "production"
+          SECRET_KEY: "{{ outline.secret_key }}"
+          UTILS_SECRET: "{{ outline.utils_secret }}"
+          DATABASE_URL: "postgres://{{ outline.postgres_user }}:{{ outline.postgres_password }}@postgres:5432/outline"
+          PGSSLMODE: "disable"
+          REDIS_URL: "redis://redis:6379"
+          URL: "https://outline.vakhrushev.me"
+          FILE_STORAGE: "s3"
+          AWS_ACCESS_KEY_ID: "{{ outline.s3_access_key }}"
+          AWS_SECRET_ACCESS_KEY: "{{ outline.s3_secret_key }}"
+          AWS_REGION: "ru-central1"
+          AWS_S3_ACCELERATE_URL: ""
+          AWS_S3_UPLOAD_BUCKET_URL: "https://storage.yandexcloud.net"
+          AWS_S3_UPLOAD_BUCKET_NAME: "av-outline-wiki"
+          AWS_S3_FORCE_PATH_STYLE: "true"
+          AWS_S3_ACL: "private"
+          OIDC_CLIENT_ID: "{{ outline.oidc_client_id }}"
+          OIDC_CLIENT_SECRET: "{{ outline.oidc_client_secret }}"
+          OIDC_AUTH_URI: "https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/auth"
+          OIDC_TOKEN_URI: "https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/token"
+          OIDC_USERINFO_URI: "https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/userinfo"
+          OIDC_LOGOUT_URI: "https://kk.vakhrushev.me/realms/outline/protocol/openid-connect/logout"
+          OIDC_USERNAME_CLAIM: "email"
+          OIDC_DISPLAY_NAME: "KK"
 
       tags:
         - apps

playbook-docker.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Configure docker parameters'
+- name: "Configure docker parameters"
   hosts: all
 
   vars_files:
@@ -7,16 +7,15 @@
     - vars/vars.yml
 
   tasks:
-
-    - name: 'Install python docker lib from pip'
+    - name: "Install python docker lib from pip"
       ansible.builtin.pip:
         name: docker
 
-    - name: 'Install docker'
+    - name: "Install docker"
       ansible.builtin.import_role:
         name: geerlingguy.docker
       vars:
-        docker_edition: 'ce'
+        docker_edition: "ce"
         docker_packages:
           - "docker-{{ docker_edition }}"
           - "docker-{{ docker_edition }}-cli"
@@ -24,6 +23,6 @@
         docker_users:
           - major
 
-    - name: 'Login to yandex docker registry.'
+    - name: "Login to yandex docker registry."
       ansible.builtin.script:
-        cmd: 'files/yandex-docker-registry-auth.sh'
+        cmd: "files/yandex-docker-registry-auth.sh"

playbook-eget.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Install eget'
+- name: "Install eget"
   hosts: all
 
   vars_files:
@@ -9,39 +9,38 @@
   # See: https://github.com/zyedidia/eget/releases
 
   vars:
-    eget_install_dir: '{{ bin_prefix }}'
+    eget_install_dir: "{{ bin_prefix }}"
     eget_bin_path: '{{ (eget_install_dir, "eget") | path_join }}'
 
   tasks:
-
-    - name: 'Install eget'
+    - name: "Install eget"
       ansible.builtin.import_role:
         name: eget
       vars:
-        eget_version: '1.3.4'
-        eget_install_path: '{{ eget_bin_path }}'
+        eget_version: "1.3.4"
+        eget_install_path: "{{ eget_bin_path }}"
 
-    - name: 'Install rclone'
+    - name: "Install rclone"
       ansible.builtin.command:
-        cmd: '{{ eget_bin_path }} rclone/rclone --quiet --upgrade-only --to {{ eget_install_dir }} --asset zip --tag v1.69.2'
+        cmd: "{{ eget_bin_path }} rclone/rclone --quiet --upgrade-only --to {{ eget_install_dir }} --asset zip --tag v1.69.2"
       changed_when: false
 
-    - name: 'Install btop'
+    - name: "Install btop"
       ansible.builtin.command:
-        cmd: '{{ eget_bin_path }} aristocratos/btop --quiet --upgrade-only --to {{ eget_install_dir }} --tag v1.4.2'
+        cmd: "{{ eget_bin_path }} aristocratos/btop --quiet --upgrade-only --to {{ eget_install_dir }} --tag v1.4.2"
       changed_when: false
 
-    - name: 'Install restic'
+    - name: "Install restic"
       ansible.builtin.command:
-        cmd: '{{ eget_bin_path }} restic/restic --quiet --upgrade-only --to {{ eget_install_dir }} --tag v0.18.0'
+        cmd: "{{ eget_bin_path }} restic/restic --quiet --upgrade-only --to {{ eget_install_dir }} --tag v0.18.0"
       changed_when: false
 
-    - name: 'Install gobackup'
+    - name: "Install gobackup"
       ansible.builtin.command:
-        cmd: '{{ eget_bin_path }} gobackup/gobackup --quiet --upgrade-only --to {{ eget_install_dir }} --tag v2.14.0'
+        cmd: "{{ eget_bin_path }} gobackup/gobackup --quiet --upgrade-only --to {{ eget_install_dir }} --tag v2.14.0"
       changed_when: false
 
-    - name: 'Install task'
+    - name: "Install task"
       ansible.builtin.command:
-        cmd: '{{ eget_bin_path }} go-task/task --quiet --upgrade-only --to {{ eget_install_dir }}  --asset tar.gz --tag v3.43.3'
+        cmd: "{{ eget_bin_path }} go-task/task --quiet --upgrade-only --to {{ eget_install_dir }}  --asset tar.gz --tag v3.43.3"
       changed_when: false

playbook-gramps.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Configure gramps application'
+- name: "Configure gramps application"
   hosts: all
 
   vars_files:
@@ -7,32 +7,31 @@
     - vars/vars.yml
 
   vars:
-    app_name: 'gramps'
-    base_dir: '/home/{{ primary_user }}/applications/{{ app_name }}/'
+    app_name: "gramps"
+    base_dir: "/home/{{ primary_user }}/applications/{{ app_name }}/"
 
   tasks:
-
-    - name: 'Create application directories'
+    - name: "Create application directories"
       ansible.builtin.file:
-        path: '{{ item }}'
-        state: 'directory'
-        owner: '{{ primary_user }}'
-        group: '{{ primary_user }}'
-        mode: '0755'
+        path: "{{ item }}"
+        state: "directory"
+        owner: "{{ primary_user }}"
+        group: "{{ primary_user }}"
+        mode: "0755"
       loop:
-        - '{{ base_dir }}'
+        - "{{ base_dir }}"
         - '{{ (base_dir, "data") | path_join }}'
 
-    - name: 'Copy docker compose file'
+    - name: "Copy docker compose file"
       ansible.builtin.template:
-        src: './files/{{ app_name }}/docker-compose.yml.j2'
-        dest: '{{ base_dir }}/docker-compose.yml'        
-        owner: '{{ primary_user }}'
-        group: '{{ primary_user }}'
-        mode: '0644'
+        src: "./files/{{ app_name }}/docker-compose.yml.j2"
+        dest: "{{ base_dir }}/docker-compose.yml"
+        owner: "{{ primary_user }}"
+        group: "{{ primary_user }}"
+        mode: "0644"
 
-    - name: 'Run application with docker compose'
+    - name: "Run application with docker compose"
       community.docker.docker_compose_v2:
-        project_src: '{{ base_dir }}'
-        state: 'present'
+        project_src: "{{ base_dir }}"
+        state: "present"
         remove_orphans: true

playbook-netdata.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Install Netdata monitoring service'
+- name: "Install Netdata monitoring service"
   hosts: all
 
   vars_files:
@@ -7,11 +7,11 @@
     - vars/vars.yml
 
   tasks:
-    - name: 'Install Netdata from role'
+    - name: "Install Netdata from role"
       ansible.builtin.import_role:
         name: netdata
       vars:
-        netdata_version: 'v2.4.0'
-        netdata_exposed_port: '{{ netdata_port }}'
+        netdata_version: "v2.4.0"
+        netdata_exposed_port: "{{ netdata_port }}"
       tags:
         - monitoring

playbook-remove-user-and-app.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Update and upgrade system packages'
+- name: "Update and upgrade system packages"
   hosts: all
 
   vars_files:
@@ -7,21 +7,21 @@
     - vars/vars.yml
 
   vars:
-    user_name: '<put-name-here>'
+    user_name: "<put-name-here>"
 
   tasks:
     - name: 'Remove user "{{ user_name }}"'
       ansible.builtin.user:
-        name: '{{ user_name }}'
+        name: "{{ user_name }}"
         state: absent
         remove: true
 
     - name: 'Remove group "{{ user_name }}"'
       ansible.builtin.group:
-        name: '{{ user_name }}'
+        name: "{{ user_name }}"
         state: absent
 
-    - name: 'Remove web dir'
+    - name: "Remove web dir"
       ansible.builtin.file:
-        path: '/var/www/{{ user_name }}'
+        path: "/var/www/{{ user_name }}"
         state: absent

playbook-system.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Configure base system parameters'
+- name: "Configure base system parameters"
   hosts: all
 
   vars_files:
@@ -20,13 +20,12 @@
       - tree
 
   tasks:
-
-    - name: 'Install additional apt packages'
+    - name: "Install additional apt packages"
       ansible.builtin.apt:
-        name: '{{ apt_packages }}'
+        name: "{{ apt_packages }}"
         update_cache: true
 
-    - name: 'Configure timezone'
+    - name: "Configure timezone"
       ansible.builtin.import_role:
         name: yatesr.timezone
       vars:
@@ -34,7 +33,7 @@
       tags:
         - skip_ansible_lint
 
-    - name: 'Configure security settings'
+    - name: "Configure security settings"
       ansible.builtin.import_role:
         name: geerlingguy.security
       vars:

playbook-upgrade.yml

@@ -1,5 +1,5 @@
 ---
-- name: 'Update and upgrade system packages'
+- name: "Update and upgrade system packages"
   hosts: all
 
   vars_files:
@@ -9,7 +9,7 @@
   tasks:
     - name: Perform an upgrade of packages
       ansible.builtin.apt:
-        upgrade: 'yes'
+        upgrade: "yes"
         update_cache: true
 
     - name: Check if a reboot is required