From f80a1008c7e14b33d396f79683084c3112f93b6f Mon Sep 17 00:00:00 2001 From: Anton Vakhrushev Date: Fri, 2 Jan 2026 19:44:35 +0300 Subject: [PATCH] fix ansible lint errors --- .ansible-lint.yml | 3 +++ files/authelia/docker-compose.template.yml | 2 +- files/gitea/backup.sh.j2 | 2 +- files/gitea/docker-compose.yml.j2 | 4 ++-- files/memos/docker-compose.template.yml | 2 +- files/miniflux/docker-compose.template.yml | 4 ++-- files/outline/docker-compose.template.yml | 4 ++-- files/transcriber/docker-compose.template.yml | 6 +++--- files/wakapi/docker-compose.yml.j2 | 2 +- files/wanderer/docker-compose.template.yml | 6 +++--- lefthook.yml | 4 ++++ playbook-backups.yml | 2 +- roles/owner/tasks/main.yml | 7 ++++--- roles/owner/templates/env.j2 | 4 ++-- 14 files changed, 30 insertions(+), 22 deletions(-) diff --git a/.ansible-lint.yml b/.ansible-lint.yml index 151d807..990da3e 100644 --- a/.ansible-lint.yml +++ b/.ansible-lint.yml @@ -1,6 +1,9 @@ --- exclude_paths: - ".ansible/" + - ".crush/" - ".gitea/" + - ".venv/" + - ".vscode/" - "galaxy.roles/" - "Taskfile.yml" diff --git a/files/authelia/docker-compose.template.yml b/files/authelia/docker-compose.template.yml index 2f62407..9711479 100644 --- a/files/authelia/docker-compose.template.yml +++ b/files/authelia/docker-compose.template.yml @@ -3,7 +3,7 @@ services: authelia_app: container_name: 'authelia_app' image: 'docker.io/authelia/authelia:4.39.14' - user: '{{ user_create_result.uid }}:{{ user_create_result.group }}' + user: '{{ owner_create_result.uid }}:{{ owner_create_result.group }}' restart: 'unless-stopped' networks: - "web_proxy_network" diff --git a/files/gitea/backup.sh.j2 b/files/gitea/backup.sh.j2 index 7f14a47..4f15945 100644 --- a/files/gitea/backup.sh.j2 +++ b/files/gitea/backup.sh.j2 @@ -7,7 +7,7 @@ echo "Gitea: backup data with gitea dump" (cd "{{ base_dir }}" && \ docker compose exec \ - -u "{{ user_create_result.uid }}:{{ user_create_result.group }}" \ + -u "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" \ -w /backups gitea_app \ gitea dump -c /data/gitea/conf/app.ini \ ) diff --git a/files/gitea/docker-compose.yml.j2 b/files/gitea/docker-compose.yml.j2 index a3dcecd..77c189c 100644 --- a/files/gitea/docker-compose.yml.j2 +++ b/files/gitea/docker-compose.yml.j2 @@ -14,8 +14,8 @@ services: networks: - "web_proxy_network" environment: - - "USER_UID={{ user_create_result.uid }}" - - "USER_GID={{ user_create_result.group }}" + - "USER_UID={{ owner_create_result.uid }}" + - "USER_GID={{ owner_create_result.group }}" - "GITEA__server__SSH_PORT=2222" # Mailer diff --git a/files/memos/docker-compose.template.yml b/files/memos/docker-compose.template.yml index 56e0dbc..39b35d5 100644 --- a/files/memos/docker-compose.template.yml +++ b/files/memos/docker-compose.template.yml @@ -6,7 +6,7 @@ services: image: neosmemo/memos:0.25.3 container_name: memos_app restart: unless-stopped - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" networks: - "web_proxy_network" volumes: diff --git a/files/miniflux/docker-compose.template.yml b/files/miniflux/docker-compose.template.yml index d7ddfa9..7e68c54 100644 --- a/files/miniflux/docker-compose.template.yml +++ b/files/miniflux/docker-compose.template.yml @@ -5,7 +5,7 @@ services: miniflux_app: image: miniflux/miniflux:2.2.10 container_name: miniflux_app - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" depends_on: miniflux_postgres: condition: service_healthy @@ -36,7 +36,7 @@ services: miniflux_postgres: image: postgres:16.3-bookworm container_name: miniflux_postgres - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" restart: 'unless-stopped' environment: - POSTGRES_USER={{ miniflux_postgres_user }} diff --git a/files/outline/docker-compose.template.yml b/files/outline/docker-compose.template.yml index eabface..a923053 100644 --- a/files/outline/docker-compose.template.yml +++ b/files/outline/docker-compose.template.yml @@ -5,7 +5,7 @@ services: outline_app: image: outlinewiki/outline:1.1.0 container_name: outline_app - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" restart: unless-stopped depends_on: - outline_postgres @@ -57,7 +57,7 @@ services: outline_postgres: image: postgres:16.3-bookworm container_name: outline_postgres - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" restart: unless-stopped volumes: - "/etc/passwd:/etc/passwd:ro" diff --git a/files/transcriber/docker-compose.template.yml b/files/transcriber/docker-compose.template.yml index 91af02c..1c0a1d3 100644 --- a/files/transcriber/docker-compose.template.yml +++ b/files/transcriber/docker-compose.template.yml @@ -4,7 +4,7 @@ services: # noinspection ComposeUnknownValues image: "{{ registry_transcriber_image }}" container_name: transcriber_app - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" restart: unless-stopped volumes: - "{{ config_file }}:/config/config.toml:ro" @@ -13,8 +13,8 @@ services: - "web_proxy_network" - "monitoring_network" environment: - - "USER_UID={{ user_create_result.uid }}" - - "USER_GID={{ user_create_result.group }}" + - "USER_UID={{ owner_create_result.uid }}" + - "USER_GID={{ owner_create_result.group }}" command: ./transcriber --config=/config/config.toml networks: diff --git a/files/wakapi/docker-compose.yml.j2 b/files/wakapi/docker-compose.yml.j2 index 2497ec4..f76f4e3 100644 --- a/files/wakapi/docker-compose.yml.j2 +++ b/files/wakapi/docker-compose.yml.j2 @@ -6,7 +6,7 @@ services: image: ghcr.io/muety/wakapi:2.17.0 container_name: wakapi_app restart: unless-stopped - user: '{{ user_create_result.uid }}:{{ user_create_result.group }}' + user: '{{ owner_create_result.uid }}:{{ owner_create_result.group }}' networks: - "web_proxy_network" volumes: diff --git a/files/wanderer/docker-compose.template.yml b/files/wanderer/docker-compose.template.yml index 32a6a6a..9d90a0f 100644 --- a/files/wanderer/docker-compose.template.yml +++ b/files/wanderer/docker-compose.template.yml @@ -7,7 +7,7 @@ services: wanderer_search: container_name: wanderer_search image: getmeili/meilisearch:v1.20.0 - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" environment: <<: *cenv MEILI_NO_ANALYTICS: "true" @@ -28,7 +28,7 @@ services: wanderer_db: container_name: wanderer_db image: "flomp/wanderer-db:{{ wanderer_version }}" - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" depends_on: wanderer_search: condition: service_healthy @@ -54,7 +54,7 @@ services: wanderer_web: container_name: wanderer_web image: "flomp/wanderer-web:{{ wanderer_version }}" - user: "{{ user_create_result.uid }}:{{ user_create_result.group }}" + user: "{{ owner_create_result.uid }}:{{ owner_create_result.group }}" depends_on: wanderer_search: condition: service_healthy diff --git a/lefthook.yml b/lefthook.yml index f333925..1366b18 100644 --- a/lefthook.yml +++ b/lefthook.yml @@ -22,6 +22,10 @@ pre-commit: glob: "**/*.{yml,yaml}" run: "uv run yamllint --config-file .yamllint.yml --format colored {staged_files}" + - name: "ansible-lint" + glob: "**/*.{yml,yaml}" + run: "uv run ansible-lint --profile production {staged_files}" + - name: "gitleaks" run: "gitleaks git --staged" diff --git a/playbook-backups.yml b/playbook-backups.yml index 3f53e35..546a021 100644 --- a/playbook-backups.yml +++ b/playbook-backups.yml @@ -35,7 +35,7 @@ state: present line: "{{ primary_user }} ALL=(ALL) NOPASSWD: {{ backup_all_script }}" validate: /usr/sbin/visudo -cf %s # ВАЖНО: проверка синтаксиса перед сохранением - create: no # Файл уже должен существовать + create: false # Файл уже должен существовать - name: "Copy restic shell script" ansible.builtin.template: diff --git a/roles/owner/tasks/main.yml b/roles/owner/tasks/main.yml index 139d55c..6ccc2fd 100644 --- a/roles/owner/tasks/main.yml +++ b/roles/owner/tasks/main.yml @@ -22,7 +22,7 @@ groups: "{{ owner_extra_groups }}" uid: "{{ owner_uid }}" shell: /bin/bash - register: user_create_result + register: owner_create_result - name: 'Set up user ssh keys for user "{{ owner_name }}".' ansible.posix.authorized_key: @@ -34,7 +34,8 @@ - name: "Prepare env variables." ansible.builtin.set_fact: - env_dict: '{{ owner_env | combine({"USER_UID": user_create_result.uid, "USER_GID": user_create_result.group}) }}' + # yamllint disable-line rule:line-length + owner_env_dict: '{{ owner_env | combine({"USER_UID": owner_create_result.uid, "USER_GID": owner_create_result.group}) }}' - name: 'Set up environment variables for user "{{ owner_name }}".' ansible.builtin.template: @@ -49,7 +50,7 @@ path: "/home/{{ owner_name }}/.bashrc" regexp: "^export {{ item.key }}=" state: absent - with_dict: "{{ env_dict }}" + with_dict: "{{ owner_env_dict }}" - name: 'Include in bashrc environment variables for user "{{ owner_name }}".' ansible.builtin.lineinfile: diff --git a/roles/owner/templates/env.j2 b/roles/owner/templates/env.j2 index ff0a495..6d26d82 100644 --- a/roles/owner/templates/env.j2 +++ b/roles/owner/templates/env.j2 @@ -1,3 +1,3 @@ -{% for name in env_dict.keys() | sort %} -{{ name }}={{ env_dict[name] }} +{% for name in owner_env_dict.keys() | sort %} +{{ name }}={{ owner_env_dict[name] }} {% endfor %}