Fix more ansible-lint errors

2024-10-13 13:31:08 +02:00 · 2024-10-13 13:31:08 +02:00 · 5542a21301
commit 5542a21301
parent d3c09406bf
11 changed files with 23 additions and 23 deletions
--- a/roles/install/defaults/main.yml
+++ b/roles/install/defaults/main.yml
@ -1,5 +1,5 @@
 ---
-sce_cfg_group: sce_cfg
-sce_cfg_user: cfg
-sce_service_accounts:
+install_cfg_group: sce_cfg
+install_cfg_user: cfg
+install_service_accounts:
  - podman
--- a/roles/install/tasks/main.yml
+++ b/roles/install/tasks/main.yml
@ -23,14 +23,14 @@

 - name: Create group for managing rootless Podman environments
  ansible.builtin.group:
-    name: "{{ sce_cfg_group }}"
+    name: "{{ install_cfg_group }}"
    system: true
    state: present

 - name: Add config management (Ansible) user to the rootless Podman managing group
  ansible.builtin.user:
-    name: "{{ sce_cfg_user }}"
-    groups: ["{{ sce_cfg_group }}"]
+    name: "{{ install_cfg_user }}"
+    groups: ["{{ install_cfg_group }}"]
    append: true

 - name: Create service account(s) for running rootless Podman containers under
@ -41,11 +41,11 @@
    # By default, subordinate id's are only allocated automatically for non-system accounts
    system: false
    state: present
-  loop: "{{ sce_service_accounts }}"
+  loop: "{{ install_service_accounts }}"

 # Needed to have containers start at host boot
 - name: Ensure systemd user service manager will run without a login session for the Podman service account(s)
  ansible.builtin.command:
    cmd: loginctl enable-linger {{ item }}
    creates: /var/lib/systemd/linger/{{ item }}
-  loop: "{{ sce_service_accounts }}"
+  loop: "{{ install_service_accounts }}"
--- a/roles/install/templates/machinectl.rules.j2
+++ b/roles/install/templates/machinectl.rules.j2
@ -1,6 +1,6 @@
 /* {{ ansible_managed }} */
 polkit.addRule(function(action, subject) {
-  if(action.id == "org.freedesktop.machine1.host-shell" && subject.isInGroup("{{ sce_cfg_group }}")) {
+  if(action.id == "org.freedesktop.machine1.host-shell" && subject.isInGroup("{{ install_cfg_group }}")) {
    return polkit.Result.YES;
  }
 });
--- a/roles/nginx/defaults/main.yml
+++ b/roles/nginx/defaults/main.yml
@ -1,3 +1,3 @@
 ---
-sce_nginx_certificate_path: /etc/sce-certbot
-sce_nginx_sites: []
+nginx_certificate_path: /etc/sce-certbot
+nginx_sites: []
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@ -14,11 +14,11 @@
  community.general.htpasswd:
    path: /etc/nginx/passwdfile
    name: admin
-    password: "{{ sce_nginx_htpasswd }}"
+    password: "{{ nginx_htpasswd }}"
    owner: root
    group: www-data
    mode: "0640"
-  when: sce_nginx_htpasswd is defined
+  when: nginx_htpasswd is defined

 - name: Check if the passwdfile exists
  ansible.builtin.stat:
@ -27,7 +27,7 @@

 - name: Iterate over configured nginx sites
  ansible.builtin.include_tasks: site.yml
-  loop: "{{ sce_nginx_sites }}"
+  loop: "{{ nginx_sites }}"
  vars:
    site_name: "{{ item['name'] }}"
    site_port: "{{ item['port'] }}"
--- a/roles/nginx/templates/nginx-server.j2
+++ b/roles/nginx/templates/nginx-server.j2
@ -5,8 +5,8 @@ server {

  server_name {{ site_name }};

-  ssl_certificate {{ sce_nginx_certificate_path }}/{{ site_name }}/fullchain.pem;
-  ssl_certificate_key {{ sce_nginx_certificate_path }}/{{ site_name }}/privkey.pem;
+  ssl_certificate {{ nginx_certificate_path }}/{{ site_name }}/fullchain.pem;
+  ssl_certificate_key {{ nginx_certificate_path }}/{{ site_name }}/privkey.pem;

 {% if auth %}
  auth_basic "SCE";
--- a/roles/podman_certbot/defaults/main.yml
+++ b/roles/podman_certbot/defaults/main.yml
@ -1,3 +1,3 @@
 ---
-sce_certbot_port_mapping: "8080:80"
-sce_certbot_timer: weekly
+podman_certbot_port_mapping: "8080:80"
+podman_certbot_timer: weekly
--- a/roles/podman_certbot/tasks/machinectl.yml
+++ b/roles/podman_certbot/tasks/machinectl.yml
@ -12,12 +12,12 @@
    name: certbot
    state: present
    image: docker.io/certbot/certbot
-    command: certonly -n --standalone --domains {{ sce_certbot_domains }} --agree-tos --email {{ sce_certbot_email }}
+    command: certonly -n --standalone --domains {{ podman_certbot_domains }} --agree-tos --email {{ podman_certbot_email }}
    volumes:
      - certbot-etc:/etc/letsencrypt
      - certbot-var-lib:/var/lib/letsencrypt
    ports:
-      - "{{ sce_certbot_port_mapping }}"
+      - "{{ podman_certbot_port_mapping }}"
    generate_systemd:
      path: ~/.config/systemd/user
      # If validation fails a number of times in a pre-defined window, we will get rate-limited by
--- a/roles/podman_certbot/templates/container-certbot.timer.j2
+++ b/roles/podman_certbot/templates/container-certbot.timer.j2
@ -3,7 +3,7 @@
 Description=Run certbot renewal process

 [Timer]
-OnCalendar={{ sce_certbot_timer }}
+OnCalendar={{ podman_certbot_timer }}
 Persistent=true

 [Install]
--- a/roles/podman_forgejo/defaults/main.yml
+++ b/roles/podman_forgejo/defaults/main.yml
@ -1,2 +1,2 @@
 ---
-sce_forgejo_version: 8.0.1
+podman_forgejo_version: 8.0.1
--- a/roles/podman_forgejo/tasks/machinectl.yml
+++ b/roles/podman_forgejo/tasks/machinectl.yml
@ -8,7 +8,7 @@
  containers.podman.podman_container:
    name: forgejo
    state: present
-    image: codeberg.org/forgejo/forgejo:{{ sce_forgejo_version }}
+    image: codeberg.org/forgejo/forgejo:{{ podman_forgejo_version }}
    env:
      USER_UID: 1000
      USER_GID: 1000