bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed linting, ignore vault file for linting

Browse Source
This commit is contained in:
Bastian de Byl
2020-09-25 12:17:06 -04:00
parent d6c973fa0f
commit 4ef5cc815f
4 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Makefile
View File

@@ -35,6 +35,12 @@ ${VAULT_PASS_FILE}: ${ANSIBLE}
${VAULT_FILE}: ${VAULT_PASS_FILE} ${VAULT_FILE}: ${VAULT_PASS_FILE}
${ANSIBLE_VAULT} create --vault-password-file ${VAULT_PASS_FILE} $@ ${ANSIBLE_VAULT} create --vault-password-file ${VAULT_PASS_FILE} $@
YAML_FILES=$(shell find ansible/ -name '*.yml' -not -name '*vault*')
# Ansible Lint skip list:
# [701] - "No 'galaxy_info' found (in role)"
ANSIBLE_LINT_SKIP_LIST=701
# Targets # Targets
deploy: ${ANSIBLE} ${VAULT_FILE} deploy: ${ANSIBLE} ${VAULT_FILE}
${ANSIBLE} --diff --private-key ${SSH_KEY} -t ${TAGS} -i ${ANSIBLE_INVENTORY} --vault-password-file ${VAULT_PASS_FILE} ansible/deploy.yml ${ANSIBLE} --diff --private-key ${SSH_KEY} -t ${TAGS} -i ${ANSIBLE_INVENTORY} --vault-password-file ${VAULT_PASS_FILE} ansible/deploy.yml
@@ -46,5 +52,7 @@ vault: ${ANSIBLE_VAULT} ${VAULT_FILE}
${ANSIBLE_VAULT} edit --vault-password-file ${VAULT_PASS_FILE} ${VAULT_FILE} ${ANSIBLE_VAULT} edit --vault-password-file ${VAULT_PASS_FILE} ${VAULT_FILE}
lint: ${LINT_YAML} ${LINT_ANSIBLE} lint: ${LINT_YAML} ${LINT_ANSIBLE}
${LINT_YAML} ansible/ @printf "Running yamllint...\n"
${LINT_ANSIBLE} ansible/ -@${LINT_YAML} ${YAML_FILES}
@printf "Running ansible-lint with SKIP_LIST: [%s]...\n" "${ANSIBLE_LINT_SKIP_LIST}"
-@${LINT_ANSIBLE} -x ${ANSIBLE_LINT_SKIP_LIST} ${YAML_FILES}

1
ansible/roles/common/tasks/security.yml
View File

@@ -17,6 +17,7 @@
copy: copy:
src: files/fail2ban/jails/{{ item }} src: files/fail2ban/jails/{{ item }}
dest: /etc/fail2ban/jail.d/{{ item }} dest: /etc/fail2ban/jail.d/{{ item }}
mode: 0644
with_items: "{{ fail2ban_jails }}" with_items: "{{ fail2ban_jails }}"
notify: restart_fail2ban notify: restart_fail2ban
tags: security tags: security

4
ansible/roles/http/tasks/http.yml
View File

@@ -4,6 +4,7 @@
copy: copy:
src: files/nginx/nginx.conf src: files/nginx/nginx.conf
dest: /etc/nginx/nginx.conf dest: /etc/nginx/nginx.conf
mode: 0644
notify: restart_nginx notify: restart_nginx
tags: http tags: http
@@ -12,6 +13,7 @@
file: file:
path: "/etc/nginx/{{ item }}" path: "/etc/nginx/{{ item }}"
state: directory state: directory
mode: 0644
with_items: with_items:
- sites-enabled - sites-enabled
- sites-available - sites-available
@@ -31,6 +33,7 @@
file: file:
path: "/var/log/nginx/error.log" path: "/var/log/nginx/error.log"
state: file state: file
mode: 0644
notify: restart_fail2ban notify: restart_fail2ban
tags: http, security tags: http, security
@@ -39,6 +42,7 @@
template: template:
src: "templates/nginx/sites/{{ item }}.j2" src: "templates/nginx/sites/{{ item }}.j2"
dest: "/etc/nginx/sites-available/{{ item }}" dest: "/etc/nginx/sites-available/{{ item }}"
mode: 0644
with_items: with_items:
- "{{ ci_server_name }}.http.conf" - "{{ ci_server_name }}.http.conf"
notify: restart_nginx notify: restart_nginx

1
ansible/roles/http/tasks/ssl.yml
View File

@@ -42,6 +42,7 @@
template: template:
src: "templates/nginx/sites/{{ item }}.j2" src: "templates/nginx/sites/{{ item }}.j2"
dest: "/etc/nginx/sites-available/{{ item }}" dest: "/etc/nginx/sites-available/{{ item }}"
mode: 0644
with_items: with_items:
- "{{ ci_server_name }}.https.conf" - "{{ ci_server_name }}.https.conf"
tags: ssl tags: ssl