chore: add and apply yamllint

ansible/gitea/gitea-playbook.yml

@@ -1,6 +1,7 @@
+---
 - name: Install gitea
   hosts:
-    - giteas
+      - giteas
 
   roles:
-    - role: roles/gitea
+      - role: roles/gitea

ansible/gitea/roles/gitea/tasks/main.yml

@@ -1,23 +1,23 @@
 ---
 - name: Download gitea {{ gitea_version }}
   get_url:
-    url: "https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
-    dest: "/usr/local/bin/gitea"
+      url: https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64
+      dest: /usr/local/bin/gitea
 
 - name: Copy gitea config file app.ini
   template:
-    src: app.ini.j2
-    dest: /etc/gitea/app.ini
-    mode: 0600
+      src: app.ini.j2
+      dest: /etc/gitea/app.ini
+      mode: 0600
 
 - name: Copy gitea systemd unitfile gitea.service
   copy:
-    src: gitea.service
-    dest: /etc/systemd/system/gitea.service
-    mode: 0600
+      src: gitea.service
+      dest: /etc/systemd/system/gitea.service
+      mode: 0600
 
 - name: Restart gitea systemd service
   ansible.builtin.systemd_service:
-    state: restarted
-    daemon_reload: true
-    name: gitea
+      state: restarted
+      daemon_reload: true
+      name: gitea

ansible/gitea/roles/gitea/vars/main.yml

@@ -15,4 +15,4 @@ gitea_mailer_from: "{{ lookup('env', 'GITEA_MAILER_FROM', default='git@fukurokuj
 gitea_mailer_user: "{{ lookup('env', 'GITEA_MAILER_USER') }}"
 gitea_mailer_password: "{{ lookup('env', 'GITEA_MAILER_PASSWORD') }}"
 gitea_no_reply_address: "{{ lookup('env', 'GITEA_NO_REPLY_ADDRESS', default='git@fukurokuju.dev') }}"
-gitea_themes: gitea,arc-green,gitea-modern,catppuccin-latte-rosewater,catppuccin-latte-flamingo,catppuccin-latte-pink,catppuccin-latte-mauve,catppuccin-latte-red,catppuccin-latte-maroon,catppuccin-latte-peach,catppuccin-latte-yellow,catppuccin-latte-green,catppuccin-latte-teal,catppuccin-latte-sky,catppuccin-latte-sapphire,catppuccin-latte-blue,catppuccin-latte-lavender,catppuccin-frappe-rosewater,catppuccin-frappe-flamingo,catppuccin-frappe-pink,catppuccin-frappe-mauve,catppuccin-frappe-red,catppuccin-frappe-maroon,catppuccin-frappe-peach,catppuccin-frappe-yellow,catppuccin-frappe-green,catppuccin-frappe-teal,catppuccin-frappe-sky,catppuccin-frappe-sapphire,catppuccin-frappe-blue,catppuccin-frappe-lavender,catppuccin-macchiato-rosewater,catppuccin-macchiato-flamingo,catppuccin-macchiato-pink,catppuccin-macchiato-mauve,catppuccin-macchiato-red,catppuccin-macchiato-maroon,catppuccin-macchiato-peach,catppuccin-macchiato-yellow,catppuccin-macchiato-green,catppuccin-macchiato-teal,catppuccin-macchiato-sky,catppuccin-macchiato-sapphire,catppuccin-macchiato-blue,catppuccin-macchiato-lavender,catppuccin-mocha-rosewater,catppuccin-mocha-flamingo,catppuccin-mocha-pink,catppuccin-mocha-mauve,catppuccin-mocha-red,catppuccin-mocha-maroon,catppuccin-mocha-peach,catppuccin-mocha-yellow,catppuccin-mocha-green,catppuccin-mocha-teal,catppuccin-mocha-sky,catppuccin-mocha-sapphire,catppuccin-mocha-blue,catppuccin-mocha-lavender
+gitea_themes: gitea,arc-green,gitea-modern,catppuccin-latte-rosewater,catppuccin-latte-flamingo,catppuccin-latte-pink,catppuccin-latte-mauve,catppuccin-latte-red,catppuccin-latte-maroon,catppuccin-latte-peach,catppuccin-latte-yellow,catppuccin-latte-green,catppuccin-latte-teal,catppuccin-latte-sky,catppuccin-latte-sapphire,catppuccin-latte-blue,catppuccin-latte-lavender,catppuccin-frappe-rosewater,catppuccin-frappe-flamingo,catppuccin-frappe-pink,catppuccin-frappe-mauve,catppuccin-frappe-red,catppuccin-frappe-maroon,catppuccin-frappe-peach,catppuccin-frappe-yellow,catppuccin-frappe-green,catppuccin-frappe-teal,catppuccin-frappe-sky,catppuccin-frappe-sapphire,catppuccin-frappe-blue,catppuccin-frappe-lavender,catppuccin-macchiato-rosewater,catppuccin-macchiato-flamingo,catppuccin-macchiato-pink,catppuccin-macchiato-mauve,catppuccin-macchiato-red,catppuccin-macchiato-maroon,catppuccin-macchiato-peach,catppuccin-macchiato-yellow,catppuccin-macchiato-green,catppuccin-macchiato-teal,catppuccin-macchiato-sky,catppuccin-macchiato-sapphire,catppuccin-macchiato-blue,catppuccin-macchiato-lavender,catppuccin-mocha-rosewater,catppuccin-mocha-flamingo,catppuccin-mocha-pink,catppuccin-mocha-mauve,catppuccin-mocha-red,catppuccin-mocha-maroon,catppuccin-mocha-peach,catppuccin-mocha-yellow,catppuccin-mocha-green,catppuccin-mocha-teal,catppuccin-mocha-sky,catppuccin-mocha-sapphire,catppuccin-mocha-blue,catppuccin-mocha-lavender  # yamllint disable rule:line-length

ansible/k3s/playbooks/base.yml

@@ -1,8 +1,9 @@
+---
 - name: Apply base configuration
   hosts:
-    - k3s_agents
-    - k3s_masters
+      - k3s_agents
+      - k3s_masters
 
   roles:
-    - role: ../roles/base
-      become: yes
+      - role: ../roles/base
+        become: true

ansible/k3s/playbooks/k3s.yml

@@ -1,12 +1,13 @@
+---
 - name: Install k3s nodes
   hosts:
-    - k3s_masters
-    - k3s_agents
+      - k3s_masters
+      - k3s_agents
 
   roles:
-    - role: ../roles/k3s
-      become: yes
-      vars:
-        first_master_hostname: "{{ groups['k3s_masters'][0] }}"
-        is_first_master: "{{ inventory_hostname in groups['k3s_masters'][0] }}"
-        short_hostname: "{{ inventory_hostname.split('.')[0] }}"
+      - role: ../roles/k3s
+        become: true
+        vars:
+            first_master_hostname: "{{ groups['k3s_masters'][0] }}"
+            is_first_master: "{{ inventory_hostname in groups['k3s_masters'][0] }}"
+            short_hostname: "{{ inventory_hostname.split('.')[0] }}"

ansible/k3s/roles/base/tasks/main.yml

@@ -1,36 +1,36 @@
 ---
 - name: Set same timezone on every Server
   community.general.timezone:
-    name: "{{ system_timezone }}"
+      name: '{{ system_timezone }}'
   when: (system_timezone is defined) and (system_timezone != "Europe/Madrid")
 
 - name: Enable IPv4 forwarding
   ansible.posix.sysctl:
-    name: net.ipv4.ip_forward
-    value: "1"
-    state: present
-    reload: yes
+      name: net.ipv4.ip_forward
+      value: '1'
+      state: present
+      reload: true
 
 - name: Enable IPv6 forwarding
   ansible.posix.sysctl:
-    name: net.ipv6.conf.all.forwarding
-    value: "1"
-    state: present
-    reload: yes
+      name: net.ipv6.conf.all.forwarding
+      value: '1'
+      state: present
+      reload: true
 
 - name: Enable IPv6 router advertisements
   ansible.posix.sysctl:
-    name: net.ipv6.conf.all.accept_ra
-    value: "2"
-    state: present
-    reload: yes
+      name: net.ipv6.conf.all.accept_ra
+      value: '2'
+      state: present
+      reload: true
 
 - import_tasks: packages.yml
   name: Install base packages
   tags:
-    - packages
+      - packages
 
 - import_tasks: mounts.yml
   name: Mount NFS shares
   tags:
-    - nfs
+      - nfs

ansible/k3s/roles/base/tasks/mounts.yml

@@ -1,19 +1,19 @@
 ---
 - name: Create mountpoint directory
   file:
-    path: /nfs/nas1
-    state: directory
-    owner: 10000
-    group: 10000
+      path: /nfs/nas1
+      state: directory
+      owner: 10000
+      group: 10000
 
 - name: Mount nas1 share
   mount:
-    fstype: nfs
-    src: zeruel.fuku:/mnt/pool1/nas1
-    path: /nfs/nas1
-    state: mounted
-    fstab: /etc/fstab
-    opts: _netdev,nofail,tcp,bg,retrans=2,timeo=150,rsize=32768,wsize=32768,noresvport
-    backup: true
-  become: yes
+      fstype: nfs
+      src: zeruel.fuku:/mnt/pool1/nas1
+      path: /nfs/nas1
+      state: mounted
+      fstab: /etc/fstab
+      opts: _netdev,nofail,tcp,bg,retrans=2,timeo=150,rsize=32768,wsize=32768,noresvport
+      backup: true
+  become: true
   become_user: root

ansible/k3s/roles/base/tasks/packages.yml

@@ -1,17 +1,18 @@
+---
 - name: Install base packages
   apt:
-    name: "{{ item }}"
-    state: present
-    update_cache: yes
+      name: '{{ item }}'
+      state: present
+      update_cache: true
   loop:
-    - qemu-guest-agent
-    - git
-    - tmux
-    - vim
-    - curl
-    - nfs-common
+      - qemu-guest-agent
+      - git
+      - tmux
+      - vim
+      - curl
+      - nfs-common
 
 - name: Update all packages
   apt:
-    upgrade: dist
-    update_cache: yes
+      upgrade: dist
+      update_cache: true

ansible/k3s/roles/k3s/tasks/agent.yml

@@ -1,17 +1,17 @@
 ---
 - name: Create rancher folder
   file:
-    state: directory
-    path: /etc/rancher/k3s
-    owner: root
-    group: root
-    mode: 755
+      state: directory
+      path: /etc/rancher/k3s
+      owner: root
+      group: root
+      mode: 755
 
 - name: Copy k3s config file
   template:
-    src: agent.config.yaml.j2
-    dest: /etc/rancher/k3s/config.yaml
-    mode: 600
+      src: agent.config.yaml.j2
+      dest: /etc/rancher/k3s/config.yaml
+      mode: 600
 
 - name: Install k3s agent
-  shell: "bash /tmp/k3s.install.sh agent"
+  shell: bash /tmp/k3s.install.sh agent

ansible/k3s/roles/k3s/tasks/copy-kubeconfig.yml

@@ -1,19 +1,19 @@
 ---
 - name: Create .kube directory
-  become: yes
+  become: true
   file:
-    path: /home/ci/.kube
-    state: directory
-    mode: '0755'
-    owner: ci
-    group: ci
+      path: /home/ci/.kube
+      state: directory
+      mode: '0755'
+      owner: ci
+      group: ci
 
 - name: Copy kubeconfig
   copy:
-    remote_src: true
-    src: /etc/rancher/k3s/k3s.yaml
-    dest: /home/ci/.kube/config
-    mode: 0644
-    owner: ci
-    group: ci
-  become: yes
+      remote_src: true
+      src: /etc/rancher/k3s/k3s.yaml
+      dest: /home/ci/.kube/config
+      mode: 0644
+      owner: ci
+      group: ci
+  become: true

ansible/k3s/roles/k3s/tasks/download.yml

@@ -1,6 +1,5 @@
 ---
-
 - name: Download k3s script
   get_url:
-    url: https://get.k3s.io
-    dest: /tmp/k3s.install.sh
+      url: https://get.k3s.io
+      dest: /tmp/k3s.install.sh

ansible/k3s/roles/k3s/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - import_tasks: download.yml
   name: Download install script
 

ansible/k3s/roles/k3s/tasks/master.yml

@@ -1,19 +1,19 @@
 ---
 - name: Create rancher folder
   file:
-    state: directory
-    path: /etc/rancher/k3s
-    owner: root
-    group: root
-    mode: 755
+      state: directory
+      path: /etc/rancher/k3s
+      owner: root
+      group: root
+      mode: 755
 
 - name: Copy k3s config file
   template:
-    src: master.config.yaml.j2
-    dest: /etc/rancher/k3s/config.yaml
-    mode: 600
+      src: master.config.yaml.j2
+      dest: /etc/rancher/k3s/config.yaml
+      mode: 600
   vars:
-    etcd_snapshot_dir: "/nfs/nas1/backups/{{ short_hostname }}"
+      etcd_snapshot_dir: /nfs/nas1/backups/{{ short_hostname }}
 
 - name: Install k3s master
   command: bash /tmp/k3s.install.sh

ansible/k3s/roles/k3s/vars/main.yml

@@ -1,4 +1,4 @@
 ---
-k3s_version: "v1.27.4+k3s1"
+k3s_version: v1.27.4+k3s1
 tls_san: "{{ lookup('env', 'ANSIBLE_TLS_SAN') | mandatory }}"
 cluster_token: "{{ lookup('env', 'ANSIBLE_CLUSTER_TOKEN') | mandatory }}"

ansible/nextcloud/role-promtail.yml

@@ -1,26 +1,27 @@
+---
 - name: Install promtail
   hosts:
-    - nextclouds
+      - nextclouds
 
   roles:
-    - role: patrickjahns.promtail
-      vars:
-        promtail_version: 2.9.4
-        promtail_config_clients:
-          - url: https://loki.fuku/loki/api/v1/push
-            basic_auth:
-              username: cloud
-              password: "{{ lookup('env', 'NEXTCLOUD_PROMTAIL_PASSWORD') | mandatory }}"
-            tls_config:
-              insecure_skip_verify: true
-        promtail_config_scrape_configs:
-          - job_name: system
-            static_configs:
-              - targets:
-                  - localhost
-                labels:
-                  nextcloud: cloud.fukurokuju.dev
-                  __path__: /mnt/share/data/cloud/data/{nextcloud,audit}.log
-        promtail_config_limits_config:
-          readline_rate_enabled: true
-          readline_rate_drop: true
+      - role: patrickjahns.promtail
+        vars:
+            promtail_version: 2.9.4
+            promtail_config_clients:
+                - url: https://loki.fuku/loki/api/v1/push
+                  basic_auth:
+                      username: cloud
+                      password: "{{ lookup('env', 'NEXTCLOUD_PROMTAIL_PASSWORD') | mandatory }}"
+                  tls_config:
+                      insecure_skip_verify: true
+            promtail_config_scrape_configs:
+                - job_name: system
+                  static_configs:
+                      - targets:
+                            - localhost
+                        labels:
+                            nextcloud: cloud.fukurokuju.dev
+                            __path__: /mnt/share/data/cloud/data/{nextcloud,audit}.log
+            promtail_config_limits_config:
+                readline_rate_enabled: true
+                readline_rate_drop: true

ansible/requirements.yml

@@ -1,2 +1,3 @@
+---
 - name: patrickjahns.promtail
   version: 1.26.0