diff --git a/ansible.lint.cfg b/ansible.lint.cfg
index e6d83fa..2819710 100644
--- a/ansible.lint.cfg
+++ b/ansible.lint.cfg
@@ -1,2 +1,4 @@
# Empty stub config file, so ansible-lint does not use the default config's vault_password_file.
# Otherwise ansible-lint always tries to get a vault password and fails.
+[defaults]
+roles_path = ./roles
diff --git a/playbooks/gitlab_runner.yml b/playbooks/gitlab_runner.yml
index d4f6862..045f8f6 100644
--- a/playbooks/gitlab_runner.yml
+++ b/playbooks/gitlab_runner.yml
@@ -27,7 +27,7 @@
PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages
tasks:
- name: Install docker image prune crontab
- cron:
+ ansible.builtin.cron:
name: "Prune unused docker images"
minute: "0"
hour: "*/4"
diff --git a/playbooks/mailcow.yml b/playbooks/mailcow.yml
index b43fb02..ffade8e 100644
--- a/playbooks/mailcow.yml
+++ b/playbooks/mailcow.yml
@@ -24,7 +24,7 @@
PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages
tasks:
- name: Install backup crontab
- cron:
+ ansible.builtin.cron:
name: "Backup mailcow daily"
minute: "5"
hour: "3"
diff --git a/roles/camo/tasks/main.yml b/roles/camo/tasks/main.yml
index 0380406..d265454 100644
--- a/roles/camo/tasks/main.yml
+++ b/roles/camo/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -31,7 +31,7 @@
- camo
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ camo_install_location }}/docker-compose.yml"
mode: '0600'
@@ -44,7 +44,7 @@
become: true
- name: Compose camo container
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ camo_install_location }}"
pull: true
diff --git a/roles/codimd/tasks/main.yml b/roles/codimd/tasks/main.yml
index 0ba6288..630a3fa 100644
--- a/roles/codimd/tasks/main.yml
+++ b/roles/codimd/tasks/main.yml
@@ -20,7 +20,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item.location }}(/.*)?'
setype: "container_file_t"
selevel: "{{ item.selevel | default(omit) }}"
@@ -37,7 +37,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -50,7 +50,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container adjusts permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container adjusts permissions on its own
path: "{{ item.location }}"
state: directory
setype: "container_file_t"
@@ -67,7 +67,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ codimd_install_location }}/docker-compose.yml"
mode: '0600'
@@ -80,7 +80,7 @@
become: true
- name: Compose codimd
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ codimd_install_location }}"
pull: true
diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml
index 02d3126..c214b53 100644
--- a/roles/docker/handlers/main.yml
+++ b/roles/docker/handlers/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Restart docker
- service:
+ ansible.builtin.service:
name: docker
state: "restarted"
become: true
diff --git a/roles/docker/tasks/Debian.yml b/roles/docker/tasks/Debian.yml
index 612227e..7361ba3 100644
--- a/roles/docker/tasks/Debian.yml
+++ b/roles/docker/tasks/Debian.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure dependencies are installed.
- apt:
+ ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
@@ -28,7 +28,7 @@
become: true
- name: Add Docker GPG key.
- apt_key:
+ ansible.builtin.apt_key:
id: "{{ docker_apt_key_id }}"
url: "{{ docker_apt_key_url }}"
state: present
@@ -37,7 +37,7 @@
become: true
- name: Add Docker repository.
- apt_repository:
+ ansible.builtin.apt_repository:
repo: "{{ docker_apt_repository }}"
update_cache: true
when:
@@ -45,7 +45,7 @@
become: true
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker/tasks/RedHat.yml b/roles/docker/tasks/RedHat.yml
index b5919cd..919e6af 100644
--- a/roles/docker/tasks/RedHat.yml
+++ b/roles/docker/tasks/RedHat.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure old versions of Docker are not installed.
- package:
+ ansible.builtin.package:
name:
- docker
- docker-common
@@ -28,7 +28,7 @@
become: true
- name: Add Docker GPG key.
- rpm_key:
+ ansible.builtin.rpm_key:
key: "{{ docker_yum_repository_gpg_key }}"
state: present
when:
@@ -36,7 +36,7 @@
become: true
- name: Add Docker repository.
- get_url:
+ ansible.builtin.get_url:
url: "{{ docker_yum_repository_url }}"
dest: "{{ docker_yum_repository_destination }}"
owner: root
@@ -47,7 +47,7 @@
become: true
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker/tasks/Rocky.yml b/roles/docker/tasks/Rocky.yml
index 9db67e5..7f31f5c 100644
--- a/roles/docker/tasks/Rocky.yml
+++ b/roles/docker/tasks/Rocky.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure old versions of Docker are not installed.
- package:
+ ansible.builtin.package:
name:
- docker
- docker-common
@@ -28,7 +28,7 @@
become: true
- name: Ensure buildah & runc are not installed.
- package:
+ ansible.builtin.package:
name:
- buildah
- runc
@@ -36,7 +36,7 @@
become: true
- name: Add Docker GPG key.
- rpm_key:
+ ansible.builtin.rpm_key:
key: "{{ docker_yum_repository_gpg_key }}"
state: present
when:
@@ -44,7 +44,7 @@
become: true
- name: Add Docker repository.
- get_url:
+ ansible.builtin.get_url:
url: "{{ docker_yum_repository_url }}"
dest: "{{ docker_yum_repository_destination }}"
owner: root
@@ -55,7 +55,7 @@
become: true
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 4f7dc24..1f6eb95 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -28,24 +28,24 @@
loop_var: distro_file
- name: Install Docker.
- package:
+ ansible.builtin.package:
name: "{{ docker_package }}"
state: "{{ docker_package_state }}"
notify: Restart docker
become: true
- name: Ensure Docker is started and enabled at boot.
- service:
+ ansible.builtin.service:
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled | bool }}"
become: true
- name: Ensure handlers are notified now to avoid firewall conflicts.
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
- name: Install docker python package.
- pip:
+ ansible.builtin.pip:
name: "{{ docker_pip_package }}"
state: "{{ docker_pip_package_state }}"
virtualenv: "{{ docker_python_package_path }}"
diff --git a/roles/docker_cleanup/tasks/main.yml b/roles/docker_cleanup/tasks/main.yml
index aba5156..99a2ea3 100644
--- a/roles/docker_cleanup/tasks/main.yml
+++ b/roles/docker_cleanup/tasks/main.yml
@@ -17,7 +17,7 @@
# along with this program. If not, see .
- name: Prune docker images older than 3 days
- docker_prune:
+ community.docker.docker_prune:
images: true
images_filters:
dangling: false
diff --git a/roles/docker_compose/tasks/Debian.yml b/roles/docker_compose/tasks/Debian.yml
index c7293d8..02740e3 100644
--- a/roles/docker_compose/tasks/Debian.yml
+++ b/roles/docker_compose/tasks/Debian.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker_compose/tasks/RedHat.yml b/roles/docker_compose/tasks/RedHat.yml
index ef17f33..b65b2db 100644
--- a/roles/docker_compose/tasks/RedHat.yml
+++ b/roles/docker_compose/tasks/RedHat.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker_compose/tasks/Rocky.yml b/roles/docker_compose/tasks/Rocky.yml
index 1f225fa..57bb598 100644
--- a/roles/docker_compose/tasks/Rocky.yml
+++ b/roles/docker_compose/tasks/Rocky.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Ensure pip & virtualenv are installed.
- package:
+ ansible.builtin.package:
name: "{{ item.name }}"
state: "{{ item.state }}"
loop:
diff --git a/roles/docker_compose/tasks/main.yml b/roles/docker_compose/tasks/main.yml
index 2aa4a48..6b34b9a 100644
--- a/roles/docker_compose/tasks/main.yml
+++ b/roles/docker_compose/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Ensure package install state
- package:
+ ansible.builtin.package:
name: "{{ docker_compose_package }}"
state: "{{ docker_compose_package_state }}"
become: true
@@ -33,7 +33,7 @@
loop_var: distro_file
- name: Install docker-compose python package.
- pip:
+ ansible.builtin.pip:
name: "{{ docker_compose_pip_package }}"
state: "{{ docker_compose_pip_package_state }}"
virtualenv: "{{ docker_compose_python_package_path }}"
@@ -44,7 +44,7 @@
when: docker_compose_python_package_install
- name: Deploy docker-compose wrapper
- template:
+ ansible.builtin.template:
src: bin/docker-compose.j2
dest: "{{ docker_compose_wrapper_path }}"
owner: 'root'
@@ -55,7 +55,7 @@
- docker_compose_install_wrapper
- name: Create symlink in /usr/bin for wrapper
- file:
+ ansible.builtin.file:
src: "{{ docker_compose_wrapper_path }}"
dest: "/usr/bin/docker-compose"
state: link
diff --git a/roles/docker_ipv6_nat/tasks/main.yml b/roles/docker_ipv6_nat/tasks/main.yml
index 3924842..0eac9be 100644
--- a/roles/docker_ipv6_nat/tasks/main.yml
+++ b/roles/docker_ipv6_nat/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -31,7 +31,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ docker_ipv6_nat_install_location }}/docker-compose.yml"
mode: '0600'
@@ -44,7 +44,7 @@
become: true
- name: Compose docker-ipv6-nat
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ docker_ipv6_nat_install_location }}"
pull: true
diff --git a/roles/epel/tasks/main.yml b/roles/epel/tasks/main.yml
index 0cab603..ce92d87 100644
--- a/roles/epel/tasks/main.yml
+++ b/roles/epel/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Install EPEL repository package
- yum:
+ ansible.builtin.yum:
name: epel-release
state: present
become: true
diff --git a/roles/factorio/tasks/main.yml b/roles/factorio/tasks/main.yml
index f7d1806..f801b38 100644
--- a/roles/factorio/tasks/main.yml
+++ b/roles/factorio/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -29,7 +29,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -42,7 +42,7 @@
- factorio
- name: Create data directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0750'
@@ -56,7 +56,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ factorio_install_location }}/docker-compose.yml"
mode: '0600'
@@ -69,7 +69,7 @@
become: true
- name: Compose factorio container
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ factorio_install_location }}"
pull: true
diff --git a/roles/fail2ban/handlers/main.yml b/roles/fail2ban/handlers/main.yml
index 97c9f6a..aca4b58 100644
--- a/roles/fail2ban/handlers/main.yml
+++ b/roles/fail2ban/handlers/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: restart fail2ban service
- systemd:
+ ansible.builtin.systemd:
name: "fail2ban"
state: "restarted"
daemon_reload: true
diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml
index c93d71e..2f505cb 100644
--- a/roles/fail2ban/tasks/main.yml
+++ b/roles/fail2ban/tasks/main.yml
@@ -18,13 +18,13 @@
# along with this program. If not, see .
- name: Install fail2ban package.
- package:
+ ansible.builtin.package:
name: "{{ fail2ban_package }}"
state: "{{ fail2ban_package_state }}"
become: true
- name: Create fail2ban logging directory.
- file:
+ ansible.builtin.file:
path: "/var/log/fail2ban"
state: directory
mode: '0700'
@@ -33,7 +33,7 @@
become: true
- name: Create fail2ban systemd drop-in directory.
- file:
+ ansible.builtin.file:
path: "/etc/systemd/system/fail2ban.service.d"
state: directory
mode: '0755'
@@ -42,7 +42,7 @@
become: true
- name: Deploy fail2ban jail config.
- template:
+ ansible.builtin.template:
src: "jail.local.j2"
dest: "/etc/fail2ban/jail.local"
mode: '0644'
@@ -52,7 +52,7 @@
become: true
- name: Deploy fail2ban config.
- template:
+ ansible.builtin.template:
src: "fail2ban.local.j2"
dest: "/etc/fail2ban/fail2ban.local"
mode: '0644'
@@ -62,7 +62,7 @@
become: true
- name: Deploy fail2ban hardening systemd drop-in.
- template:
+ ansible.builtin.template:
src: override.conf.j2
dest: /etc/systemd/system/fail2ban.service.d/override.conf
mode: '0644'
@@ -72,10 +72,10 @@
become: true
- name: Flush handlers
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
- name: Ensure fail2ban service is enabled and started.
- systemd:
+ ansible.builtin.systemd:
name: fail2ban
state: started
enabled: true
diff --git a/roles/gitlab/tasks/main.yml b/roles/gitlab/tasks/main.yml
index 7720424..ccbc3e9 100644
--- a/roles/gitlab/tasks/main.yml
+++ b/roles/gitlab/tasks/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -35,7 +35,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -48,7 +48,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
owner: 'root'
@@ -64,7 +64,7 @@
become: true
- name: Deploy telegraf.conf
- template:
+ ansible.builtin.template:
src: telegraf.conf
dest: "{{ gitlab_telegraf_location }}/telegraf.conf"
mode: '0600'
@@ -78,7 +78,7 @@
- gitlab_telegraf.enabled
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ gitlab_install_location }}/docker-compose.yml"
mode: '0600'
@@ -91,7 +91,7 @@
become: true
- name: Compose GitLab
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ gitlab_install_location }}"
pull: true
diff --git a/roles/gitlab_runner/tasks/main.yml b/roles/gitlab_runner/tasks/main.yml
index bdf7c9c..ec4ab0c 100644
--- a/roles/gitlab_runner/tasks/main.yml
+++ b/roles/gitlab_runner/tasks/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -31,7 +31,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -42,7 +42,7 @@
become: true
- name: Create config directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -55,7 +55,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ gitlabrunner_install_location }}/docker-compose.yml"
mode: '0600'
@@ -67,7 +67,7 @@
become: true
- name: Deploy config.toml for gitlab-runner
- template:
+ ansible.builtin.template:
src: config.toml
dest: "{{ gitlabrunner_config_location }}/config.toml"
mode: '0600'
@@ -76,7 +76,7 @@
become: true
- name: Compose gitlab-runner
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ gitlabrunner_config_location }}"
pull: true
diff --git a/roles/haveged/tasks/main.yml b/roles/haveged/tasks/main.yml
index ca9c717..76e6d0d 100644
--- a/roles/haveged/tasks/main.yml
+++ b/roles/haveged/tasks/main.yml
@@ -19,13 +19,13 @@
# along with this program. If not, see .
- name: Install haveged
- package:
+ ansible.builtin.package:
name: haveged
state: present
become: true
- name: Enable & start haveged systemd service
- service:
+ ansible.builtin.service:
state: started
name: haveged
enabled: true
diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index cf711cd..2bd5d30 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -20,7 +20,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
selevel: "{{ keycloak_postgres_selinux_level }}"
@@ -30,7 +30,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -43,7 +43,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -55,7 +55,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ keycloak_install_location }}/docker-compose.yml"
mode: '0600'
@@ -68,7 +68,7 @@
become: true
- name: Compose keycloak
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ keycloak_install_location }}"
pull: true
diff --git a/roles/luks_ssh/handlers/main.yml b/roles/luks_ssh/handlers/main.yml
index 8211e61..23caa0a 100644
--- a/roles/luks_ssh/handlers/main.yml
+++ b/roles/luks_ssh/handlers/main.yml
@@ -19,15 +19,15 @@
# along with this program. If not, see .
- name: Regenerate grub config BIOS
- command: grub2-mkconfig -o /etc/grub2.cfg
+ ansible.builtin.command: grub2-mkconfig -o /etc/grub2.cfg
listen: Regenerate grub config
become: true
- name: Regenerate grub config EFI
- command: grub2-mkconfig -o /etc/grub2-efi.cfg
+ ansible.builtin.command: grub2-mkconfig -o /etc/grub2-efi.cfg
listen: Regenerate grub config
become: true
- name: Regenerate dracut
- command: dracut -f
+ ansible.builtin.command: dracut -f
become: true
diff --git a/roles/luks_ssh/tasks/main.yml b/roles/luks_ssh/tasks/main.yml
index 2c38358..b71a2d4 100644
--- a/roles/luks_ssh/tasks/main.yml
+++ b/roles/luks_ssh/tasks/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Create dracut extension
- file:
+ ansible.builtin.file:
path: "{{ dracut_ssh_dir }}"
state: directory
mode: '0755'
@@ -28,7 +28,7 @@
become: true
- name: Add SSH keys for grub2
- authorized_key:
+ ansible.posix.authorized_key:
user: "root"
state: present
key: "{{ lookup('file', item.ssh_key) }}"
@@ -40,7 +40,7 @@
notify: Regenerate dracut
- name: Copy module setup file
- copy:
+ ansible.builtin.copy:
src: "module-setup.sh"
dest: "{{ dracut_ssh_dir }}/module-setup.sh"
mode: '0755'
@@ -50,7 +50,7 @@
notify: Regenerate dracut
- name: Copy module files
- copy:
+ ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dracut_ssh_dir }}/{{ item }}"
mode: '0644'
@@ -62,7 +62,7 @@
notify: Regenerate dracut
- name: Copy templated module files
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dracut_ssh_dir }}/{{ item }}"
mode: '0644'
@@ -74,20 +74,20 @@
notify: Regenerate dracut
- name: Install dracut network
- package:
+ ansible.builtin.package:
name: dracut-network
state: present
become: true
notify: Regenerate dracut
- name: Check if line is present
- shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
+ ansible.builtin.shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
changed_when: false
ignore_errors: true
register: luks_ssh_grub_default
- name: Ensure that GRUB_CMDLINE_LINUX_DEFAULT is present
- lineinfile:
+ ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT'
line: 'GRUB_CMDLINE_LINUX_DEFAULT=""'
@@ -98,7 +98,7 @@
# This method will only add the parameter if it was not already added
# NOTICE: If the parameter was manually added, it will not be altered!
- name: Enable early networking kernel parameter (rd.neednet=1)
- replace:
+ ansible.builtin.replace:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!rd\.neednet=).)*?)"$'
replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 rd.neednet=1"'
@@ -108,7 +108,7 @@
# This method will only add the parameter if it was not already added
# NOTICE: If the parameter was manually added, it will not be altered!
- name: Enable early networking kernel parameter (ip=dhcp)
- replace:
+ ansible.builtin.replace:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!ip=).)*?)"$'
replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 ip=dhcp"'
@@ -116,7 +116,7 @@
notify: Regenerate grub config
- name: Disable rhel-import-state service, so that it doesn not overwrite ifcfg scripts.
- systemd:
+ ansible.builtin.systemd:
name: "rhel-import-state"
enabled: false
masked: true
@@ -126,7 +126,7 @@
- luks_ssh_disable_state_import
- name: Disable import-state service, so that it doesn not overwrite ifcfg scripts.
- systemd:
+ ansible.builtin.systemd:
name: "import-state"
enabled: false
masked: true
diff --git a/roles/lvm_self_backup/handlers/main.yml b/roles/lvm_self_backup/handlers/main.yml
index 372bf1e..e16a081 100644
--- a/roles/lvm_self_backup/handlers/main.yml
+++ b/roles/lvm_self_backup/handlers/main.yml
@@ -18,6 +18,6 @@
# along with this program. If not, see .
- name: Reload systemd config
- systemd:
+ ansible.builtin.systemd:
daemon_reload: true
become: true
diff --git a/roles/lvm_self_backup/tasks/main.yml b/roles/lvm_self_backup/tasks/main.yml
index 3be446e..c55b8e6 100644
--- a/roles/lvm_self_backup/tasks/main.yml
+++ b/roles/lvm_self_backup/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create backup mount directories
- file:
+ ansible.builtin.file:
path: "/backup_snapshots/{{ item.vg_name }}-{{ item.lv_name }}"
state: directory
mode: '0700'
@@ -30,7 +30,7 @@
become: true
- name: Create backup status directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -42,7 +42,7 @@
become: true
- name: Install backup scripts.
- template:
+ ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: '0700'
@@ -56,7 +56,7 @@
become: true
- name: Install backup service & timer.
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: /etc/systemd/system/
mode: '0600'
@@ -69,7 +69,7 @@
become: true
- name: Start & enable backup service timer.
- systemd:
+ ansible.builtin.systemd:
daemon_reload: true
name: backup-lvm.timer
enabled: '{{ backup_timer_enabled | bool }}'
diff --git a/roles/mastodon/handlers/main.yml b/roles/mastodon/handlers/main.yml
index 3039150..55b75a0 100644
--- a/roles/mastodon/handlers/main.yml
+++ b/roles/mastodon/handlers/main.yml
@@ -2,13 +2,13 @@
# Handlers file for the mastodon role
- name: Pull mastodon image
- docker_image:
+ community.docker.docker_image:
name: "docker.io/tootsuite/mastodon:{{ mastodon_image_version }}"
source: pull
become: true
- name: Stop mastodon for upgrade
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ mastodon_install_location }}"
stopped: true
diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml
index 698c585..07a840e 100644
--- a/roles/mastodon/tasks/main.yml
+++ b/roles/mastodon/tasks/main.yml
@@ -20,7 +20,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -33,7 +33,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
become: true
- name: Create data directories
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -57,7 +57,7 @@
become: true
- name: Create public data directory
- file:
+ ansible.builtin.file:
path: "{{ mastodon_public_location }}/system"
mode: '0755'
owner: '991'
@@ -67,7 +67,7 @@
become: true
- name: Deploy nginx proxy config file
- template:
+ ansible.builtin.template:
src: "default.conf"
dest: "{{ mastodon_nginx_location }}/default.conf"
mode: '0600'
@@ -76,7 +76,7 @@
become: true
- name: Check if migration is needed
- command: "grep -q 'tootsuite/mastodon:{{ mastodon_image_version }}' '{{ mastodon_install_location }}/docker-compose.yml'"
+ ansible.builtin.command: "grep -q 'tootsuite/mastodon:{{ mastodon_image_version }}' '{{ mastodon_install_location }}/docker-compose.yml'"
register: mastodon_version_fact
ignore_errors: true
changed_when: mastodon_version_fact.rc > 0
@@ -85,10 +85,10 @@
notify: ["Pull mastodon image", "Stop mastodon for upgrade"]
- name: Immediately run / flush Ansible handlers
- meta: "flush_handlers"
+ ansible.builtin.meta: "flush_handlers"
- name: Deploy config
- template:
+ ansible.builtin.template:
src: ".env.production"
dest: "{{ mastodon_install_location }}/.env.production"
mode: '0600'
@@ -99,7 +99,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ mastodon_install_location }}/docker-compose.yml"
mode: '0600'
@@ -111,7 +111,7 @@
become: true
- name: Migrate database
- command: docker-compose run --rm web rails db:migrate
+ ansible.builtin.command: docker-compose run --rm web rails db:migrate
args:
chdir: "{{ mastodon_install_location }}"
when:
@@ -125,7 +125,7 @@
PYTHONPATH:
- name: Clear cache
- command: docker-compose run --rm web bin/tootctl cache clear
+ ansible.builtin.command: docker-compose run --rm web bin/tootctl cache clear
args:
chdir: "{{ mastodon_install_location }}"
when:
@@ -139,7 +139,7 @@
PYTHONPATH:
- name: Compose mastodon
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ mastodon_install_location }}"
pull: true
diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml
index 5d11d16..fdb6b75 100644
--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -33,7 +33,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -54,7 +54,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ matrix_install_location }}/docker-compose.yml"
mode: '0600'
@@ -66,7 +66,7 @@
become: true
- name: Check if homeserver.yaml (config) exists
- stat:
+ ansible.builtin.stat:
path: "{{ matrix_data_location }}/homeserver.yaml"
register: matrix_synapse_homeserver_yaml
tags:
@@ -75,7 +75,7 @@
become: true
- name: Generate synapse config
- command: 'docker-compose run -e "SYNAPSE_SERVER_NAME={{ matrix_synapse_servername }}" synapse generate'
+ ansible.builtin.command: 'docker-compose run -e "SYNAPSE_SERVER_NAME={{ matrix_synapse_servername }}" synapse generate'
args:
chdir: "{{ matrix_install_location }}"
creates: "{{ matrix_data_location }}/homeserver.yaml"
@@ -87,7 +87,7 @@
- not matrix_synapse_homeserver_yaml.stat.exists
- name: Compose matrix
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ matrix_install_location }}"
pull: true
diff --git a/roles/matrix_delegate/handlers/main.yml b/roles/matrix_delegate/handlers/main.yml
index d3a6bb1..92d91c8 100644
--- a/roles/matrix_delegate/handlers/main.yml
+++ b/roles/matrix_delegate/handlers/main.yml
@@ -19,7 +19,7 @@
#
- name: restart matrix delegate nginx
- docker_compose:
+ community.docker.docker_compose:
services:
- delegate
state: present
diff --git a/roles/matrix_delegate/tasks/main.yml b/roles/matrix_delegate/tasks/main.yml
index 2bb2dd7..0bd14a6 100644
--- a/roles/matrix_delegate/tasks/main.yml
+++ b/roles/matrix_delegate/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -32,7 +32,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ matrix_delegate_install_location }}/docker-compose.yml"
mode: '0600'
@@ -45,7 +45,7 @@
become: true
- name: Deploy delegation config files
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: "{{ matrix_delegate_install_location }}/{{ item }}"
setype: "container_file_t"
@@ -62,7 +62,7 @@
become: true
- name: Deploy nginx delegate config
- template:
+ ansible.builtin.template:
src: "delegate-nginx.conf"
dest: "{{ matrix_delegate_install_location }}/nginx.conf"
setype: "container_file_t"
@@ -77,7 +77,7 @@
become: true
- name: Compose matrix_delegate
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ matrix_delegate_install_location }}"
pull: true
diff --git a/roles/matrix_elementweb/handlers/main.yml b/roles/matrix_elementweb/handlers/main.yml
index 1833c89..6eaac27 100644
--- a/roles/matrix_elementweb/handlers/main.yml
+++ b/roles/matrix_elementweb/handlers/main.yml
@@ -19,7 +19,7 @@
#
- name: restart matrix elementweb
- docker_compose:
+ community.docker.docker_compose:
services:
- elementweb
state: present
diff --git a/roles/matrix_elementweb/tasks/main.yml b/roles/matrix_elementweb/tasks/main.yml
index aa26960..2e1dc44 100644
--- a/roles/matrix_elementweb/tasks/main.yml
+++ b/roles/matrix_elementweb/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -32,7 +32,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -43,7 +43,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -52,7 +52,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ matrix_elementweb_install_location }}/docker-compose.yml"
mode: '0600'
@@ -65,7 +65,7 @@
become: true
- name: Deploy elementweb config files
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: "{{ matrix_elementweb_data_location }}/{{ item }}"
setype: "container_file_t"
@@ -82,7 +82,7 @@
become: true
- name: Compose matrix-elementweb
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ matrix_elementweb_install_location }}"
pull: true
diff --git a/roles/matrix_maubot/tasks/main.yml b/roles/matrix_maubot/tasks/main.yml
index 4b48767..aac9129 100644
--- a/roles/matrix_maubot/tasks/main.yml
+++ b/roles/matrix_maubot/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -33,7 +33,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -54,7 +54,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ matrix_maubot_install_location }}/docker-compose.yml"
mode: '0600'
@@ -67,7 +67,7 @@
become: true
- name: Compose matrix-maubot
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ matrix_maubot_install_location }}"
pull: true
diff --git a/roles/matrix_webhooks/handlers/main.yml b/roles/matrix_webhooks/handlers/main.yml
index 45f1cee..e4ee293 100644
--- a/roles/matrix_webhooks/handlers/main.yml
+++ b/roles/matrix_webhooks/handlers/main.yml
@@ -19,7 +19,7 @@
#
- name: restart matrix webhooks
- docker_compose:
+ community.docker.docker_compose:
services:
- appservice-webhooks
state: present
diff --git a/roles/matrix_webhooks/tasks/main.yml b/roles/matrix_webhooks/tasks/main.yml
index 2e0b55e..2e5dcb7 100644
--- a/roles/matrix_webhooks/tasks/main.yml
+++ b/roles/matrix_webhooks/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -30,7 +30,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -41,7 +41,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -50,7 +50,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ matrix_webhooks_install_location }}/docker-compose.yml"
mode: '0600'
@@ -63,7 +63,7 @@
become: true
- name: Deploy webhooks config files
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: "{{ matrix_webhooks_data_location }}/{{ item }}"
setype: "container_file_t"
@@ -90,7 +90,7 @@
become: true
- name: Compose matrix-webhooks
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ matrix_webhooks_install_location }}"
pull: true
diff --git a/roles/minecraft/handlers/main.yml b/roles/minecraft/handlers/main.yml
index 1e91da8..45bed86 100644
--- a/roles/minecraft/handlers/main.yml
+++ b/roles/minecraft/handlers/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Restart telegraf
- docker_compose:
+ community.docker.docker_compose:
services: "telegraf"
project_src: "{{ minecraft_install_location }}"
restarted: true
diff --git a/roles/minecraft/tasks/main.yml b/roles/minecraft/tasks/main.yml
index 64fca92..97e1e09 100644
--- a/roles/minecraft/tasks/main.yml
+++ b/roles/minecraft/tasks/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -31,7 +31,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
- minecraft
- name: Create data directories
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -57,7 +57,7 @@
- minecraft
- name: Create telegraf config directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
mode: '0700'
owner: "{{ minecraft_telegraf_config_uid }}"
@@ -69,7 +69,7 @@
become: true
- name: Deploy telegraf.conf
- template:
+ ansible.builtin.template:
src: telegraf.conf
dest: "{{ minecraft_telegraf_location }}/telegraf.conf"
mode: '0600'
@@ -84,7 +84,7 @@
- minecraft_telegraf.enabled
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ minecraft_install_location }}/docker-compose.yml"
mode: '0600'
@@ -97,7 +97,7 @@
become: true
- name: Install minecraftctl CLI
- template:
+ ansible.builtin.template:
src: minecraftctl.sh
dest: "/usr/local/bin/minecraftctl"
mode: '0755'
@@ -108,7 +108,7 @@
become: true
- name: Compose minecraft
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ minecraft_install_location }}"
pull: true
diff --git a/roles/minecraft_blockmap/handlers/main.yml b/roles/minecraft_blockmap/handlers/main.yml
index 7fe3473..6b11b7c 100644
--- a/roles/minecraft_blockmap/handlers/main.yml
+++ b/roles/minecraft_blockmap/handlers/main.yml
@@ -18,6 +18,6 @@
# along with this program. If not, see .
- name: Reload systemd config
- systemd:
+ ansible.builtin.systemd:
daemon_reload: true
become: true
diff --git a/roles/minecraft_blockmap/tasks/main.yml b/roles/minecraft_blockmap/tasks/main.yml
index 7092068..65b53c5 100644
--- a/roles/minecraft_blockmap/tasks/main.yml
+++ b/roles/minecraft_blockmap/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -28,7 +28,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -41,7 +41,7 @@
- blockmap
- name: Create data directories
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0755'
@@ -56,7 +56,7 @@
- blockmap
- name: Create archive directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0755'
@@ -69,7 +69,7 @@
- blockmap
- name: Deploy nginx config file
- template:
+ ansible.builtin.template:
src: "default.conf"
dest: "{{ minecraft_blockmap_install_location }}/default.conf"
mode: '0600'
@@ -78,7 +78,7 @@
become: true
- name: Deploy blockmap config
- template:
+ ansible.builtin.template:
src: "blockmap.json"
dest: "{{ minecraft_blockmap_config_location }}/blockmap.json"
mode: '0600'
@@ -88,7 +88,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ minecraft_blockmap_install_location }}/docker-compose.yml"
mode: '0600'
@@ -101,7 +101,7 @@
become: true
- name: Create lvm mount directories
- file:
+ ansible.builtin.file:
path: "/blockmap_snapshot"
state: directory
mode: '0700'
@@ -111,7 +111,7 @@
become: true
- name: Install render script
- template:
+ ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: '0700'
@@ -123,7 +123,7 @@
become: true
- name: Install render service & timer
- template:
+ ansible.builtin.template:
src: "{{ item }}"
dest: /etc/systemd/system/
mode: '0755'
@@ -136,7 +136,7 @@
become: true
- name: Start & enable render service timer
- systemd:
+ ansible.builtin.systemd:
daemon_reload: true
name: blockmap-render.timer
enabled: '{{ minecraft_blockmap_timer_enabled | bool }}'
@@ -144,7 +144,7 @@
become: true
- name: Compose minecraft-blockmap
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ minecraft_blockmap_install_location }}"
pull: true
diff --git a/roles/minio/tasks/main.yml b/roles/minio/tasks/main.yml
index a8c8169..31c29d2 100644
--- a/roles/minio/tasks/main.yml
+++ b/roles/minio/tasks/main.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -30,7 +30,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -43,7 +43,7 @@
- minio
- name: Create data directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -57,7 +57,7 @@
- minio
- name: Create minio user directory
- file:
+ ansible.builtin.file:
path: "{{ minio_data_location }}/{{ item.key }}"
state: directory
mode: '0700'
@@ -71,7 +71,7 @@
no_log: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ minio_install_location }}/docker-compose.yml"
mode: '0600'
@@ -86,7 +86,7 @@
- minio_users | length > 0
- name: Compose minio
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ minio_install_location }}"
pull: true
diff --git a/roles/moby_engine/handlers/main.yml b/roles/moby_engine/handlers/main.yml
index 7c6b458..ac9c623 100644
--- a/roles/moby_engine/handlers/main.yml
+++ b/roles/moby_engine/handlers/main.yml
@@ -18,17 +18,17 @@
# along with this program. If not, see .
- name: Restart docker service
- service:
+ ansible.builtin.service:
name: "docker"
state: "{{ moby_engine_docker_restart_handler_state }}"
become: true
- name: Regenerate grub config BIOS
- command: grub2-mkconfig -o /etc/grub2.cfg
+ ansible.builtin.command: grub2-mkconfig -o /etc/grub2.cfg
listen: Regenerate grub config
become: true
- name: Regenerate grub config EFI
- command: grub2-mkconfig -o /etc/grub2-efi.cfg
+ ansible.builtin.command: grub2-mkconfig -o /etc/grub2-efi.cfg
listen: Regenerate grub config
become: true
diff --git a/roles/moby_engine/tasks/Fedora-32.yml b/roles/moby_engine/tasks/Fedora-32.yml
index 3cfae05..41960e9 100644
--- a/roles/moby_engine/tasks/Fedora-32.yml
+++ b/roles/moby_engine/tasks/Fedora-32.yml
@@ -18,27 +18,27 @@
# along with this program. If not, see .
- name: Install moby-engine.
- package:
+ ansible.builtin.package:
name: 'moby-engine'
state: 'present'
become: true
notify: Restart docker service
- name: Ensure Docker is started and enabled at boot.
- service:
+ ansible.builtin.service:
name: docker
state: "{{ moby_engine_docker_service_state }}"
enabled: "{{ moby_engine_docker_service_enabled }}"
become: true
- name: Check if line is present
- shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
+ ansible.builtin.shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
changed_when: false
ignore_errors: true
register: moby_engine_grub_default
- name: Ensure that GRUB_CMDLINE_LINUX_DEFAULT is present
- lineinfile:
+ ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT'
line: 'GRUB_CMDLINE_LINUX_DEFAULT=""'
@@ -49,7 +49,7 @@
# This method will only add the parameter if it was not already added
# NOTICE: If the parameter was manually added, it will not be altered!
- name: Enable legacy cgroup v1 support (to allow CPU/RAM limits etc)
- replace:
+ ansible.builtin.replace:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!systemd\.unified_cgroup_hierarchy=).)*?)"$'
replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 systemd.unified_cgroup_hierarchy=0"'
diff --git a/roles/monitoring/tasks/influxdb/database.yml b/roles/monitoring/tasks/influxdb/database.yml
index 8944c85..6e998bf 100644
--- a/roles/monitoring/tasks/influxdb/database.yml
+++ b/roles/monitoring/tasks/influxdb/database.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create database
- influxdb_database:
+ community.general.influxdb_database:
state: present
login_username: "{{ monitoring_influxdb_admin_username }}"
login_password: "{{ monitoring_influxdb_admin_password }}"
@@ -31,7 +31,7 @@
no_log: true
- name: Create retention policies
- influxdb_retention_policy:
+ community.general.influxdb_retention_policy:
login_username: "{{ monitoring_influxdb_admin_username }}"
login_password: "{{ monitoring_influxdb_admin_password }}"
hostname: "{{ monitoring_influxdb_domain }}"
diff --git a/roles/monitoring/tasks/influxdb/main.yml b/roles/monitoring/tasks/influxdb/main.yml
index e2e19de..e90d328 100644
--- a/roles/monitoring/tasks/influxdb/main.yml
+++ b/roles/monitoring/tasks/influxdb/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create admin user
- influxdb_user:
+ community.general.influxdb_user:
state: present
login_username: "{{ monitoring_influxdb_admin_username }}"
login_password: "{{ monitoring_influxdb_admin_password }}"
@@ -39,7 +39,7 @@
loop_var: "database"
- name: Create database user
- influxdb_user:
+ community.general.influxdb_user:
state: present
login_username: "{{ monitoring_influxdb_admin_username }}"
login_password: "{{ monitoring_influxdb_admin_password }}"
diff --git a/roles/monitoring/tasks/main.yml b/roles/monitoring/tasks/main.yml
index 4b2d4c3..793c332 100644
--- a/roles/monitoring/tasks/main.yml
+++ b/roles/monitoring/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -28,7 +28,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -39,7 +39,7 @@
become: true
- name: Create grafana directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0750'
@@ -51,7 +51,7 @@
become: true
- name: Create influxdb directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0750'
@@ -63,7 +63,7 @@
become: true
- name: Deploy docker-compose.yml and config
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ monitoring_install_location }}/docker-compose.yml"
mode: '0600'
@@ -73,7 +73,7 @@
become: true
- name: Compose monitoring
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ monitoring_install_location }}"
pull: true
@@ -82,7 +82,7 @@
become: true
- name: Wait 30 seconds for influxdb to become healthy
- wait_for:
+ ansible.builtin.wait_for:
timeout: 30
delegate_to: localhost
# noqa no-handler
diff --git a/roles/owncast/handlers/main.yml b/roles/owncast/handlers/main.yml
index 9459443..2d5413b 100644
--- a/roles/owncast/handlers/main.yml
+++ b/roles/owncast/handlers/main.yml
@@ -19,7 +19,7 @@
#
- name: restart owncast
- docker_compose:
+ community.docker.docker_compose:
services:
- owncast
state: present
diff --git a/roles/owncast/tasks/main.yml b/roles/owncast/tasks/main.yml
index b88ff94..2f356aa 100644
--- a/roles/owncast/tasks/main.yml
+++ b/roles/owncast/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -27,7 +27,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -40,7 +40,7 @@
- owncast
- name: Create data directories
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0750'
@@ -54,7 +54,7 @@
- owncast
- name: Deploy owncast config
- template:
+ ansible.builtin.template:
src: "config.yaml"
dest: "{{ owncast_config_location }}/config.yaml"
mode: '0600'
@@ -65,7 +65,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ owncast_install_location }}/docker-compose.yml"
mode: '0600'
@@ -78,7 +78,7 @@
become: true
- name: Compose owncast
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ owncast_install_location }}"
pull: true
diff --git a/roles/penpot/tasks/main.yml b/roles/penpot/tasks/main.yml
index 071c1a0..47a4d6e 100644
--- a/roles/penpot/tasks/main.yml
+++ b/roles/penpot/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -29,7 +29,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -40,7 +40,7 @@
become: true
- name: Create data directories
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -51,7 +51,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ penpot_install_location }}/docker-compose.yml"
mode: '0600'
@@ -63,7 +63,7 @@
become: true
- name: Compose penpot
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ penpot_install_location }}"
pull: true
diff --git a/roles/ssh/handlers/main.yml b/roles/ssh/handlers/main.yml
index 7cd9d19..3e53c1d 100644
--- a/roles/ssh/handlers/main.yml
+++ b/roles/ssh/handlers/main.yml
@@ -18,5 +18,5 @@
# along with this program. If not, see .
- name: Reload firewalld
- command: "firewall-cmd --reload"
+ ansible.builtin.command: "firewall-cmd --reload"
become: true
diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
index ec0dadb..febf2ca 100644
--- a/roles/ssh/tasks/main.yml
+++ b/roles/ssh/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Ensure SSH ports are opened.
- command: "firewall-cmd --permanent --service=ssh --add-port={{ item }}/tcp"
+ ansible.builtin.command: "firewall-cmd --permanent --service=ssh --add-port={{ item }}/tcp"
become: true
changed_when: 'firewalld_direct_result.stderr is defined and "ALREADY_ENABLED" not in firewalld_direct_result.stderr'
with_items: "{{ ssh_server_ports }}"
@@ -30,14 +30,14 @@
- Reload firewalld
- name: Create users
- user:
+ ansible.builtin.user:
name: "{{ item.user }}"
password: "{{ item.password | default(omit) }}"
become: true
with_items: "{{ ssh_authorized_keys }}"
- name: Install ssh keys for users
- authorized_key:
+ ansible.posix.authorized_key:
user: "{{ item.user }}"
state: present
key: "{{ lookup('file', item.ssh_key) }}"
diff --git a/roles/static_websites/tasks/main.yml b/roles/static_websites/tasks/main.yml
index 0af1fe4..6ec0191 100644
--- a/roles/static_websites/tasks/main.yml
+++ b/roles/static_websites/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Create directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -31,7 +31,7 @@
- deploy_sites
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ static_websites_install_location }}/docker-compose.yml"
mode: '0600'
@@ -46,7 +46,7 @@
become: true
- name: Compose static websites
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ static_websites_install_location }}"
pull: true
diff --git a/roles/teamspeak/tasks/main.yml b/roles/teamspeak/tasks/main.yml
index 23ec1f0..4adfe5a 100644
--- a/roles/teamspeak/tasks/main.yml
+++ b/roles/teamspeak/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
selevel: "{{ teamspeak_selinux_level }}"
@@ -28,7 +28,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -41,7 +41,7 @@
become: true
- name: Create data directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -53,7 +53,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ teamspeak_install_location }}/docker-compose.yml"
mode: '0600'
@@ -66,7 +66,7 @@
become: true
- name: Compose teamspeak
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ teamspeak_install_location }}"
pull: true
diff --git a/roles/telegraf/handlers/main.yml b/roles/telegraf/handlers/main.yml
index 5c57e87..1fc8e54 100644
--- a/roles/telegraf/handlers/main.yml
+++ b/roles/telegraf/handlers/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Restart telegraf
- docker_compose:
+ community.docker.docker_compose:
project_src: "{{ telegraf_install_location }}"
restarted: true
become: true
diff --git a/roles/telegraf/tasks/main.yml b/roles/telegraf/tasks/main.yml
index 86dda24..c426a88 100644
--- a/roles/telegraf/tasks/main.yml
+++ b/roles/telegraf/tasks/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -27,7 +27,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -38,7 +38,7 @@
become: true
- name: Create config directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
mode: '0700'
owner: "{{ telegraf_config_uid }}"
@@ -50,7 +50,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ telegraf_install_location }}/docker-compose.yml"
mode: '0600'
@@ -60,7 +60,7 @@
become: true
- name: Deploy telegraf config
- template:
+ ansible.builtin.template:
src: "telegraf.conf"
dest: "{{ telegraf_config_location }}/telegraf.conf"
mode: '0600'
@@ -70,7 +70,7 @@
become: true
- name: Compose telegraf
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ telegraf_install_location }}"
pull: true
diff --git a/roles/traefik/handlers/main.yml b/roles/traefik/handlers/main.yml
index 9f146ac..de66de6 100644
--- a/roles/traefik/handlers/main.yml
+++ b/roles/traefik/handlers/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Restart tor proxy
- command: "docker-compose restart tor"
+ ansible.builtin.command: "docker-compose restart tor"
args:
chdir: "{{ traefik_install_location }}"
become: true
diff --git a/roles/traefik/tasks/acmedumper.yml b/roles/traefik/tasks/acmedumper.yml
index 6c4e53d..e8a2292 100644
--- a/roles/traefik/tasks/acmedumper.yml
+++ b/roles/traefik/tasks/acmedumper.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts for acme-dumper
- sefcontext:
+ community.general.system.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
selevel: "{{ traefik_selinux_level | default(omit) }}"
@@ -30,7 +30,7 @@
become: true
- name: Create data directory for acme-dumper
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0750'
diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml
index d6dad15..52b5bdd 100644
--- a/roles/traefik/tasks/main.yml
+++ b/roles/traefik/tasks/main.yml
@@ -20,7 +20,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
selevel: "{{ traefik_selinux_level }}"
@@ -33,7 +33,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
become: true
- name: Create data directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -66,14 +66,14 @@
when: traefik_acmedumper_enabled | bool
- name: Create proxy network
- docker_network:
+ community.docker.docker_network:
name: "{{ proxy_network }}"
driver_options:
com.docker.network.bridge.name: "{{ traefik_docker_bridge_name }}"
become: true
- name: Create ipv6 frontend network
- docker_network:
+ community.docker.docker_network:
name: "{{ traefik_ipv6.name }}"
enable_ipv6: true
ipam_config:
@@ -84,7 +84,7 @@
- traefik_ipv6.enabled
- name: Gather the package facts
- package_facts:
+ ansible.builtin.package_facts:
manager: auto
# This step is only needed in docker < 20.10, as docker does this by default now
@@ -104,7 +104,7 @@
- ansible_facts.packages[docker_package][0].version is version('20.10', '<')
- name: Deploy dynamic_conf.yml
- template:
+ ansible.builtin.template:
src: dynamic_conf.yml
dest: "{{ traefik_config_location }}/dynamic_conf.yml"
owner: 'root'
@@ -117,7 +117,7 @@
- traefik_dynamic_conf != omit
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: docker-compose.yml
dest: "{{ traefik_install_location }}/docker-compose.yml"
mode: '0600'
@@ -129,7 +129,7 @@
become: true
- name: Compose traefik
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ traefik_install_location }}"
pull: true
@@ -137,7 +137,7 @@
become: true
- name: Read tor hostname
- slurp:
+ ansible.builtin.slurp:
src: "{{ traefik_tor_data_location }}/traefik/hostname"
register: proxy_hiddenservice
become: true
@@ -159,7 +159,7 @@
# NOTE: This rule does not care about new / old ip values, so removal must be made by hand!
- name: Configure firewalld to allow IPv6 traffic for HTTP/HTTPS
- command:
+ ansible.builtin.command:
argv:
- firewall-cmd
- --direct
@@ -192,7 +192,7 @@
# NOTE: This rule does not care about new / old ip values, so removal must be made by hand!
- name: Configure firewalld to allow IPv6 traffic for HTTP/HTTPS
- command:
+ ansible.builtin.command:
argv:
- firewall-cmd
- --permanent
diff --git a/roles/traefik/tasks/tor.yml b/roles/traefik/tasks/tor.yml
index 0b42d9f..876b5ed 100644
--- a/roles/traefik/tasks/tor.yml
+++ b/roles/traefik/tasks/tor.yml
@@ -19,7 +19,7 @@
# along with this program. If not, see .
- name: Update default SELinux contexts tor
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
selevel: "{{ traefik_tor_selinux_level | default(omit) }}"
@@ -32,7 +32,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -43,7 +43,7 @@
become: true
- name: Create data directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -56,7 +56,7 @@
become: true
- name: Create config directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -69,7 +69,7 @@
become: true
- name: Setup tor config
- copy:
+ ansible.builtin.copy:
src: traefik-tor.conf
dest: "{{ traefik_tor_config_location }}/traefik.conf"
setype: "container_file_t"
diff --git a/roles/vikunja/handlers/main.yml b/roles/vikunja/handlers/main.yml
index 81efc9d..bd5e568 100644
--- a/roles/vikunja/handlers/main.yml
+++ b/roles/vikunja/handlers/main.yml
@@ -18,7 +18,7 @@
# along with this program. If not, see .
- name: Restart vikunja-api
- docker_compose:
+ community.docker.docker_compose:
services:
- api
project_src: "{{ vikunja_install_location }}"
diff --git a/roles/vikunja/tasks/main.yml b/roles/vikunja/tasks/main.yml
index d21f5c0..8fad18e 100644
--- a/roles/vikunja/tasks/main.yml
+++ b/roles/vikunja/tasks/main.yml
@@ -21,7 +21,7 @@
#
- name: Update default SELinux contexts
- sefcontext:
+ community.general.sefcontext:
target: '{{ item }}(/.*)?'
setype: "container_file_t"
state: present
@@ -33,7 +33,7 @@
become: true
- name: Create install directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -44,7 +44,7 @@
become: true
- name: Create database directory
- file: # noqa risky-file-permissions # Container manages permissions on its own
+ ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
path: "{{ item }}"
state: directory
setype: "container_file_t"
@@ -53,7 +53,7 @@
become: true
- name: Create files directory
- file:
+ ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0700'
@@ -66,7 +66,7 @@
become: true
- name: Deploy docker-compose.yml
- template:
+ ansible.builtin.template:
src: "docker-compose.yml"
dest: "{{ vikunja_install_location }}/docker-compose.yml"
mode: '0600'
@@ -78,7 +78,7 @@
become: true
- name: Deploy config.yml
- template:
+ ansible.builtin.template:
src: "config.yml"
dest: "{{ vikunja_install_location }}/config.yml"
owner: '1000'
@@ -90,7 +90,7 @@
become: true
- name: Compose vikunja
- docker_compose:
+ community.docker.docker_compose:
state: present
project_src: "{{ vikunja_install_location }}"
pull: true