Use FQCN in all tasks

ansible.lint.cfg

@@ -1,2 +1,4 @@
 # Empty stub config file, so ansible-lint does not use the default config's vault_password_file.
 # Otherwise ansible-lint always tries to get a vault password and fails.
+[defaults]
+roles_path = ./roles

playbooks/gitlab_runner.yml

@@ -27,7 +27,7 @@
     PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages
   tasks:
     - name: Install docker image prune crontab
-      cron:
+      ansible.builtin.cron:
         name: "Prune unused docker images"
         minute: "0"
         hour: "*/4"

playbooks/mailcow.yml

@@ -24,7 +24,7 @@
     PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages
   tasks:
     - name: Install backup crontab
-      cron:
+      ansible.builtin.cron:
         name: "Backup mailcow daily"
         minute: "5"
         hour: "3"

roles/camo/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -31,7 +31,7 @@
     - camo
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ camo_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Compose camo container
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ camo_install_location }}"
     pull: true

roles/codimd/tasks/main.yml

@@ -20,7 +20,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item.location }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ item.selevel | default(omit) }}"
@@ -37,7 +37,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -50,7 +50,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container adjusts permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container adjusts permissions on its own
     path: "{{ item.location }}"
     state: directory
     setype: "container_file_t"
@@ -67,7 +67,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ codimd_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -80,7 +80,7 @@
   become: true
 
 - name: Compose codimd
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ codimd_install_location }}"
     pull: true

roles/docker/handlers/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart docker
-  service:
+  ansible.builtin.service:
     name: docker
     state: "restarted"
   become: true

roles/docker/tasks/Debian.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure dependencies are installed.
-  apt:
+  ansible.builtin.apt:
     name:
       - apt-transport-https
       - ca-certificates
@@ -28,7 +28,7 @@
   become: true
 
 - name: Add Docker GPG key.
-  apt_key:
+  ansible.builtin.apt_key:
     id: "{{ docker_apt_key_id }}"
     url: "{{ docker_apt_key_url }}"
     state: present
@@ -37,7 +37,7 @@
   become: true
 
 - name: Add Docker repository.
-  apt_repository:
+  ansible.builtin.apt_repository:
     repo: "{{ docker_apt_repository }}"
     update_cache: true
   when:
@@ -45,7 +45,7 @@
   become: true
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker/tasks/RedHat.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure old versions of Docker are not installed.
-  package:
+  ansible.builtin.package:
     name:
       - docker
       - docker-common
@@ -28,7 +28,7 @@
   become: true
 
 - name: Add Docker GPG key.
-  rpm_key:
+  ansible.builtin.rpm_key:
     key: "{{ docker_yum_repository_gpg_key }}"
     state: present
   when:
@@ -36,7 +36,7 @@
   become: true
 
 - name: Add Docker repository.
-  get_url:
+  ansible.builtin.get_url:
     url: "{{ docker_yum_repository_url }}"
     dest: "{{ docker_yum_repository_destination }}"
     owner: root
@@ -47,7 +47,7 @@
   become: true
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker/tasks/Rocky.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure old versions of Docker are not installed.
-  package:
+  ansible.builtin.package:
     name:
       - docker
       - docker-common
@@ -28,7 +28,7 @@
   become: true
 
 - name: Ensure buildah & runc are not installed.
-  package:
+  ansible.builtin.package:
     name:
       - buildah
       - runc
@@ -36,7 +36,7 @@
   become: true
 
 - name: Add Docker GPG key.
-  rpm_key:
+  ansible.builtin.rpm_key:
     key: "{{ docker_yum_repository_gpg_key }}"
     state: present
   when:
@@ -44,7 +44,7 @@
   become: true
 
 - name: Add Docker repository.
-  get_url:
+  ansible.builtin.get_url:
     url: "{{ docker_yum_repository_url }}"
     dest: "{{ docker_yum_repository_destination }}"
     owner: root
@@ -55,7 +55,7 @@
   become: true
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker/tasks/main.yml

@@ -28,24 +28,24 @@
     loop_var: distro_file
 
 - name: Install Docker.
-  package:
+  ansible.builtin.package:
     name: "{{ docker_package }}"
     state: "{{ docker_package_state }}"
   notify: Restart docker
   become: true
 
 - name: Ensure Docker is started and enabled at boot.
-  service:
+  ansible.builtin.service:
     name: docker
     state: "{{ docker_service_state }}"
     enabled: "{{ docker_service_enabled | bool }}"
   become: true
 
 - name: Ensure handlers are notified now to avoid firewall conflicts.
-  meta: flush_handlers
+  ansible.builtin.meta: flush_handlers
 
 - name: Install docker python package.
-  pip:
+  ansible.builtin.pip:
     name: "{{ docker_pip_package }}"
     state: "{{ docker_pip_package_state }}"
     virtualenv: "{{ docker_python_package_path }}"

roles/docker_cleanup/tasks/main.yml

@@ -17,7 +17,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Prune docker images older than 3 days
-  docker_prune:
+  community.docker.docker_prune:
     images: true
     images_filters:
       dangling: false

roles/docker_compose/tasks/Debian.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker_compose/tasks/RedHat.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker_compose/tasks/Rocky.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure pip & virtualenv are installed.
-  package:
+  ansible.builtin.package:
     name: "{{ item.name }}"
     state: "{{ item.state }}"
   loop:

roles/docker_compose/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure package install state
-  package:
+  ansible.builtin.package:
     name: "{{ docker_compose_package }}"
     state: "{{ docker_compose_package_state }}"
   become: true
@@ -33,7 +33,7 @@
     loop_var: distro_file
 
 - name: Install docker-compose python package.
-  pip:
+  ansible.builtin.pip:
     name: "{{ docker_compose_pip_package }}"
     state: "{{ docker_compose_pip_package_state }}"
     virtualenv: "{{ docker_compose_python_package_path }}"
@@ -44,7 +44,7 @@
   when: docker_compose_python_package_install
 
 - name: Deploy docker-compose wrapper
-  template:
+  ansible.builtin.template:
     src: bin/docker-compose.j2
     dest: "{{ docker_compose_wrapper_path }}"
     owner: 'root'
@@ -55,7 +55,7 @@
     - docker_compose_install_wrapper
 
 - name: Create symlink in /usr/bin for wrapper
-  file:
+  ansible.builtin.file:
     src: "{{ docker_compose_wrapper_path }}"
     dest: "/usr/bin/docker-compose"
     state: link

roles/docker_ipv6_nat/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -31,7 +31,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ docker_ipv6_nat_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Compose docker-ipv6-nat
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ docker_ipv6_nat_install_location }}"
     pull: true

roles/epel/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Install EPEL repository package
-  yum:
+  ansible.builtin.yum:
     name: epel-release
     state: present
   become: true

roles/factorio/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -29,7 +29,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -42,7 +42,7 @@
     - factorio
 
 - name: Create data directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0750'
@@ -56,7 +56,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ factorio_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -69,7 +69,7 @@
   become: true
 
 - name: Compose factorio container
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ factorio_install_location }}"
     pull: true

roles/fail2ban/handlers/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: restart fail2ban service
-  systemd:
+  ansible.builtin.systemd:
     name: "fail2ban"
     state: "restarted"
     daemon_reload: true

roles/fail2ban/tasks/main.yml

@@ -18,13 +18,13 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Install fail2ban package.
-  package:
+  ansible.builtin.package:
     name: "{{ fail2ban_package }}"
     state: "{{ fail2ban_package_state }}"
   become: true
 
 - name: Create fail2ban logging directory.
-  file:
+  ansible.builtin.file:
     path: "/var/log/fail2ban"
     state: directory
     mode: '0700'
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create fail2ban systemd drop-in directory.
-  file:
+  ansible.builtin.file:
     path: "/etc/systemd/system/fail2ban.service.d"
     state: directory
     mode: '0755'
@@ -42,7 +42,7 @@
   become: true
 
 - name: Deploy fail2ban jail config.
-  template:
+  ansible.builtin.template:
     src: "jail.local.j2"
     dest: "/etc/fail2ban/jail.local"
     mode: '0644'
@@ -52,7 +52,7 @@
   become: true
 
 - name: Deploy fail2ban config.
-  template:
+  ansible.builtin.template:
     src: "fail2ban.local.j2"
     dest: "/etc/fail2ban/fail2ban.local"
     mode: '0644'
@@ -62,7 +62,7 @@
   become: true
 
 - name: Deploy fail2ban hardening systemd drop-in.
-  template:
+  ansible.builtin.template:
     src: override.conf.j2
     dest: /etc/systemd/system/fail2ban.service.d/override.conf
     mode: '0644'
@@ -72,10 +72,10 @@
   become: true
 
 - name: Flush handlers
-  meta: flush_handlers
+  ansible.builtin.meta: flush_handlers
 
 - name: Ensure fail2ban service is enabled and started.
-  systemd:
+  ansible.builtin.systemd:
     name: fail2ban
     state: started
     enabled: true

roles/gitlab/tasks/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -35,7 +35,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -48,7 +48,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     owner: 'root'
@@ -64,7 +64,7 @@
   become: true
 
 - name: Deploy telegraf.conf
-  template:
+  ansible.builtin.template:
     src: telegraf.conf
     dest: "{{ gitlab_telegraf_location }}/telegraf.conf"
     mode: '0600'
@@ -78,7 +78,7 @@
     - gitlab_telegraf.enabled
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ gitlab_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -91,7 +91,7 @@
   become: true
 
 - name: Compose GitLab
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ gitlab_install_location }}"
     pull: true

roles/gitlab_runner/tasks/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -31,7 +31,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -42,7 +42,7 @@
   become: true
 
 - name: Create config directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -55,7 +55,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ gitlabrunner_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -67,7 +67,7 @@
   become: true
 
 - name: Deploy config.toml for gitlab-runner
-  template:
+  ansible.builtin.template:
     src: config.toml
     dest: "{{ gitlabrunner_config_location }}/config.toml"
     mode: '0600'
@@ -76,7 +76,7 @@
   become: true
 
 - name: Compose gitlab-runner
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ gitlabrunner_config_location }}"
     pull: true

roles/haveged/tasks/main.yml

@@ -19,13 +19,13 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Install haveged
-  package:
+  ansible.builtin.package:
     name: haveged
     state: present
   become: true
 
 - name: Enable & start haveged systemd service
-  service:
+  ansible.builtin.service:
     state: started
     name: haveged
     enabled: true

roles/keycloak/tasks/main.yml

@@ -20,7 +20,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ keycloak_postgres_selinux_level }}"
@@ -30,7 +30,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -43,7 +43,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -55,7 +55,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ keycloak_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -68,7 +68,7 @@
   become: true
 
 - name: Compose keycloak
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ keycloak_install_location }}"
     pull: true

roles/luks_ssh/handlers/main.yml

@@ -19,15 +19,15 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Regenerate grub config BIOS
-  command: grub2-mkconfig -o /etc/grub2.cfg
+  ansible.builtin.command: grub2-mkconfig -o /etc/grub2.cfg
   listen: Regenerate grub config
   become: true
 
 - name: Regenerate grub config EFI
-  command: grub2-mkconfig -o /etc/grub2-efi.cfg
+  ansible.builtin.command: grub2-mkconfig -o /etc/grub2-efi.cfg
   listen: Regenerate grub config
   become: true
 
 - name: Regenerate dracut
-  command: dracut -f
+  ansible.builtin.command: dracut -f
   become: true

roles/luks_ssh/tasks/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create dracut extension
-  file:
+  ansible.builtin.file:
     path: "{{ dracut_ssh_dir }}"
     state: directory
     mode: '0755'
@@ -28,7 +28,7 @@
   become: true
 
 - name: Add SSH keys for grub2
-  authorized_key:
+  ansible.posix.authorized_key:
     user: "root"
     state: present
     key: "{{ lookup('file', item.ssh_key) }}"
@@ -40,7 +40,7 @@
   notify: Regenerate dracut
 
 - name: Copy module setup file
-  copy:
+  ansible.builtin.copy:
     src: "module-setup.sh"
     dest: "{{ dracut_ssh_dir }}/module-setup.sh"
     mode: '0755'
@@ -50,7 +50,7 @@
   notify: Regenerate dracut
 
 - name: Copy module files
-  copy:
+  ansible.builtin.copy:
     src: "{{ item }}"
     dest: "{{ dracut_ssh_dir }}/{{ item }}"
     mode: '0644'
@@ -62,7 +62,7 @@
   notify: Regenerate dracut
 
 - name: Copy templated module files
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: "{{ dracut_ssh_dir }}/{{ item }}"
     mode: '0644'
@@ -74,20 +74,20 @@
   notify: Regenerate dracut
 
 - name: Install dracut network
-  package:
+  ansible.builtin.package:
     name: dracut-network
     state: present
   become: true
   notify: Regenerate dracut
 
 - name: Check if line is present
-  shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
+  ansible.builtin.shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
   changed_when: false
   ignore_errors: true
   register: luks_ssh_grub_default
 
 - name: Ensure that GRUB_CMDLINE_LINUX_DEFAULT is present
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/default/grub
     regexp: '^GRUB_CMDLINE_LINUX_DEFAULT'
     line: 'GRUB_CMDLINE_LINUX_DEFAULT=""'
@@ -98,7 +98,7 @@
 # This method will only add the parameter if it was not already added
 # NOTICE: If the parameter was manually added, it will not be altered!
 - name: Enable early networking kernel parameter (rd.neednet=1)
-  replace:
+  ansible.builtin.replace:
     path: /etc/default/grub
     regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!rd\.neednet=).)*?)"$'
     replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 rd.neednet=1"'
@@ -108,7 +108,7 @@
 # This method will only add the parameter if it was not already added
 # NOTICE: If the parameter was manually added, it will not be altered!
 - name: Enable early networking kernel parameter (ip=dhcp)
-  replace:
+  ansible.builtin.replace:
     path: /etc/default/grub
     regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!ip=).)*?)"$'
     replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 ip=dhcp"'
@@ -116,7 +116,7 @@
   notify: Regenerate grub config
 
 - name: Disable rhel-import-state service, so that it doesn not overwrite ifcfg scripts.
-  systemd:
+  ansible.builtin.systemd:
     name: "rhel-import-state"
     enabled: false
     masked: true
@@ -126,7 +126,7 @@
     - luks_ssh_disable_state_import
 
 - name: Disable import-state service, so that it doesn not overwrite ifcfg scripts.
-  systemd:
+  ansible.builtin.systemd:
     name: "import-state"
     enabled: false
     masked: true

roles/lvm_self_backup/handlers/main.yml

@@ -18,6 +18,6 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Reload systemd config
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
   become: true

roles/lvm_self_backup/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create backup mount directories
-  file:
+  ansible.builtin.file:
     path: "/backup_snapshots/{{ item.vg_name }}-{{ item.lv_name }}"
     state: directory
     mode: '0700'
@@ -30,7 +30,7 @@
   become: true
 
 - name: Create backup status directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -42,7 +42,7 @@
   become: true
 
 - name: Install backup scripts.
-  template:
+  ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: '0700'
@@ -56,7 +56,7 @@
   become: true
 
 - name: Install backup service & timer.
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: /etc/systemd/system/
     mode: '0600'
@@ -69,7 +69,7 @@
   become: true
 
 - name: Start & enable backup service timer.
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
     name: backup-lvm.timer
     enabled: '{{ backup_timer_enabled | bool }}'

roles/mastodon/handlers/main.yml

@@ -2,13 +2,13 @@
 # Handlers file for the mastodon role
 
 - name: Pull mastodon image
-  docker_image:
+  community.docker.docker_image:
     name: "docker.io/tootsuite/mastodon:{{ mastodon_image_version }}"
     source: pull
   become: true
 
 - name: Stop mastodon for upgrade
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ mastodon_install_location }}"
     stopped: true

roles/mastodon/tasks/main.yml

@@ -20,7 +20,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Create data directories
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -57,7 +57,7 @@
   become: true
 
 - name: Create public data directory
-  file:
+  ansible.builtin.file:
     path: "{{ mastodon_public_location }}/system"
     mode: '0755'
     owner: '991'
@@ -67,7 +67,7 @@
   become: true
 
 - name: Deploy nginx proxy config file
-  template:
+  ansible.builtin.template:
     src: "default.conf"
     dest: "{{ mastodon_nginx_location }}/default.conf"
     mode: '0600'
@@ -76,7 +76,7 @@
   become: true
 
 - name: Check if migration is needed
-  command: "grep -q 'tootsuite/mastodon:{{ mastodon_image_version }}' '{{ mastodon_install_location }}/docker-compose.yml'"
+  ansible.builtin.command: "grep -q 'tootsuite/mastodon:{{ mastodon_image_version }}' '{{ mastodon_install_location }}/docker-compose.yml'"
   register: mastodon_version_fact
   ignore_errors: true
   changed_when: mastodon_version_fact.rc > 0
@@ -85,10 +85,10 @@
   notify: ["Pull mastodon image", "Stop mastodon for upgrade"]
 
 - name: Immediately run / flush Ansible handlers
-  meta: "flush_handlers"
+  ansible.builtin.meta: "flush_handlers"
 
 - name: Deploy config
-  template:
+  ansible.builtin.template:
     src: ".env.production"
     dest: "{{ mastodon_install_location }}/.env.production"
     mode: '0600'
@@ -99,7 +99,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ mastodon_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -111,7 +111,7 @@
   become: true
 
 - name: Migrate database
-  command: docker-compose run --rm web rails db:migrate
+  ansible.builtin.command: docker-compose run --rm web rails db:migrate
   args:
     chdir: "{{ mastodon_install_location }}"
   when:
@@ -125,7 +125,7 @@
     PYTHONPATH:
 
 - name: Clear cache
-  command: docker-compose run --rm web bin/tootctl cache clear
+  ansible.builtin.command: docker-compose run --rm web bin/tootctl cache clear
   args:
     chdir: "{{ mastodon_install_location }}"
   when:
@@ -139,7 +139,7 @@
     PYTHONPATH:
 
 - name: Compose mastodon
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ mastodon_install_location }}"
     pull: true

roles/matrix/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -54,7 +54,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ matrix_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -66,7 +66,7 @@
   become: true
 
 - name: Check if homeserver.yaml (config) exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ matrix_data_location }}/homeserver.yaml"
   register: matrix_synapse_homeserver_yaml
   tags:
@@ -75,7 +75,7 @@
   become: true
 
 - name: Generate synapse config
-  command: 'docker-compose run -e "SYNAPSE_SERVER_NAME={{ matrix_synapse_servername }}" synapse generate'
+  ansible.builtin.command: 'docker-compose run -e "SYNAPSE_SERVER_NAME={{ matrix_synapse_servername }}" synapse generate'
   args:
     chdir: "{{ matrix_install_location }}"
     creates: "{{ matrix_data_location }}/homeserver.yaml"
@@ -87,7 +87,7 @@
     - not matrix_synapse_homeserver_yaml.stat.exists
 
 - name: Compose matrix
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ matrix_install_location }}"
     pull: true

roles/matrix_delegate/handlers/main.yml

@@ -19,7 +19,7 @@
 #
 
 - name: restart matrix delegate nginx
-  docker_compose:
+  community.docker.docker_compose:
     services:
       - delegate
     state: present

roles/matrix_delegate/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -32,7 +32,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ matrix_delegate_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -45,7 +45,7 @@
   become: true
 
 - name: Deploy delegation config files
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: "{{ matrix_delegate_install_location }}/{{ item }}"
     setype: "container_file_t"
@@ -62,7 +62,7 @@
   become: true
 
 - name: Deploy nginx delegate config
-  template:
+  ansible.builtin.template:
     src: "delegate-nginx.conf"
     dest: "{{ matrix_delegate_install_location }}/nginx.conf"
     setype: "container_file_t"
@@ -77,7 +77,7 @@
   become: true
 
 - name: Compose matrix_delegate
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ matrix_delegate_install_location }}"
     pull: true

roles/matrix_elementweb/handlers/main.yml

@@ -19,7 +19,7 @@
 #
 
 - name: restart matrix elementweb
-  docker_compose:
+  community.docker.docker_compose:
     services:
       - elementweb
     state: present

roles/matrix_elementweb/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -32,7 +32,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -43,7 +43,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -52,7 +52,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ matrix_elementweb_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -65,7 +65,7 @@
   become: true
 
 - name: Deploy elementweb config files
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: "{{ matrix_elementweb_data_location }}/{{ item }}"
     setype: "container_file_t"
@@ -82,7 +82,7 @@
   become: true
 
 - name: Compose matrix-elementweb
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ matrix_elementweb_install_location }}"
     pull: true

roles/matrix_maubot/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -54,7 +54,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ matrix_maubot_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -67,7 +67,7 @@
   become: true
 
 - name: Compose matrix-maubot
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ matrix_maubot_install_location }}"
     pull: true

roles/matrix_webhooks/handlers/main.yml

@@ -19,7 +19,7 @@
 #
 
 - name: restart matrix webhooks
-  docker_compose:
+  community.docker.docker_compose:
     services:
       - appservice-webhooks
     state: present

roles/matrix_webhooks/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -30,7 +30,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -41,7 +41,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -50,7 +50,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ matrix_webhooks_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -63,7 +63,7 @@
   become: true
 
 - name: Deploy webhooks config files
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: "{{ matrix_webhooks_data_location }}/{{ item }}"
     setype: "container_file_t"
@@ -90,7 +90,7 @@
   become: true
 
 - name: Compose matrix-webhooks
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ matrix_webhooks_install_location }}"
     pull: true

roles/minecraft/handlers/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart telegraf
-  docker_compose:
+  community.docker.docker_compose:
     services: "telegraf"
     project_src: "{{ minecraft_install_location }}"
     restarted: true

roles/minecraft/tasks/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -31,7 +31,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
     - minecraft
 
 - name: Create data directories
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -57,7 +57,7 @@
     - minecraft
 
 - name: Create telegraf config directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     mode: '0700'
     owner: "{{ minecraft_telegraf_config_uid }}"
@@ -69,7 +69,7 @@
   become: true
 
 - name: Deploy telegraf.conf
-  template:
+  ansible.builtin.template:
     src: telegraf.conf
     dest: "{{ minecraft_telegraf_location }}/telegraf.conf"
     mode: '0600'
@@ -84,7 +84,7 @@
     - minecraft_telegraf.enabled
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ minecraft_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -97,7 +97,7 @@
   become: true
 
 - name: Install minecraftctl CLI
-  template:
+  ansible.builtin.template:
     src: minecraftctl.sh
     dest: "/usr/local/bin/minecraftctl"
     mode: '0755'
@@ -108,7 +108,7 @@
   become: true
 
 - name: Compose minecraft
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ minecraft_install_location }}"
     pull: true

roles/minecraft_blockmap/handlers/main.yml

@@ -18,6 +18,6 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Reload systemd config
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
   become: true

roles/minecraft_blockmap/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -28,7 +28,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -41,7 +41,7 @@
     - blockmap
 
 - name: Create data directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0755'
@@ -56,7 +56,7 @@
     - blockmap
 
 - name: Create archive directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0755'
@@ -69,7 +69,7 @@
     - blockmap
 
 - name: Deploy nginx config file
-  template:
+  ansible.builtin.template:
     src: "default.conf"
     dest: "{{ minecraft_blockmap_install_location }}/default.conf"
     mode: '0600'
@@ -78,7 +78,7 @@
   become: true
 
 - name: Deploy blockmap config
-  template:
+  ansible.builtin.template:
     src: "blockmap.json"
     dest: "{{ minecraft_blockmap_config_location }}/blockmap.json"
     mode: '0600'
@@ -88,7 +88,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ minecraft_blockmap_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -101,7 +101,7 @@
   become: true
 
 - name: Create lvm mount directories
-  file:
+  ansible.builtin.file:
     path: "/blockmap_snapshot"
     state: directory
     mode: '0700'
@@ -111,7 +111,7 @@
   become: true
 
 - name: Install render script
-  template:
+  ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: '0700'
@@ -123,7 +123,7 @@
   become: true
 
 - name: Install render service & timer
-  template:
+  ansible.builtin.template:
     src: "{{ item }}"
     dest: /etc/systemd/system/
     mode: '0755'
@@ -136,7 +136,7 @@
   become: true
 
 - name: Start & enable render service timer
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: true
     name: blockmap-render.timer
     enabled: '{{ minecraft_blockmap_timer_enabled | bool }}'
@@ -144,7 +144,7 @@
   become: true
 
 - name: Compose minecraft-blockmap
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ minecraft_blockmap_install_location }}"
     pull: true

roles/minio/tasks/main.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -30,7 +30,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -43,7 +43,7 @@
     - minio
 
 - name: Create data directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -57,7 +57,7 @@
     - minio
 
 - name: Create minio user directory
-  file:
+  ansible.builtin.file:
     path: "{{ minio_data_location }}/{{ item.key }}"
     state: directory
     mode: '0700'
@@ -71,7 +71,7 @@
   no_log: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ minio_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -86,7 +86,7 @@
     - minio_users | length > 0
 
 - name: Compose minio
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ minio_install_location }}"
     pull: true

roles/moby_engine/handlers/main.yml

@@ -18,17 +18,17 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart docker service
-  service:
+  ansible.builtin.service:
     name: "docker"
     state: "{{ moby_engine_docker_restart_handler_state }}"
   become: true
 
 - name: Regenerate grub config BIOS
-  command: grub2-mkconfig -o  /etc/grub2.cfg
+  ansible.builtin.command: grub2-mkconfig -o  /etc/grub2.cfg
   listen: Regenerate grub config
   become: true
 
 - name: Regenerate grub config EFI
-  command: grub2-mkconfig -o  /etc/grub2-efi.cfg
+  ansible.builtin.command: grub2-mkconfig -o  /etc/grub2-efi.cfg
   listen: Regenerate grub config
   become: true

roles/moby_engine/tasks/Fedora-32.yml

@@ -18,27 +18,27 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Install moby-engine.
-  package:
+  ansible.builtin.package:
     name: 'moby-engine'
     state: 'present'
   become: true
   notify: Restart docker service
 
 - name: Ensure Docker is started and enabled at boot.
-  service:
+  ansible.builtin.service:
     name: docker
     state: "{{ moby_engine_docker_service_state }}"
     enabled: "{{ moby_engine_docker_service_enabled }}"
   become: true
 
 - name: Check if line is present
-  shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
+  ansible.builtin.shell: cat /etc/default/grub | grep GRUB_CMDLINE_LINUX_DEFAULT
   changed_when: false
   ignore_errors: true
   register: moby_engine_grub_default
 
 - name: Ensure that GRUB_CMDLINE_LINUX_DEFAULT is present
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/default/grub
     regexp: '^GRUB_CMDLINE_LINUX_DEFAULT'
     line: 'GRUB_CMDLINE_LINUX_DEFAULT=""'
@@ -49,7 +49,7 @@
 # This method will only add the parameter if it was not already added
 # NOTICE: If the parameter was manually added, it will not be altered!
 - name: Enable legacy cgroup v1 support (to allow CPU/RAM limits etc)
-  replace:
+  ansible.builtin.replace:
     path: /etc/default/grub
     regexp: '^GRUB_CMDLINE_LINUX_DEFAULT=\"((?:(?!systemd\.unified_cgroup_hierarchy=).)*?)"$'
     replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 systemd.unified_cgroup_hierarchy=0"'

roles/monitoring/tasks/influxdb/database.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create database
-  influxdb_database:
+  community.general.influxdb_database:
     state: present
     login_username: "{{ monitoring_influxdb_admin_username }}"
     login_password: "{{ monitoring_influxdb_admin_password }}"
@@ -31,7 +31,7 @@
   no_log: true
 
 - name: Create retention policies
-  influxdb_retention_policy:
+  community.general.influxdb_retention_policy:
     login_username: "{{ monitoring_influxdb_admin_username }}"
     login_password: "{{ monitoring_influxdb_admin_password }}"
     hostname: "{{ monitoring_influxdb_domain }}"

roles/monitoring/tasks/influxdb/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create admin user
-  influxdb_user:
+  community.general.influxdb_user:
     state: present
     login_username: "{{ monitoring_influxdb_admin_username }}"
     login_password: "{{ monitoring_influxdb_admin_password }}"
@@ -39,7 +39,7 @@
     loop_var: "database"
 
 - name: Create database user
-  influxdb_user:
+  community.general.influxdb_user:
     state: present
     login_username: "{{ monitoring_influxdb_admin_username }}"
     login_password: "{{ monitoring_influxdb_admin_password }}"

roles/monitoring/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -28,7 +28,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -39,7 +39,7 @@
   become: true
 
 - name: Create grafana directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0750'
@@ -51,7 +51,7 @@
   become: true
 
 - name: Create influxdb directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0750'
@@ -63,7 +63,7 @@
   become: true
 
 - name: Deploy docker-compose.yml and config
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ monitoring_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -73,7 +73,7 @@
   become: true
 
 - name: Compose monitoring
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ monitoring_install_location }}"
     pull: true
@@ -82,7 +82,7 @@
   become: true
 
 - name: Wait 30 seconds for influxdb to become healthy
-  wait_for:
+  ansible.builtin.wait_for:
     timeout: 30
   delegate_to: localhost
   # noqa no-handler

roles/owncast/handlers/main.yml

@@ -19,7 +19,7 @@
 #
 
 - name: restart owncast
-  docker_compose:
+  community.docker.docker_compose:
     services:
       - owncast
     state: present

roles/owncast/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -27,7 +27,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -40,7 +40,7 @@
     - owncast
 
 - name: Create data directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0750'
@@ -54,7 +54,7 @@
     - owncast
 
 - name: Deploy owncast config
-  template:
+  ansible.builtin.template:
     src: "config.yaml"
     dest: "{{ owncast_config_location }}/config.yaml"
     mode: '0600'
@@ -65,7 +65,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ owncast_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -78,7 +78,7 @@
   become: true
 
 - name: Compose owncast
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ owncast_install_location }}"
     pull: true

roles/penpot/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -29,7 +29,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -40,7 +40,7 @@
   become: true
 
 - name: Create data directories
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -51,7 +51,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ penpot_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -63,7 +63,7 @@
   become: true
 
 - name: Compose penpot
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ penpot_install_location }}"
     pull: true

roles/ssh/handlers/main.yml

@@ -18,5 +18,5 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Reload firewalld
-  command: "firewall-cmd --reload"
+  ansible.builtin.command: "firewall-cmd --reload"
   become: true

roles/ssh/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Ensure SSH ports are opened.
-  command: "firewall-cmd --permanent --service=ssh --add-port={{ item }}/tcp"
+  ansible.builtin.command: "firewall-cmd --permanent --service=ssh --add-port={{ item }}/tcp"
   become: true
   changed_when: 'firewalld_direct_result.stderr is defined and "ALREADY_ENABLED" not in firewalld_direct_result.stderr'
   with_items: "{{ ssh_server_ports }}"
@@ -30,14 +30,14 @@
     - Reload firewalld
 
 - name: Create users
-  user:
+  ansible.builtin.user:
     name: "{{ item.user }}"
     password: "{{ item.password | default(omit) }}"
   become: true
   with_items: "{{ ssh_authorized_keys }}"
 
 - name: Install ssh keys for users
-  authorized_key:
+  ansible.posix.authorized_key:
     user: "{{ item.user }}"
     state: present
     key: "{{ lookup('file', item.ssh_key) }}"

roles/static_websites/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Create directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -31,7 +31,7 @@
     - deploy_sites
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ static_websites_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -46,7 +46,7 @@
   become: true
 
 - name: Compose static websites
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ static_websites_install_location }}"
     pull: true

roles/teamspeak/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ teamspeak_selinux_level }}"
@@ -28,7 +28,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -41,7 +41,7 @@
   become: true
 
 - name: Create data directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -53,7 +53,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ teamspeak_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -66,7 +66,7 @@
   become: true
 
 - name: Compose teamspeak
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ teamspeak_install_location }}"
     pull: true

roles/telegraf/handlers/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart telegraf
-  docker_compose:
+  community.docker.docker_compose:
     project_src: "{{ telegraf_install_location }}"
     restarted: true
   become: true

roles/telegraf/tasks/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -27,7 +27,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -38,7 +38,7 @@
   become: true
 
 - name: Create config directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     mode: '0700'
     owner: "{{ telegraf_config_uid }}"
@@ -50,7 +50,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ telegraf_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -60,7 +60,7 @@
   become: true
 
 - name: Deploy telegraf config
-  template:
+  ansible.builtin.template:
     src: "telegraf.conf"
     dest: "{{ telegraf_config_location }}/telegraf.conf"
     mode: '0600'
@@ -70,7 +70,7 @@
   become: true
 
 - name: Compose telegraf
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ telegraf_install_location }}"
     pull: true

roles/traefik/handlers/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart tor proxy
-  command: "docker-compose restart tor"
+  ansible.builtin.command: "docker-compose restart tor"
   args:
     chdir: "{{ traefik_install_location }}"
   become: true

roles/traefik/tasks/acmedumper.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts for acme-dumper
-  sefcontext:
+  community.general.system.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ traefik_selinux_level | default(omit) }}"
@@ -30,7 +30,7 @@
   become: true
 
 - name: Create data directory for acme-dumper
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0750'

roles/traefik/tasks/main.yml

@@ -20,7 +20,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ traefik_selinux_level }}"
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Create data directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -66,14 +66,14 @@
   when: traefik_acmedumper_enabled | bool
 
 - name: Create proxy network
-  docker_network:
+  community.docker.docker_network:
     name: "{{ proxy_network }}"
     driver_options:
       com.docker.network.bridge.name: "{{ traefik_docker_bridge_name }}"
   become: true
 
 - name: Create ipv6 frontend network
-  docker_network:
+  community.docker.docker_network:
     name: "{{ traefik_ipv6.name }}"
     enable_ipv6: true
     ipam_config:
@@ -84,7 +84,7 @@
     - traefik_ipv6.enabled
 
 - name: Gather the package facts
-  package_facts:
+  ansible.builtin.package_facts:
     manager: auto
 
 # This step is only needed in docker < 20.10, as docker does this by default now
@@ -104,7 +104,7 @@
     - ansible_facts.packages[docker_package][0].version is version('20.10', '<')
 
 - name: Deploy dynamic_conf.yml
-  template:
+  ansible.builtin.template:
     src: dynamic_conf.yml
     dest: "{{ traefik_config_location }}/dynamic_conf.yml"
     owner: 'root'
@@ -117,7 +117,7 @@
     - traefik_dynamic_conf != omit
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: docker-compose.yml
     dest: "{{ traefik_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -129,7 +129,7 @@
   become: true
 
 - name: Compose traefik
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ traefik_install_location }}"
     pull: true
@@ -137,7 +137,7 @@
   become: true
 
 - name: Read tor hostname
-  slurp:
+  ansible.builtin.slurp:
     src: "{{ traefik_tor_data_location }}/traefik/hostname"
   register: proxy_hiddenservice
   become: true
@@ -159,7 +159,7 @@
 
 # NOTE: This rule does not care about new / old ip values, so removal must be made by hand!
 - name: Configure firewalld to allow IPv6 traffic for HTTP/HTTPS
-  command:
+  ansible.builtin.command:
     argv:
       - firewall-cmd
       - --direct
@@ -192,7 +192,7 @@
 
 # NOTE: This rule does not care about new / old ip values, so removal must be made by hand!
 - name: Configure firewalld to allow IPv6 traffic for HTTP/HTTPS
-  command:
+  ansible.builtin.command:
     argv:
       - firewall-cmd
       - --permanent

roles/traefik/tasks/tor.yml

@@ -19,7 +19,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Update default SELinux contexts tor
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     selevel: "{{ traefik_tor_selinux_level | default(omit) }}"
@@ -32,7 +32,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -43,7 +43,7 @@
   become: true
 
 - name: Create data directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -56,7 +56,7 @@
   become: true
 
 - name: Create config directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -69,7 +69,7 @@
   become: true
 
 - name: Setup tor config
-  copy:
+  ansible.builtin.copy:
     src: traefik-tor.conf
     dest: "{{ traefik_tor_config_location }}/traefik.conf"
     setype: "container_file_t"

roles/vikunja/handlers/main.yml

@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 - name: Restart vikunja-api
-  docker_compose:
+  community.docker.docker_compose:
     services:
       - api
     project_src: "{{ vikunja_install_location }}"

roles/vikunja/tasks/main.yml

@@ -21,7 +21,7 @@
 #
 
 - name: Update default SELinux contexts
-  sefcontext:
+  community.general.sefcontext:
     target: '{{ item }}(/.*)?'
     setype: "container_file_t"
     state: present
@@ -33,7 +33,7 @@
   become: true
 
 - name: Create install directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -44,7 +44,7 @@
   become: true
 
 - name: Create database directory
-  file:  # noqa risky-file-permissions # Container manages permissions on its own
+  ansible.builtin.file:  # noqa risky-file-permissions # Container manages permissions on its own
     path: "{{ item }}"
     state: directory
     setype: "container_file_t"
@@ -53,7 +53,7 @@
   become: true
 
 - name: Create files directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: '0700'
@@ -66,7 +66,7 @@
   become: true
 
 - name: Deploy docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml"
     dest: "{{ vikunja_install_location }}/docker-compose.yml"
     mode: '0600'
@@ -78,7 +78,7 @@
   become: true
 
 - name: Deploy config.yml
-  template:
+  ansible.builtin.template:
     src: "config.yml"
     dest: "{{ vikunja_install_location }}/config.yml"
     owner: '1000'
@@ -90,7 +90,7 @@
   become: true
 
 - name: Compose vikunja
-  docker_compose:
+  community.docker.docker_compose:
     state: present
     project_src: "{{ vikunja_install_location }}"
     pull: true