mirror of
https://github.com/roles-ansible/ansible_role_dotfiles.git
synced 2024-08-16 16:09:49 +02:00
secure vim for gopass usage and imporve linting
+ secured vim for gopass usage + improved linting + added yamllinting check
This commit is contained in:
parent
1d17b45e95
commit
ebe7b31f11
28 changed files with 183 additions and 141 deletions
2
.github/FUNDING.yml
vendored
2
.github/FUNDING.yml
vendored
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
# These are supported funding model platforms
|
||||
|
||||
github: [do1jlr]
|
||||
liberapay: L3D
|
||||
custom: https://paypal.me/c3woc
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check archlinux:latest
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-centos-centos7.yml
vendored
2
.github/workflows/ansible-centos-centos7.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check centos:centos7
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-centos-centos8.yml
vendored
2
.github/workflows/ansible-centos-centos8.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check centos:centos8
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-centos-latest.yml
vendored
2
.github/workflows/ansible-centos-latest.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check centos:latest
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-debian-buster.yml
vendored
2
.github/workflows/ansible-debian-buster.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check debian:buster
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-debian-latest.yml
vendored
2
.github/workflows/ansible-debian-latest.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check debian:latest
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-debian-sid.yml
vendored
2
.github/workflows/ansible-debian-sid.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check debian:sid
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-debian-stable.yml
vendored
2
.github/workflows/ansible-debian-stable.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check debian:stable
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-debian-stretch.yml
vendored
2
.github/workflows/ansible-debian-stretch.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check debian:stretch
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-fedora-31.yml
vendored
2
.github/workflows/ansible-fedora-31.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check fedora:31
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-fedora-32.yml
vendored
2
.github/workflows/ansible-fedora-32.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check fedora:32
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-fedora-33.yml
vendored
2
.github/workflows/ansible-fedora-33.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check fedora:33
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-fedora-latest.yml
vendored
2
.github/workflows/ansible-fedora-latest.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check fedora:latest
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-linting-check.yml
vendored
2
.github/workflows/ansible-linting-check.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible Lint check
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-ubuntu-bionic.yml
vendored
2
.github/workflows/ansible-ubuntu-bionic.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check ubuntu:bionic
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-ubuntu-latest.yml
vendored
2
.github/workflows/ansible-ubuntu-latest.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check ubuntu:latest
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
2
.github/workflows/ansible-ubuntu-trusty.yml
vendored
2
.github/workflows/ansible-ubuntu-trusty.yml
vendored
|
@ -1,5 +1,7 @@
|
|||
---
|
||||
name: Ansible check ubuntu:trusty
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
|
|
22
.github/workflows/yamllint.yaml
vendored
Normal file
22
.github/workflows/yamllint.yaml
vendored
Normal file
|
@ -0,0 +1,22 @@
|
|||
---
|
||||
name: 'Yamllint GitHub Actions'
|
||||
|
||||
# yamllint disable-line rule:truthy
|
||||
on: [push, pull_request]
|
||||
|
||||
jobs:
|
||||
yamllint:
|
||||
name: 'Yamllint'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: 'Checkout'
|
||||
uses: actions/checkout@master
|
||||
- name: 'Yamllint'
|
||||
uses: karancode/yamllint-github-action@master
|
||||
with:
|
||||
yamllint_file_or_dir: '.'
|
||||
yamllint_config_filepath: './.yamllint'
|
||||
yamllint_strict: false
|
||||
yamllint_comment: true
|
||||
# env:
|
||||
# GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }
|
29
.travis.yml
29
.travis.yml
|
@ -1,29 +0,0 @@
|
|||
---
|
||||
# OS Details
|
||||
os: linux
|
||||
language: python
|
||||
python: '3.8'
|
||||
|
||||
cache:
|
||||
pip: true
|
||||
|
||||
# Install ansible and ansible-lint
|
||||
install:
|
||||
- pip install ansible
|
||||
- pip install ansible-lint
|
||||
|
||||
# testing galaxy install and ansible lint
|
||||
# more advanced testing is currently handled with
|
||||
# github actions. The gh-actions for our test are there:
|
||||
# https://github.com/roles-ansible and are tagged
|
||||
# with 'github-actions' --> https://github.com/search?q=topic%3Agithub-actions+org%3Aroles-ansible&type=Repositories
|
||||
script:
|
||||
# - ansible-galaxy install do1jlr.dotfiles
|
||||
- ansible-lint .
|
||||
- echo -e "\n\n\n\n\nWe use github actions for more detailed tests.\n\n\n\n\n"
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
||||
email:
|
||||
on_success: never
|
||||
on_failure: always
|
11
.yamllint
Normal file
11
.yamllint
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
# 280 chars should be enough, but don't fail if a line is longer
|
||||
line-length:
|
||||
max: 280
|
||||
level: warning
|
||||
braces:
|
||||
level: warning
|
||||
max-spaces-inside: 1
|
|
@ -12,18 +12,17 @@ dotfiles__modify_bashrc: true
|
|||
|
||||
# list of aliases used in bashrc
|
||||
dotfiles__aliases:
|
||||
- { alias: "ls", command: "ls ", color: True }
|
||||
- { alias: "grep", command: "grep", color: True }
|
||||
- { alias: "ll", command: "ls -alF", color: False }
|
||||
- { alias: "la", command: "ls -A", color: False }
|
||||
- { alias: "l", command: "ls -CF", color: False }
|
||||
- { alias: "lz", command: "ls -Z", color: False }
|
||||
- { alias: "EDITOR", command: "/usr/bin/vim", color: False }
|
||||
- { alias: "VISUAL", command: "/usr/bin/gedit", color: False }
|
||||
- { alias: "gitsubpull", command: "git submodule foreach '(git checkout \\$(git symbolic-ref --short refs/remotes/origin/HEAD | sed 's@^origin/@@'); git pull)'", color: False }
|
||||
- { alias: "ls", command: "ls ", color: true }
|
||||
- { alias: "grep", command: "grep", color: true }
|
||||
- { alias: "ll", command: "ls -alF", color: false }
|
||||
- { alias: "la", command: "ls -A", color: false }
|
||||
- { alias: "l", command: "ls -CF", color: false }
|
||||
- { alias: "lz", command: "ls -Z", color: false }
|
||||
- { alias: "EDITOR", command: "/usr/bin/vim", color: false }
|
||||
- { alias: "VISUAL", command: "/usr/bin/gedit", color: false }
|
||||
- { alias: "gitsubpull", command: "git submodule foreach '(git checkout \\$(git symbolic-ref --short refs/remotes/origin/HEAD | sed 's@^origin/@@'); git pull)'", color: false }
|
||||
- { alias: "pwgen", command: "/usr/bin/pwgen --num-passwords=3000 --numerals --capitalize --secure --no-vowels --ambiguous --symbols 95 1", color: false }
|
||||
|
||||
|
||||
# enable bash completion
|
||||
dotfiles__bash_completion_enabled: true
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Create a global bashrc configuration
|
||||
become: yes
|
||||
become: true
|
||||
template:
|
||||
src: 'templates/bash.bashrc'
|
||||
dest: '/etc/bash.bashrc'
|
||||
|
@ -9,7 +9,7 @@
|
|||
mode: 'u=rw,g=r,o=r'
|
||||
|
||||
- name: Copy bashrc configuration to root
|
||||
become: yes
|
||||
become: true
|
||||
template:
|
||||
src: 'templates/bashrc'
|
||||
dest: '/root/.bashrc'
|
||||
|
@ -19,7 +19,7 @@
|
|||
when: not dotfiles__allow_own_root_bashrc | bool
|
||||
|
||||
- name: Copy bashrc configuration to non admin users
|
||||
become: yes
|
||||
become: true
|
||||
template:
|
||||
src: 'templates/bashrc'
|
||||
dest: '/home/{{ item }}/.bashrc'
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: install the latest libselinux-python package
|
||||
become: yes
|
||||
be:come: true
|
||||
dnf:
|
||||
name: libselinux-python
|
||||
state: present
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
when: dotfiles__modify_bashrc | bool
|
||||
|
||||
- name: Copy vimrc configuration to root
|
||||
become: yes
|
||||
become: true
|
||||
copy:
|
||||
src: 'templates/vimrc'
|
||||
dest: '/root/.vimrc'
|
||||
|
@ -18,7 +18,7 @@
|
|||
mode: 'u=rw,g=r,o='
|
||||
|
||||
- name: Copy vimrc configuration to non admin users
|
||||
become: yes
|
||||
become: true
|
||||
copy:
|
||||
src: 'templates/vimrc'
|
||||
dest: '/home/{{ item }}/.vimrc'
|
||||
|
@ -36,7 +36,7 @@
|
|||
file:
|
||||
path: "/home/{{ item }}/.config/ranger"
|
||||
state: directory
|
||||
recurse: yes
|
||||
recurse: true
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
mode: '0644'
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
src: "/etc/.ansible-version/{{ playbook_version_path }}"
|
||||
register: playbook_version
|
||||
when: submodules_versioncheck|bool
|
||||
ignore_errors: yes
|
||||
ignore_errors: true
|
||||
failed_when: false
|
||||
|
||||
- name: Print remote role version
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
" gopass secure editor
|
||||
au BufNewFile,BufRead /dev/shm/gopass.* setlocal noswapfile nobackup noundofile
|
||||
|
||||
" vim layout
|
||||
syntax on " enable syntax highlighting
|
||||
set cursorline " highlight the current line
|
||||
set fileencoding=utf-8
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
playbook_version_number: 2065 # should be over ninethousand
|
||||
---
|
||||
playbook_version_number: 2066 # should be increased integer
|
||||
playbook_version_path: 'role_dotfiles_chaos-bodensee_github.version'
|
||||
|
|
Loading…
Reference in a new issue