From db3c5e99f07637d28fbf7122590ef534e0fb46e9 Mon Sep 17 00:00:00 2001 From: L3D Date: Sun, 29 Oct 2023 16:11:12 +0100 Subject: [PATCH 1/2] Improve linting and cleanup --- requirements.yml | 4 +-- tasks/backup.yml | 18 +++++----- tasks/customize_footer.yml | 4 +-- tasks/customize_logo.yml | 10 +++--- tasks/customize_public_files.yml | 4 +-- tasks/directory.yml | 2 +- tasks/fail2ban.yml | 2 +- tasks/install_forgejo.yml | 2 +- tasks/install_gitea.yml | 2 +- tasks/main.yml | 58 ++++++++++++++++++++------------ tasks/set_forgejo_version.yml | 6 ++-- tasks/versioncheck.yml | 7 ++-- 12 files changed, 66 insertions(+), 53 deletions(-) diff --git a/requirements.yml b/requirements.yml index 2159e44..a5a1e10 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,4 +1,4 @@ --- collections: - - name: community.general - source: https://galaxy.ansible.com + - name: 'community.general' + version: ">=7.5.0,<=8.0.0" diff --git a/tasks/backup.yml b/tasks/backup.yml index 3dc9074..6a9fc56 100644 --- a/tasks/backup.yml +++ b/tasks/backup.yml @@ -11,20 +11,18 @@ - name: Stopping gitea before upgrade become: true ansible.builtin.systemd: - name: gitea - state: stopped + name: 'gitea.service' + state: 'stopped' when: ansible_service_mgr == "systemd" - name: "Create backup directory" become: true ansible.builtin.file: - path: "{{ item }}" - state: directory + path: "{{ gitea_backup_location }}" + state: 'directory' owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: 'u=rwx,g=rx,o=' - with_items: - - "{{ gitea_backup_location }}" - name: Backing up gitea before upgrade become: true @@ -36,10 +34,10 @@ - name: Starting gitea because backup failed become: true ansible.builtin.systemd: - name: gitea - state: stopped + name: 'gitea.service' + state: 'started' when: ansible_service_mgr == "systemd" - - name: Print updateing error - ansible.builtin.debug: + - name: Print updateing error and cancel + ansible.builtin.fail: msg: "failed to backup gitea" diff --git a/tasks/customize_footer.yml b/tasks/customize_footer.yml index f7f8931..1f14080 100644 --- a/tasks/customize_footer.yml +++ b/tasks/customize_footer.yml @@ -7,7 +7,7 @@ owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: 'u=rwX,g=rX,o=' - with_items: + loop: - "{{ gitea_custom }}/templates" - "{{ gitea_custom }}/templates/custom" @@ -19,6 +19,6 @@ owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: '0644' - ignore_errors: true + failed_when: false tags: skip_ansible_lint notify: "Restart gitea" diff --git a/tasks/customize_logo.yml b/tasks/customize_logo.yml index 4d4d609..c3e8ae7 100644 --- a/tasks/customize_logo.yml +++ b/tasks/customize_logo.yml @@ -7,7 +7,7 @@ owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: 'u=rwX,g=rX,o=' - with_items: + loop: - "{{ gitea_custom }}/public" - "{{ gitea_custom }}/public/img" @@ -20,7 +20,7 @@ group: "{{ gitea_group }}" mode: '0644' tags: skip_ansible_lint - ignore_errors: true + failed_when: false - name: Transfer custom logo.png become: true @@ -31,7 +31,7 @@ group: "{{ gitea_group }}" mode: '0644' tags: skip_ansible_lint - ignore_errors: true + failed_when: false - name: Transfer custom favicon.png become: true @@ -42,7 +42,7 @@ group: "{{ gitea_group }}" mode: '0644' tags: skip_ansible_lint - ignore_errors: true + failed_when: false - name: Transfer custom apple-touch-icon.png become: true @@ -53,4 +53,4 @@ group: "{{ gitea_group }}" mode: '0644' tags: skip_ansible_lint - ignore_errors: true + failed_when: false diff --git a/tasks/customize_public_files.yml b/tasks/customize_public_files.yml index 9c14c9a..747a103 100644 --- a/tasks/customize_public_files.yml +++ b/tasks/customize_public_files.yml @@ -7,7 +7,7 @@ owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: 'u=rwX,g=rX,o=' - with_items: + loop: - "{{ gitea_custom }}/public" - name: Transfer custom public web data @@ -19,6 +19,6 @@ group: "{{ gitea_group }}" directory_mode: true mode: 'u=rwX,g=rX,o=' - ignore_errors: true + failed_when: false tags: skip_ansible_lint notify: "Restart gitea" diff --git a/tasks/directory.yml b/tasks/directory.yml index 2a9e2aa..5154b40 100644 --- a/tasks/directory.yml +++ b/tasks/directory.yml @@ -7,7 +7,7 @@ owner: "{{ gitea_user }}" group: "{{ gitea_group }}" mode: 'u=rwX,g=rX,o=' - with_items: + loop: - "{{ gitea_configuration_path }}" - "{{ gitea_user_home }}" - "{{ gitea_home }}" diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml index aa41bde..af439e3 100644 --- a/tasks/fail2ban.yml +++ b/tasks/fail2ban.yml @@ -25,5 +25,5 @@ ansible.builtin.fail: msg: "the package fail2ban is not installed. no fail2ban filters deployed." when: "'fail2ban' not in ansible_facts.packages" - ignore_errors: true + failed_when: false tags: skip_ansible_lint_ignore-errors diff --git a/tasks/install_forgejo.yml b/tasks/install_forgejo.yml index c4b5a05..6cbb79e 100644 --- a/tasks/install_forgejo.yml +++ b/tasks/install_forgejo.yml @@ -54,7 +54,7 @@ become: false failed_when: _gitea_gpg_key_status.rc not in (0, 2) - - name: Print gpg key status on verbosity + - name: Print gpg key status on verbosity # noqa: H500 ansible.builtin.debug: msg: "{{ _gitea_gpg_key_status.stdout }}" verbosity: 1 diff --git a/tasks/install_gitea.yml b/tasks/install_gitea.yml index 78c603b..4a7f5c4 100644 --- a/tasks/install_gitea.yml +++ b/tasks/install_gitea.yml @@ -53,7 +53,7 @@ changed_when: false failed_when: _gitea_gpg_key_status.rc not in (0, 2) - - name: Print gpg key status on verbosity + - name: Print gpg key status on verbosity # noqa: H500 ansible.builtin.debug: msg: "{{ _gitea_gpg_key_status.stdout }}" verbosity: 1 diff --git a/tasks/main.yml b/tasks/main.yml index 7fe7331..c1862f4 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,65 +1,81 @@ --- - name: Perform optional versionscheck - ansible.builtin.include_tasks: versioncheck.yml + ansible.builtin.include_tasks: + file: 'versioncheck.yml' when: submodules_versioncheck|bool - name: Gather installed packages for checks later on ansible.builtin.package_facts: - manager: auto + manager: 'auto' - name: Prepare gitea/forgejo variable import block: - name: Gather variables for gitea or forgejo - ansible.builtin.include_vars: "{{ lookup('first_found', gitea_fork_variables) }}" + ansible.builtin.include_vars: + file: "{{ lookup('first_found', gitea_fork_variables) }}" rescue: - name: Gitea/Forejo import info ansible.builtin.fail: msg: "Currently only {{ gitea_supported_forks }} are supported." - name: Gather variables for each operating system - ansible.builtin.include_vars: "{{ lookup('first_found', gitea_variables) }}" + ansible.builtin.include_vars: + file: "{{ lookup('first_found', gitea_variables) }}" - name: Gather versioning information - ansible.builtin.include_tasks: "set_{{ gitea_fork | lower }}_version.yml" + ansible.builtin.include_tasks: + file: "set_{{ gitea_fork | lower }}_version.yml" - name: Backup gitea before update - ansible.builtin.include_tasks: backup.yml + ansible.builtin.include_tasks: + file: 'backup.yml' when: gitea_backup_on_upgrade|bool - name: Create gitea user and role - ansible.builtin.include_tasks: create_user.yml + ansible.builtin.include_tasks: + file: 'create_user.yml' - name: "Install or update {{ gitea_fork }}" - ansible.builtin.include_tasks: "install_{{ gitea_fork | lower }}.yml" + ansible.builtin.include_tasks: + file: "install_{{ gitea_fork | lower }}.yml" - name: Create directories - ansible.builtin.include_tasks: directory.yml + ansible.builtin.include_tasks: + file: 'directory.yml' - name: Setup gitea systemd service - ansible.builtin.include_tasks: install_systemd.yml + ansible.builtin.include_tasks: + file: 'install_systemd.yml' when: ansible_service_mgr == "systemd" - name: Generate JWT Secrets if undefined - ansible.builtin.include_tasks: jwt_secrets.yml + ansible.builtin.include_tasks: + file: 'jwt_secrets.yml' - name: Generate gitea secrets if undefined - ansible.builtin.include_tasks: gitea_secrets.yml + ansible.builtin.include_tasks: + file: 'gitea_secrets.yml' - name: Configure gitea - ansible.builtin.include_tasks: configure.yml + ansible.builtin.include_tasks: + file: 'configure.yml' - name: Deploy optional fail2ban rules - ansible.builtin.include_tasks: fail2ban.yml - when: gitea_fail2ban_enabled|bool + ansible.builtin.include_tasks: + file: 'fail2ban.yml' + when: gitea_fail2ban_enabled | bool - name: Optionally customize gitea - ansible.builtin.include_tasks: customize_logo.yml - when: gitea_customize_logo|bool + ansible.builtin.include_tasks: + file: 'customize_logo.yml' + when: gitea_customize_logo | bool - name: Optionally customize footer - ansible.builtin.include_tasks: customize_footer.yml - when: gitea_customize_footer|bool + ansible.builtin.include_tasks: + file: 'customize_footer.yml' + when: gitea_customize_footer | bool - name: Optionally deploy public files - ansible.builtin.include_tasks: customize_public_files.yml - when: gitea_customize_files|bool + ansible.builtin.include_tasks: + file: 'customize_public_files.yml' + when: gitea_customize_files | bool diff --git a/tasks/set_forgejo_version.yml b/tasks/set_forgejo_version.yml index 7b3d195..2c746eb 100644 --- a/tasks/set_forgejo_version.yml +++ b/tasks/set_forgejo_version.yml @@ -2,7 +2,7 @@ - name: "Check forgejo installed version" ansible.builtin.shell: "set -eo pipefail; {{ gitea_full_executable_path }} -v | cut -d' ' -f 3" args: - executable: /bin/bash + executable: '/bin/bash' register: gitea_active_version changed_when: false failed_when: false @@ -97,11 +97,11 @@ gitea_forgejo_signed_url: ['https://codeberg.org/attachments/ae5e50c6-e86e-4202-b95f-f142e8138e2f'] when: ansible_check_mode -- name: Show Download URLs +- name: Show Download URLs # noqa: H500 ansible.builtin.debug: msg: "{{ item }}" verbosity: 1 - with_items: + loop: - "gitea_forgejo_dl_url: {{ gitea_forgejo_dl_url | first }}" - "gitea_forgejo_checksum: {{ gitea_forgejo_checksum }}" - "gitea_forgejo_signed_url: {{ gitea_forgejo_signed_url | first }}" diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index dd22a1a..7dd80c5 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -7,7 +7,7 @@ ansible.builtin.file: path: '/etc/.ansible-version' state: directory - mode: 0755 + mode: '0755' when: submodules_versioncheck | bool - name: Check playbook version @@ -16,15 +16,14 @@ src: "/etc/.ansible-version/{{ playbook_version_path }}" register: playbook_version when: submodules_versioncheck | bool - ignore_errors: true failed_when: false -- name: Print remote role version +- name: Print remote role version # noqa: H500 ansible.builtin.debug: msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" when: submodules_versioncheck | bool -- name: Print locale role version +- name: Print locale role version # noqa: H500 ansible.builtin.debug: msg: "Local role version: '{{ playbook_version_number | string }}'." when: submodules_versioncheck | bool From e03ee5a18f815e04fd1495d36353c176cda2a940 Mon Sep 17 00:00:00 2001 From: L3D Date: Sun, 29 Oct 2023 16:11:54 +0100 Subject: [PATCH 2/2] Increase version --- vars/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/main.yml b/vars/main.yml index ba8f195..c3a116d 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -62,5 +62,5 @@ transfer_custom_footer: - 'files/gitea_footer/extra_links_footer.tmpl' - 'files/extra_links_footer.tmpl' -playbook_version_number: 52 # should be int +playbook_version_number: 53 # should be int playbook_version_path: 'do1jlr.gitea.version'