From dda1ef37b426ffdb0185927875415c402715e314 Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 7 Apr 2022 23:10:30 +0200 Subject: [PATCH 1/3] update github actions --- .github/workflows/ansible-debian-bullseye.yml | 18 ++++++++++++++++++ .github/workflows/ansible-debian-buster.yml | 6 +++--- .github/workflows/ansible-debian-latest.yml | 6 +++--- .github/workflows/ansible-debian-sid.yml | 6 +++--- .github/workflows/ansible-debian-stable.yml | 11 ++++++++--- .github/workflows/ansible-debian-stretch.yml | 6 +++--- .github/workflows/ansible-linting-check.yml | 18 +++++++++--------- .github/workflows/yamllint.yaml | 17 +++++++++-------- handlers/main.yml | 2 +- tasks/configure.yml | 2 +- tasks/packages.yml | 8 ++++---- tasks/redis.yml | 2 +- 12 files changed, 63 insertions(+), 39 deletions(-) create mode 100644 .github/workflows/ansible-debian-bullseye.yml diff --git a/.github/workflows/ansible-debian-bullseye.yml b/.github/workflows/ansible-debian-bullseye.yml new file mode 100644 index 0000000..b50d111 --- /dev/null +++ b/.github/workflows/ansible-debian-bullseye.yml @@ -0,0 +1,18 @@ +--- +name: Ansible check debian:bullseye + +# yamllint disable-line rule:truthy +on: [push, pull_request] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: 'checkout git repo' + uses: actions/checkout@v3 + + - name: 'ansible check with debian:bullseye' + uses: roles-ansible/check-ansible-debian-bullseye-action@main + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-buster.yml b/.github/workflows/ansible-debian-buster.yml index d76b02c..a819e89 100644 --- a/.github/workflows/ansible-debian-buster.yml +++ b/.github/workflows/ansible-debian-buster.yml @@ -6,13 +6,13 @@ on: [push, pull_request] jobs: build: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: ansible check with debian:buster + - name: 'ansible check with debian:buster' uses: roles-ansible/check-ansible-debian-buster-action@master with: targets: "./" diff --git a/.github/workflows/ansible-debian-latest.yml b/.github/workflows/ansible-debian-latest.yml index f7eb5b6..d06a132 100644 --- a/.github/workflows/ansible-debian-latest.yml +++ b/.github/workflows/ansible-debian-latest.yml @@ -6,13 +6,13 @@ on: [push, pull_request] jobs: build: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: ansible check with debian:latest + - name: 'ansible check with debian:latest' uses: roles-ansible/check-ansible-debian-latest-action@master with: targets: "./" diff --git a/.github/workflows/ansible-debian-sid.yml b/.github/workflows/ansible-debian-sid.yml index 2e3215a..22cbbfb 100644 --- a/.github/workflows/ansible-debian-sid.yml +++ b/.github/workflows/ansible-debian-sid.yml @@ -6,13 +6,13 @@ on: [push, pull_request] jobs: build: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: ansible check with debian:sid + - name: 'ansible check with debian:sid' uses: roles-ansible/check-ansible-debian-sid-action@master with: targets: "./" diff --git a/.github/workflows/ansible-debian-stable.yml b/.github/workflows/ansible-debian-stable.yml index e47f773..bf06f77 100644 --- a/.github/workflows/ansible-debian-stable.yml +++ b/.github/workflows/ansible-debian-stable.yml @@ -2,7 +2,11 @@ name: Ansible check debian:stable # yamllint disable-line rule:truthy -on: [push, pull_request] +on: + push: + branches: '*' + pull_request: + branches: '*' jobs: build: @@ -10,9 +14,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: ansible check with debian:stable + - name: 'ansible check with debian:stable' uses: roles-ansible/check-ansible-debian-stable-action@master with: targets: "./" diff --git a/.github/workflows/ansible-debian-stretch.yml b/.github/workflows/ansible-debian-stretch.yml index c947cae..c291320 100644 --- a/.github/workflows/ansible-debian-stretch.yml +++ b/.github/workflows/ansible-debian-stretch.yml @@ -6,13 +6,13 @@ on: [push, pull_request] jobs: build: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: ansible check with debian:stretch + - name: 'ansible check with debian:stretch' uses: roles-ansible/check-ansible-debian-stretch-action@master with: targets: "./" diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml index 41dcb97..4d7dc8e 100644 --- a/.github/workflows/ansible-linting-check.yml +++ b/.github/workflows/ansible-linting-check.yml @@ -2,21 +2,21 @@ name: Ansible Lint check # yamllint disable-line rule:truthy -on: [push, pull_request] +on: + push: + branches: '*' + pull_request: + branches: '*' jobs: build: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: 'checkout git repo' + uses: actions/checkout@v3 - - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master + - name: 'Lint Ansible Playbook' + uses: ansible/ansible-lint-action@v6 with: targets: "." - # [required] - # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) - args: "" - # [optional] diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml index 39c49f8..d744e9c 100644 --- a/.github/workflows/yamllint.yaml +++ b/.github/workflows/yamllint.yaml @@ -2,21 +2,22 @@ name: 'Yamllint GitHub Actions' # yamllint disable-line rule:truthy -on: [push, pull_request] +on: + push: + branches: '*' + pull_request: + branches: '*' jobs: yamllint: name: 'Yamllint' runs-on: ubuntu-latest steps: - - name: 'Checkout' - uses: actions/checkout@master + - name: 'checkout git repo' + uses: actions/checkout@v3 + - name: 'Yamllint' - uses: karancode/yamllint-github-action@master + uses: karancode/yamllint-github-action@v2.0.0 with: yamllint_file_or_dir: '.' yamllint_config_filepath: './.yamllint' - yamllint_strict: false - yamllint_comment: true -# env: -# GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN } diff --git a/handlers/main.yml b/handlers/main.yml index 8cf2a10..cf03980 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: sudo apt update become: true - apt: + ansible.builtin.apt: update_cache: true - name: systemctl restart rspamd diff --git a/tasks/configure.yml b/tasks/configure.yml index 482f287..e487039 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -12,7 +12,7 @@ notify: systemctl restart rspamd rescue: - name: you have to install passlib - fail: + ansible.builtin.fail: msg: 'I caught an error. Maybe you have to install passlib via pip3' - name: Einstellung des logging diff --git a/tasks/packages.yml b/tasks/packages.yml index 43564dd..61ab9cd 100644 --- a/tasks/packages.yml +++ b/tasks/packages.yml @@ -1,13 +1,13 @@ --- - name: update repo-cache for debian/ubuntu become: true - apt: + ansible.builtin.apt: update_cache: true cache_valid_time: 3600 - name: install requirements to add new package repos become: true - apt: + ansible.builtin.apt: name: - lsb-release - wget @@ -40,10 +40,10 @@ notify: sudo apt update - name: run update if something changed - meta: flush_handlers + ansible.builtin.meta: flush_handlers - name: install rspamd become: true - apt: + ansible.builtin.apt: name: rspamd state: present diff --git a/tasks/redis.yml b/tasks/redis.yml index 35c72a2..55d0d0d 100644 --- a/tasks/redis.yml +++ b/tasks/redis.yml @@ -1,6 +1,6 @@ --- - name: install redis backend become: true - apt: + ansible.builtin.apt: name: redis state: present From 99afda6dfbbb6b590b58f6e9393f0380150a692c Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 7 Apr 2022 23:27:51 +0200 Subject: [PATCH 2/3] make redis and dkim optional --- defaults/main.yml | 4 ++++ tasks/main.yml | 2 ++ 2 files changed, 6 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index bb2052e..15121e2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,6 +9,10 @@ rspamd__redis_server: '127.0.0.1' rspamd__default_owner: '_rspamd' rspamd__default_group: '_rspamd' +# configure options +rspamd__configure_redis: false +rspamd__configure_dkim: false + # rspamd config file path rspamd__multimap_conf_file: 'files/multimap.conf' rspamd__whitelist_ip_file: 'files/whitelist_ip.map' diff --git a/tasks/main.yml b/tasks/main.yml index 2996524..1ec3f74 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -11,6 +11,8 @@ - name: rspamd dkim signing include_tasks: dkim.yml + when: rspamd__configure_dkim | bool - name: redis backend include_tasks: redis.yml + when: rspamd__configure_redis | bool From 0f8539a5ac4e918bbb215a49e490cf84b1b25b6f Mon Sep 17 00:00:00 2001 From: L3D Date: Thu, 7 Apr 2022 23:47:57 +0200 Subject: [PATCH 3/3] remove checks that run inside container --- .github/workflows/ansible-debian-bullseye.yml | 18 --------------- .github/workflows/ansible-debian-buster.yml | 18 --------------- .github/workflows/ansible-debian-latest.yml | 18 --------------- .github/workflows/ansible-debian-sid.yml | 18 --------------- .github/workflows/ansible-debian-stable.yml | 23 ------------------- .github/workflows/ansible-debian-stretch.yml | 18 --------------- defaults/main.yml | 4 ++-- tasks/packages.yml | 1 + 8 files changed, 3 insertions(+), 115 deletions(-) delete mode 100644 .github/workflows/ansible-debian-bullseye.yml delete mode 100644 .github/workflows/ansible-debian-buster.yml delete mode 100644 .github/workflows/ansible-debian-latest.yml delete mode 100644 .github/workflows/ansible-debian-sid.yml delete mode 100644 .github/workflows/ansible-debian-stable.yml delete mode 100644 .github/workflows/ansible-debian-stretch.yml diff --git a/.github/workflows/ansible-debian-bullseye.yml b/.github/workflows/ansible-debian-bullseye.yml deleted file mode 100644 index b50d111..0000000 --- a/.github/workflows/ansible-debian-bullseye.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: Ansible check debian:bullseye - -# yamllint disable-line rule:truthy -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:bullseye' - uses: roles-ansible/check-ansible-debian-bullseye-action@main - with: - targets: "./" diff --git a/.github/workflows/ansible-debian-buster.yml b/.github/workflows/ansible-debian-buster.yml deleted file mode 100644 index a819e89..0000000 --- a/.github/workflows/ansible-debian-buster.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: Ansible check debian:buster - -# yamllint disable-line rule:truthy -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:buster' - uses: roles-ansible/check-ansible-debian-buster-action@master - with: - targets: "./" diff --git a/.github/workflows/ansible-debian-latest.yml b/.github/workflows/ansible-debian-latest.yml deleted file mode 100644 index d06a132..0000000 --- a/.github/workflows/ansible-debian-latest.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: Ansible check debian:latest - -# yamllint disable-line rule:truthy -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:latest' - uses: roles-ansible/check-ansible-debian-latest-action@master - with: - targets: "./" diff --git a/.github/workflows/ansible-debian-sid.yml b/.github/workflows/ansible-debian-sid.yml deleted file mode 100644 index 22cbbfb..0000000 --- a/.github/workflows/ansible-debian-sid.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: Ansible check debian:sid - -# yamllint disable-line rule:truthy -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:sid' - uses: roles-ansible/check-ansible-debian-sid-action@master - with: - targets: "./" diff --git a/.github/workflows/ansible-debian-stable.yml b/.github/workflows/ansible-debian-stable.yml deleted file mode 100644 index bf06f77..0000000 --- a/.github/workflows/ansible-debian-stable.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -name: Ansible check debian:stable - -# yamllint disable-line rule:truthy -on: - push: - branches: '*' - pull_request: - branches: '*' - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:stable' - uses: roles-ansible/check-ansible-debian-stable-action@master - with: - targets: "./" diff --git a/.github/workflows/ansible-debian-stretch.yml b/.github/workflows/ansible-debian-stretch.yml deleted file mode 100644 index c291320..0000000 --- a/.github/workflows/ansible-debian-stretch.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: Ansible check debian:stretch - -# yamllint disable-line rule:truthy -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: 'checkout git repo' - uses: actions/checkout@v3 - - - name: 'ansible check with debian:stretch' - uses: roles-ansible/check-ansible-debian-stretch-action@master - with: - targets: "./" diff --git a/defaults/main.yml b/defaults/main.yml index 15121e2..840fbd4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -10,8 +10,8 @@ rspamd__default_owner: '_rspamd' rspamd__default_group: '_rspamd' # configure options -rspamd__configure_redis: false -rspamd__configure_dkim: false +rspamd__configure_redis: true +rspamd__configure_dkim: true # rspamd config file path rspamd__multimap_conf_file: 'files/multimap.conf' diff --git a/tasks/packages.yml b/tasks/packages.yml index 61ab9cd..bc639b5 100644 --- a/tasks/packages.yml +++ b/tasks/packages.yml @@ -47,3 +47,4 @@ ansible.builtin.apt: name: rspamd state: present + notify: systemctl restart rspamd