Merge pull request #405 from spk/ansible-lint

Ansible lint

.travis.yml

@@ -1,6 +1,7 @@
 language: python
 python: "2.7"
 install:
-  - pip install ansible
+  - pip install ansible ansible-lint
 script:
   - ansible-playbook --syntax-check -i hosts site.yml
+  - ansible-lint site.yml

roles/blog/tasks/blog.yml

@@ -5,7 +5,7 @@
   command: mv /etc/apache2/sites-available/{{ domain }} /etc/apache2/sites-available/{{ domain }}.conf removes=/etc/apache2/sites-available/{{ domain }}
 
 - name: Remove old sites-enabled/{{ domain }} symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/{{ domain }} removes=/etc/apache2/sites-enabled/{{ domain }}
+  file: path=/etc/apache2/sites-enabled/{{ domain }} state=absent
 
 - name: Configure the Apache HTTP server for the blog
   template: src=etc_apache2_sites-available_blog.j2 dest=/etc/apache2/sites-available/{{ domain }}.conf group=root owner=root

roles/common/tasks/google_auth.yml

@@ -15,8 +15,9 @@
            dest=/root/libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
 
 - name: Extract Google authenticator
-  command: tar xjf libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
-           chdir=/root creates=/root/libpam-google-authenticator-{{ google_auth_version }}
+  unarchive: src=/root/libpam-google-authenticator-{{ google_auth_version }}-source.tar.bz2
+             creates=/root/libpam-google-authenticator-{{ google_auth_version }}
+             dest=/root copy=no
 
 - name: Install Google authenticator
   command: make install

roles/common/tasks/security.yml

@@ -21,7 +21,7 @@
 - name: Update sshd config for PFS and more secure defaults
   template: src=etc_ssh_sshd_config.j2 dest=/etc/ssh/sshd_config
   notify: restart ssh
-  
+
 - name: Update ssh config for more secure defaults
   template: src=etc_ssh_ssh_config.j2 dest=/etc/ssh/ssh_config
 

roles/git/tasks/cgit.yml

@@ -19,9 +19,9 @@
            dest=/root/cgit-{{ cgit_version }}.tar.xz
 
 - name: Decompress cgit source
-  command: tar xvfJ /root/cgit-{{ cgit_version }}.tar.xz
-           chdir=/root
-           creates=/root/cgit-{{ cgit_version }}/configure
+  unarchive: src=/root/cgit-{{ cgit_version }}.tar.xz
+             dest=/root copy=no
+             creates=/root/cgit-{{ cgit_version }}/configure
 
 - name: Build and install cgit
   shell: make get-git ; make ; make install
@@ -38,7 +38,7 @@
   command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit
 
 - name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/cgit removes=/etc/apache2/sites-enabled/cgit
+  file: path=/etc/apache2/sites-enabled/cgit state=absent
 
 - name: Configure the Apache HTTP server for cgit
   template: src=etc_apache2_sites-available_cgit.j2

roles/ircbouncer/tasks/znc.yml

@@ -22,7 +22,9 @@
   get_url: url=http://znc.in/releases/archive/znc-{{ znc_version }}.tar.gz dest=/root/znc-{{ znc_version }}.tar.gz
 
 - name: Decompress znc source
-  command: tar xzf /root/znc-{{ znc_version }}.tar.gz chdir=/root creates=/root/znc-{{ znc_version }}/configure
+  unarchive: src=/root/znc-{{ znc_version }}.tar.gz
+             dest=/root copy=no
+             creates=/root/znc-{{ znc_version }}/configure
 
 - name: Build and install znc
   shell: ./configure --enable-python && make && make install executable=/bin/bash chdir=/root/znc-{{ znc_version }} creates=/usr/local/bin/znc

roles/mailserver/tasks/z-push.yml

@@ -14,16 +14,22 @@
     dest=/root/z-push-{{ zpush_version }}.tar.gz
 
 - name: Decompress z-push source
-  command: tar xzf z-push-{{ zpush_version }}.tar.gz chdir=/root creates=/root/z-push-{{ zpush_version }}
+  unarchive: src=/root/z-push-{{ zpush_version }}.tar.gz
+             dest=/root copy=no
+             creates=/root/z-push-{{ zpush_version }}
 
 - name: Create /usr/share/z-push
   file: state=directory path=/usr/share/z-push
 
 - name: Copy z-push source files to /usr/share/z-push
   shell: cp -R z-push-{{ zpush_version }}/* /usr/share/z-push/ chdir=/root
+  tags:
+    - skip_ansible_lint
 
 - name: Remove downloaded, temporary z-push source files
   shell: rm -rf z-push* chdir=/root
+  tags:
+    - skip_ansible_lint
 
 - name: Ensure z-push state and log directories are in place
   file: state=directory path={{ item }} owner=www-data group=www-data mode=755

roles/monitoring/tasks/collectd.yml

@@ -29,8 +29,9 @@
            dest=/root/collectd-{{collectd_version}}.tar.gz
 
 - name: Extract collectd
-  command: tar xzf collectd-{{collectd_version}}.tar.gz
-           chdir=/root creates=/root/collectd-{{collectd_version}}
+  unarchive: src=/root/collectd-{{collectd_version}}.tar.gz
+             dest=/root copy=no
+             creates=/root/collectd-{{collectd_version}}
 
 - name: Build and install collectd
   shell: ./configure ; make all ; make install
@@ -47,8 +48,9 @@
   when: collectd_librato_email|length > 0
 
 - name: Extract collectd-librato plugin
-  command: tar xzf collectd-librato-{{collectd_librato_version}}.tar.gz
-           chdir=/root creates=/root/collectd-librato-{{collectd_librato_version}}
+  unarchive: src=/root/collectd-librato-{{collectd_librato_version}}.tar.gz
+             dest=/root copy=no
+             creates=/root/collectd-librato-{{collectd_librato_version}}
   when: collectd_librato_email|length > 0
 
 - name: Install collectd-librato plugin

roles/news/tasks/selfoss.yml

@@ -2,6 +2,7 @@
   git: repo=https://github.com/SSilence/selfoss.git
        dest=/var/www/selfoss
        accept_hostkey=yes
+       version=master
 
 - name: Set selfoss ownership
   action: file owner=root group=www-data path=/var/www/selfoss recurse=yes state=directory
@@ -51,7 +52,7 @@
   command: mv /etc/apache2/sites-available/selfoss /etc/apache2/sites-available/selfoss.conf removes=/etc/apache2/sites-available/selfoss
 
 - name: Remove old sites-enabled/selfoss symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/selfoss removes=/etc/apache2/sites-enabled/selfoss
+  file: path=/etc/apache2/sites-enabled/selfoss state=absent
 
 - name: Configure the Apache HTTP server for selfoss
   template: src=etc_apache2_sites-available_selfoss.j2 dest=/etc/apache2/sites-available/selfoss.conf group=root owner=root

roles/owncloud/tasks/owncloud.yml

@@ -96,7 +96,7 @@
   command: mv /etc/apache2/sites-available/owncloud /etc/apache2/sites-available/owncloud.conf removes=/etc/apache2/sites-available/owncloud
 
 - name: Remove old sites-enabled/owncloud symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/owncloud removes=/etc/apache2/sites-enabled/owncloud
+  file: path=/etc/apache2/sites-enabled/owncloud state=absent
 
 - name: Configure the Apache HTTP server for ownCloud
   template: src=etc_apache2_sites-available_owncloud.j2 dest=/etc/apache2/sites-available/owncloud.conf group=root owner=root

roles/readlater/tasks/wallabag.yml

@@ -40,10 +40,14 @@
                  owner={{ wallabag_db_username }}
   notify: import wallabag sql
 
-- name: Build Composer
-  shell: curl -sS https://getcomposer.org/installer | php
-         chdir=/root
-         creates=/root/composer.phar
+- name: Get Composer installer
+  get_url: url=https://getcomposer.org/installer
+           dest=/tmp/composer-installer
+
+- name: Install Composer
+  command: php /tmp/composer-installer
+           chdir=/root
+           creates=/root/composer.phar
 
 - name: Initialize composer
   command: php /root/composer.phar install
@@ -77,7 +81,7 @@
   command: mv /etc/apache2/sites-available/wallabag /etc/apache2/sites-available/wallabag.conf removes=/etc/apache2/sites-available/wallabag
 
 - name: Remove old sites-enabled/wallabag symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/wallabag removes=/etc/apache2/sites-enabled/wallabag
+  file: path=/etc/apache2/sites-enabled/wallabag state=absent
 
 - name: Configure the Apache HTTP server for wallabag
   template: src=etc_apache2_sites-available_wallabag.j2

roles/tarsnap/tasks/tarsnap.yml

@@ -57,7 +57,9 @@
 
 - name: Decompress Tarsnap source
   when: tarnsap_installed|failed
-  command: tar xzf /root/tarsnap-autoconf-{{ tarsnap_version }}.tgz chdir=/root creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/COPYING
+  unarchive: src=/root/tarsnap-autoconf-{{ tarsnap_version }}.tgz
+             dest=/root copy=no
+             creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/COPYING
 
 - name: Configure Tarsnap for local build
   when: tarnsap_installed|failed

roles/vpn/tasks/openvpn.yml

@@ -154,6 +154,8 @@
 
 - name: Copy the ca.crt and ta.key files that clients will need in order to connect to the OpenVPN server
   command: cp {{ openvpn_path }}/{{ item[1] }} {{ openvpn_path }}/{{ item[0] }}
+  tags:
+    - skip_ansible_lint
   with_nested:
     - openvpn_clients
     - ["ca.crt", "ta.key"]

roles/webmail/tasks/roundcube.yml

@@ -3,7 +3,7 @@
   when: ansible_distribution_release == 'wheezy'
   tags:
     - dependencies
-  
+
 - name: Update apt cache for backports
   apt: update_cache=yes
   tags:
@@ -42,7 +42,9 @@
     dest=/root/carddav_{{ carddav_version }}.tar.gz
 
 - name: Decompress carddav plugin source
-  command: tar xzf carddav_{{ carddav_version }}.tar.gz chdir=/root creates=/root/rcmcarddav-carddav_{{ carddav_version }}
+  unarchive: src=/root/carddav_{{ carddav_version }}.tar.gz
+             dest=/root copy=no
+             creates=/root/rcmcarddav-carddav_{{ carddav_version }}
 
 - name: Move carddav plugin files to /usr/share/roundcube/plugins/carddav
   command: mv rcmcarddav-carddav_{{ carddav_version }} /usr/share/roundcube/plugins/carddav chdir=/root creates=/usr/share/roundcube/plugins/carddav
@@ -51,6 +53,7 @@
   git: repo=https://github.com/alexandregz/twofactor_gauthenticator.git
        dest=/usr/share/roundcube/plugins/twofactor_gauthenticator
        accept_hostkey=yes
+       version=master
 
 - name: Link plugins into /var/lib/roundcube/plugins
   file: state=link src=/usr/share/roundcube/plugins/{{ item }} dest=/var/lib/roundcube/plugins/{{ item }} force=yes
@@ -62,7 +65,7 @@
   command: mv /etc/apache2/sites-available/roundcube /etc/apache2/sites-available/roundcube.conf removes=/etc/apache2/sites-available/roundcube
 
 - name: Remove old sites-enabled/roundcube symlink (new one will be created by a2ensite)
-  command: rm /etc/apache2/sites-enabled/roundcube removes=/etc/apache2/sites-enabled/roundcube
+  file: path=/etc/apache2/sites-enabled/roundcube state=absent
 
 - name: Configure the Apache HTTP server for roundcube
   template: src=etc_apache2_sites-available_roundcube.j2 dest=/etc/apache2/sites-available/roundcube.conf group=root owner=root force=yes