mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-08 23:46:02 +02:00
ansible-lint: Forbidden implicit octal value 'xxxx'
Convert the permissions to strings to avoid octal interpretation. Signed-off-by: Leonidas Spyropoulos <artafinde@archlinux.org>
This commit is contained in:
parent
f5524d4b78
commit
3ac1bac037
|
@ -79,7 +79,7 @@
|
|||
path: '/var/lib/{{ "/".join(item) }}'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0777
|
||||
mode: '0777'
|
||||
with_nested:
|
||||
- [archbuilddest]
|
||||
- [srcdest]
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
state: directory
|
||||
owner: archive
|
||||
group: archive
|
||||
mode: 0755
|
||||
mode: '0755'
|
||||
|
||||
- name: Setup archive configuration
|
||||
template:
|
||||
|
@ -15,7 +15,7 @@
|
|||
dest: /etc/archive.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
|
||||
- name: Setup archive timer
|
||||
systemd: name=archive.timer enabled=yes state=started
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
dest: /etc/nginx/nginx.d/archive.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Reload nginx
|
||||
tags: ['nginx']
|
||||
|
@ -21,4 +21,4 @@
|
|||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
mode: '0755'
|
||||
|
|
|
@ -263,7 +263,7 @@
|
|||
state: touch
|
||||
owner: "{{ aurweb_user }}"
|
||||
group: http
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
when: git.changed
|
||||
|
||||
- name: Create git repo dir
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
state: directory
|
||||
owner: borg
|
||||
group: borg
|
||||
mode: 0700
|
||||
mode: '0700'
|
||||
|
||||
- name: Create the root backup directory at {{ backup_dir }}
|
||||
file:
|
||||
|
@ -20,7 +20,7 @@
|
|||
state: directory
|
||||
owner: borg
|
||||
group: borg
|
||||
mode: 0700
|
||||
mode: '0700'
|
||||
with_items: "{{ backup_clients }}"
|
||||
|
||||
- name: Fetch ssh keys from each borg client machine
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
state: "directory"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0755
|
||||
mode: '0755'
|
||||
|
||||
- name: Install systemd unit override file
|
||||
template:
|
||||
|
@ -19,7 +19,7 @@
|
|||
dest: "/etc/systemd/system/fail2ban.service.d/override.conf"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
|
||||
- name: Install local config files
|
||||
template:
|
||||
|
@ -27,7 +27,7 @@
|
|||
dest: "/etc/fail2ban/{{ item }}"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
with_items:
|
||||
- "fail2ban.local"
|
||||
- "jail.local"
|
||||
|
@ -40,7 +40,7 @@
|
|||
dest: "/etc/fail2ban/action.d/firewallcmd-allports.local"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Restart fail2ban
|
||||
|
||||
|
@ -51,7 +51,7 @@
|
|||
dest: "/etc/fail2ban/jail.d/sshd.local"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Reload fail2ban jails
|
||||
|
||||
|
@ -62,7 +62,7 @@
|
|||
dest: "/etc/fail2ban/jail.d/postfix.local"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Reload fail2ban jails
|
||||
|
||||
|
@ -73,7 +73,7 @@
|
|||
dest: "/etc/fail2ban/jail.d/dovecot.local"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Reload fail2ban jails
|
||||
|
||||
|
@ -84,7 +84,7 @@
|
|||
dest: "/etc/fail2ban/jail.d/nginx-limit-req.local"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Reload fail2ban jails
|
||||
|
||||
|
|
|
@ -99,7 +99,7 @@
|
|||
blockinfile:
|
||||
path: /root/.ssh/config
|
||||
create: true
|
||||
mode: 0600
|
||||
mode: '0600'
|
||||
block: |
|
||||
Host {{ storagebox_hostname }}
|
||||
User {{ backup_client_usernames[item] }}
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
get_url:
|
||||
url: "{{ item }}"
|
||||
dest: /tmp/
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
loop:
|
||||
- https://geo.mirror.pkgbuild.com/iso/{{ bootstrap_version }}/archlinux-bootstrap-x86_64.tar.gz
|
||||
- https://archlinux.org/iso/{{ bootstrap_version }}/archlinux-bootstrap-x86_64.tar.gz.sig
|
||||
|
@ -151,7 +151,7 @@
|
|||
path: /mnt/etc/default/grub
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
|
||||
line: "GRUB_CMDLINE_LINUX_DEFAULT=\"rootflags=compress-force=zstd\""
|
||||
when: filesystem == "btrfs"
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
password: "{{ vault_keycloak_nginx_passwd }}"
|
||||
owner: root
|
||||
group: http
|
||||
mode: 0640
|
||||
mode: '0640'
|
||||
|
||||
- name: Create ssl cert
|
||||
include_role:
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
dest: "{{ service_nginx_conf }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify: Reload nginx
|
||||
when: service_nginx_template is not defined and maintenance is defined and maintenance | bool
|
||||
|
||||
|
@ -24,7 +24,7 @@
|
|||
dest: "{{ service_nginx_conf }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
notify: Reload nginx
|
||||
when: service_nginx_template is defined and maintenance is defined and maintenance | bool
|
||||
|
||||
|
@ -34,7 +34,7 @@
|
|||
dest: "{{ maintenance_http_dir }}/{{ service_domain }}/503.html"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
mode: '0644'
|
||||
when: maintenance is defined and maintenance | bool
|
||||
|
||||
- name: Force reload nginx
|
||||
|
|
|
@ -238,7 +238,7 @@
|
|||
dest: /etc/synapse/{{ matrix_server_name }}.signing.key
|
||||
owner: root
|
||||
group: synapse
|
||||
mode: 0640
|
||||
mode: '0640'
|
||||
|
||||
- name: Install ircpass key # noqa template-instead-of-copy
|
||||
copy:
|
||||
|
@ -246,7 +246,7 @@
|
|||
dest: /etc/synapse/{{ matrix_server_name }}.ircpass.key
|
||||
owner: root
|
||||
group: synapse
|
||||
mode: 0640
|
||||
mode: '0640'
|
||||
|
||||
- name: Make nginx log dir
|
||||
file: path=/var/log/nginx/{{ matrix_domain }} state=directory owner=root group=root mode=0755
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
group: postgres
|
||||
attributes: "+C"
|
||||
path: /var/lib/postgres/data
|
||||
mode: 0700
|
||||
mode: '0700'
|
||||
when: filesystem == "btrfs"
|
||||
|
||||
- name: Initialize postgres
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
insertafter: '^# %wheel ALL=\(ALL\) ALL'
|
||||
line: '%wheel ALL=(ALL) ALL'
|
||||
validate: 'visudo -cf %s'
|
||||
mode: 0440
|
||||
mode: '0440'
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
|
@ -32,6 +32,6 @@
|
|||
insertafter: '^# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
|
||||
line: 'Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/bin"'
|
||||
validate: 'visudo -cf %s'
|
||||
mode: 0440
|
||||
mode: '0440'
|
||||
owner: root
|
||||
group: root
|
||||
|
|
Loading…
Reference in New Issue