Fix all 300+ ansible-lint-reported errors

2023-03-07 17:28:10 +02:00
parent bf95204860
commit dddfee16bc
98 changed files with 942 additions and 895 deletions
--- a/roles/custom/matrix-nginx-proxy/tasks/main.yml
+++ b/roles/custom/matrix-nginx-proxy/tasks/main.yml
@ -29,13 +29,13 @@
    - install-all
    - install-nginx-proxy

- block:
-    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
-  tags:
+- tags:
    - self-check
+  block:
+    - ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"

 - name: Mark matrix-nginx-proxy role as executed
-  ansible.builtin.set_fact:
-    matrix_nginx_proxy_role_executed: true
  tags:
    - always
+  ansible.builtin.set_fact:
+    matrix_nginx_proxy_role_executed: true
--- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml
+++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml
@ -51,6 +51,7 @@
    --agree-tos
    --email={{ matrix_ssl_lets_encrypt_support_email }}
    -d {{ domain_name }}
+  changed_when: true
  when: domain_name_needs_cert | bool
  register: result_certbot_direct
  ignore_errors: true
@ -81,6 +82,7 @@
    --agree-tos
    --email={{ matrix_ssl_lets_encrypt_support_email }}
    -d {{ domain_name }}
+  changed_when: true
  when: "domain_name_needs_cert and result_certbot_direct.failed"
  register: result_certbot_proxy
  ignore_errors: true
--- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml
+++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml
@ -28,16 +28,19 @@
 #
 # We'll do it in a more manual way.
 - name: Generate SSL certificate
-  ansible.builtin.command: |
-    openssl req -x509 \
-    -sha256 \
-    -newkey rsa:4096 \
-    -nodes \
-    -subj "/CN={{ domain_name }}" \
-    -keyout {{ matrix_ssl_certificate_cert_key_path }} \
-    -out {{ matrix_ssl_certificate_cert_path }} \
-    -days 3650
  when: "not matrix_ssl_certificate_cert_path_stat_result.stat.exists"
+  ansible.builtin.command:
+    cmd: |
+      openssl req -x509 \
+      -sha256 \
+      -newkey rsa:4096 \
+      -nodes \
+      -subj "/CN={{ domain_name }}" \
+      -keyout {{ matrix_ssl_certificate_cert_key_path }} \
+      -out {{ matrix_ssl_certificate_cert_path }} \
+      -days 3650
+    # Well, this creates 2 files, but Ansible can only check 1.
+    creates: "{{ matrix_ssl_certificate_cert_path }}"

 - name: Adjust SSL certificate file ownership
  ansible.builtin.file: