WIP: ci

.ansible-lint

@@ -0,0 +1,6 @@
+skip_list:
+  - "yaml[line-length]"
+  - "name[casing]"
+
+exclude_paths:
+  - .forgejo/

.editorconfig

@@ -0,0 +1,15 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+charset = utf-8
+
+[*.md]
+indent_size = 2
+trim_trailing_whitespace = false
+
+[*.yaml]
+indent_size = 2

.forgejo/workflows/lint.yaml

@@ -0,0 +1,19 @@
+# Links & Resources:
+# https://github.com/ansible/ansible-lint?tab=readme-ov-file#using-ansible-lint-as-a-github-action
+on:
+  pull_request:
+  push:
+
+jobs:
+  ansible-lint:
+    name: Ansible Lint
+    runs-on: docker
+    steps:
+      - uses: actions/checkout@v4
+      - name: miau
+        run: |
+          apt update
+      - name: Run ansible-lint
+        uses: https://github.com/ansible/ansible-lint@main
+        with:
+          setup_python: "false"

.yamllint.yaml

@@ -0,0 +1,6 @@
+rules:
+  brackets:
+    min-spaces-inside: 1
+    max-spaces-inside: 1
+    min-spaces-inside-empty: 1
+    max-spaces-inside-empty: 1

playbooks/files/chaosknoten/configs/grafana/docker_compose/grafana-datasource.yml

@@ -7,4 +7,3 @@ datasources:
     isDefault: true
     access: proxy
     editable: true
-

playbooks/roles/deploy_ssh_server_config/tasks/main.yaml

@@ -7,7 +7,7 @@
       ansible.builtin.template:
         force: true
         dest: /etc/ssh/sshd_config
-      mode: 0644
+        mode: "0644"
         owner: root
         group: root
         src: sshd_config.j2

playbooks/roles/infrastructure_authorized_keys/tasks/main.yaml

@@ -4,4 +4,3 @@
     user: chaos
     exclusive: true
     key: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys
-    

playbooks/roles/nginx/tasks/main/config_deploy.yaml

@@ -7,11 +7,11 @@
   when: nginx__use_custom_nginx_conf
   block:
     - name: when no `nginx.conf.ansiblesave` is present, save the current `nginx.conf`
-      when: nginx__nginx_conf_ansiblesave_stat_result.stat.exists == false
+      when: not nginx__nginx_conf_ansiblesave_stat_result.stat.exists
       ansible.builtin.copy:
         force: true
         dest: /etc/nginx/nginx.conf.ansiblesave
-        mode: 0644
+        mode: "0644"
         owner: root
         group: root
         remote_src: true
@@ -22,7 +22,7 @@
       ansible.builtin.copy:
         content: "{{ nginx__custom_nginx_conf }}"
         dest: "/etc/nginx/nginx.conf"
-        mode: 0644
+        mode: "0644"
         owner: root
         group: root
       become: true
@@ -36,7 +36,7 @@
       ansible.builtin.copy:
         force: true
         dest: /etc/nginx/nginx.conf
-        mode: 0644
+        mode: "0644"
         owner: root
         group: root
         remote_src: true
@@ -55,7 +55,7 @@
   ansible.builtin.get_url:
     force: true
     dest: /etc/nginx-mozilla-dhparam
-    mode: 0644
+    mode: "0644"
     url: https://ssl-config.mozilla.org/ffdhe2048.txt
   become: true
   notify: Restart `nginx.service`
@@ -71,7 +71,7 @@
       ansible.builtin.copy:
         force: true
         dest: /etc/nginx/conf.d/tls.conf
-        mode: 0644
+        mode: "0644"
         owner: root
         group: root
         src: tls.conf
@@ -89,7 +89,7 @@
       ansible.builtin.copy:
         force: true
         dest: /etc/nginx/conf.d/redirect.conf
-        mode: 0644
+        mode: "0644"
         owner: root
         group: root
         src: redirect.conf
@@ -104,7 +104,7 @@
   ansible.builtin.copy:
     content: "{{ item.content }}"
     dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
-    mode: 0644
+    mode: "0644"
     owner: root
     group: root
   become: true