chore: Clean up some ansible-lint warnings and errors

Signed-off-by: Devin Buhl <devin@buhl.casa>

.github/linters/.ansible-lint

@@ -1,3 +1,9 @@
 # .ansible-lint
+skip_list:
+  - yaml[line-length]
+  - var-naming
 warn_list:
-  - unnamed-task
+  - command-instead-of-shell
+  - deprecated-command-syntax
+  - experimental
+  - no-changed-when

ansible/kubernetes/playbooks/cluster-home-dns.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Cluster Home DNS
+  hosts:
     - k8s-0
   become: true
   gather_facts: true

ansible/kubernetes/playbooks/cluster-installation.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Cluster Installation
+  hosts:
     - master
     - worker
   become: true
@@ -34,6 +35,7 @@
       ansible.builtin.template:
         src: audit-policy.yaml.j2
         dest: /var/lib/rancher/k3s/audit-policy.yaml
+        mode: 0755
 
     - name: Install Kubernetes
       ansible.builtin.include_role:

ansible/kubernetes/playbooks/cluster-nuke.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Cluster Nuke
+  hosts:
     - master
     - worker
   become: true

ansible/kubernetes/playbooks/cluster-prepare.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Cluster Prepare
+  hosts:
     - master
     - worker
   become: true
@@ -90,6 +91,7 @@
             service: fstrim.timer
             enabled: true
     - name: System Configuration (2)
+      notify: Reboot
       block:
         - name: System Configuration (2) | Enable kernel modules now
           community.general.modprobe:
@@ -143,7 +145,6 @@
             - grub2-mkconfig -o /boot/grub2/grub.cfg
             - dracut --force --regenerate-all -v
           when: grub_status.changed
-      notify: Reboot
 
   handlers:
     - name: Reboot

ansible/kubernetes/playbooks/cluster-rook-nuke.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Cluster Rook-Ceph
+  hosts:
     - worker
   become: true
   gather_facts: true
@@ -10,6 +11,7 @@
         seconds: 2
   tasks:
     - name: Reset disks
+      ignore_errors: true
       block:
         - name: Remove /var/lib/rook
           ansible.builtin.file:
@@ -33,4 +35,3 @@
             wipefs --all --force {{ item }}
           with_items:
             - "{{ rook_devices | default([]) }}"
-      ignore_errors: true

ansible/kvm/playbooks/setup.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: PiKVM
+  hosts:
     - pikvm
   become: true
   gather_facts: true
@@ -13,7 +14,8 @@
       tags: always
 
   tasks:
-    - block:
+    - name: Configure OS
+      block:
         - name: Set timezone
           community.general.timezone:
             name: "{{ timezone | default('America/New_York') }}"
@@ -29,7 +31,9 @@
         - name: Mount read-only
           ansible.builtin.command: /usr/local/bin/ro
 
-    - block:
+    - name: Disable SSL
+      notify: Restart kvmd-nginx
+      block:
         - name: Disable SSL
           ansible.builtin.template:
             src: nginx.conf.j2
@@ -38,9 +42,10 @@
       rescue:
         - name: Mount read-only
           ansible.builtin.command: /usr/local/bin/ro
-      notify: Restart kvmd-nginx
 
-    - block:
+    - name: Configure PiKVM
+      notify: Restart kvmd
+      block:
         - name: Create kvmd override configuration
           ansible.builtin.template:
             src: override.yaml.j2
@@ -54,7 +59,6 @@
       rescue:
         - name: Mount read-only
           ansible.builtin.command: /usr/local/bin/ro
-      notify: Restart kvmd
 
   post_tasks:
     - name: Mount read-only

ansible/router/ansible.cfg

@@ -7,7 +7,7 @@ force_valid_group_names     = ignore
 # File/Directory settings
 log_path                    = ~/.ansible/ansible.log
 inventory                   = ./inventory
-roles_path                  = ~/.ansible/roles:./roles
+roles_path                  = ~/.ansible/roles:./playbooks/roles
 collections_path            = ~/.ansible/collections
 remote_tmp                  = /tmp/.ansible/tmp
 local_tmp                   = ~/.ansible/tmp

ansible/router/playbooks/apps.yml

@@ -1,13 +1,17 @@
 ---
-- hosts:
+- name: Configure Opnsense
+  hosts:
     - opnsense
   become: false
   gather_facts: false
   any_errors_fatal: true
   roles:
-    - role: "adguardhome.router"
+    - name: Deploy Adguard Home
+      role: "adguardhome.router"
       tags: [adguardhome]
-    - role: "coredns.router"
+    - name: Deploy k8s_gateway
+      role: "coredns.router"
       tags: [coredns]
-    - role: "frr_exporter.router"
+    - name: Deploy FRR Exporter
+      role: "frr_exporter.router"
       tags: [frr_exporter]

ansible/router/roles/adguardhome.router/tasks/main.yml → ansible/router/playbooks/roles/adguardhome.router/tasks/main.yml

@@ -15,11 +15,17 @@
   changed_when: false
   register: adguardhome_version_check
 
-- block:
+- name: Download Adguard Home
+  notify: Restart adguardhome
+  when: >
+    adguardhome_version_check.stdout is not defined
+    or adguardhome_version not in adguardhome_version_check.stdout
+  block:
     - name: Download AdGuard Home
       ansible.builtin.get_url:
         url: "{{ adguardhome_download_url }}"
         dest: "/tmp/adguardhome-{{ adguardhome_version }}-freebsd-amd64.tar.gz"
+        mode: 0755
     - name: Extract AdGuard Home
       ansible.builtin.shell:
         cmd: >-
@@ -31,18 +37,16 @@
         dest: /usr/local/sbin/adguardhome
         mode: 0755
         remote_src: true
-  when: >
-    adguardhome_version_check.stdout is not defined
-    or adguardhome_version not in adguardhome_version_check.stdout
-  notify: Restart adguardhome
 
 - name: Create AdGuard Home log rotation config
   ansible.builtin.template:
     src: adguardhome/adguardhome-newsyslog.conf.j2
     dest: /etc/newsyslog.conf.d/adguardhome
     mode: 0755
 
-- block:
+- name: Configure Adguard Home
+  notify: Restart adguardhome
+  block:
     - name: Create AdGuard Home rc.conf script
       ansible.builtin.template:
         src: adguardhome/adguardhome-rc.conf.j2
@@ -63,4 +67,3 @@
         src: adguardhome/99-adguardhome.j2
         dest: /usr/local/etc/rc.syshook.d/start/99-adguardhome
         mode: 0755
-  notify: Restart adguardhome

ansible/router/roles/coredns.router/tasks/main.yml → ansible/router/playbooks/roles/coredns.router/tasks/main.yml

@@ -15,11 +15,17 @@
   changed_when: false
   register: coredns_version_check
 
-- block:
+- name: Download k8s_gateway
+  notify: Restart coredns
+  when: >
+    coredns_version_check.stdout is not defined
+    or coredns_version[1:] not in coredns_version_check.stdout
+  block:
     - name: Download CoreDNS
       ansible.builtin.get_url:
         url: "{{ coredns_download_url }}"
         dest: "/tmp/k8s_gateway_{{ coredns_version }}_freebsd_amd64.tar.gz"
+        mode: 0755
     - name: Extract CoreDNS
       ansible.builtin.shell:
         cmd: >-
@@ -31,22 +37,21 @@
         dest: /usr/local/sbin/coredns
         mode: 0755
         remote_src: true
-  when: >
-    coredns_version_check.stdout is not defined
-    or coredns_version[1:] not in coredns_version_check.stdout
-  notify: Restart coredns
 
 - name: Create CoreDNS log rotation config
   ansible.builtin.template:
     src: coredns/coredns-newsyslog.conf.j2
     dest: /etc/newsyslog.conf.d/coredns
     mode: 0755
 
-- block:
+- name: Configure k8s_gateway
+  notify: Restart coredns
+  block:
     - name: Copy kubeconfig
       ansible.builtin.copy:
         src: "{{ playbook_dir }}/../../../cluster/local/kubeconfig-homedns"
         dest: /usr/local/etc/coredns/kubeconfig
+        mode: 0755
     - name: Create Corefile
       ansible.builtin.template:
         src: coredns/Corefile.j2
@@ -72,4 +77,3 @@
         src: coredns/99-coredns.j2
         dest: /usr/local/etc/rc.syshook.d/start/99-coredns
         mode: 0755
-  notify: Restart coredns

ansible/router/roles/frr_exporter.router/tasks/main.yml → ansible/router/playbooks/roles/frr_exporter.router/tasks/main.yml

@@ -15,11 +15,17 @@
   changed_when: false
   register: frr_exporter_version_check
 
-- block:
+- name: Download frr-exporter
+  notify: Restart frr_exporter
+  when: >
+    frr_exporter_version_check.stdout is not defined
+    or frr_exporter_version[1:] not in frr_exporter_version_check.stdout
+  block:
     - name: Download frr_exporter
       ansible.builtin.get_url:
         url: "{{ frr_exporter_download_url }}"
         dest: "/tmp/frr_exporter_{{ frr_exporter_version }}_freebsd_amd64.tar.gz"
+        mode: 0755
     - name: Extract frr_exporter
       ansible.builtin.shell:
         cmd: >-
@@ -31,12 +37,10 @@
         dest: /usr/local/sbin/frr_exporter
         mode: 0755
         remote_src: true
-  when: >
-    frr_exporter_version_check.stdout is not defined
-    or frr_exporter_version[1:] not in frr_exporter_version_check.stdout
-  notify: Restart frr_exporter
 
-- block:
+- name: Configure frr-exporter
+  notify: Restart frr_exporter
+  block:
     - name: Create frr_exporter rc.conf script
       ansible.builtin.template:
         src: frr_exporter/frr_exporter-rc.conf.j2
@@ -57,4 +61,3 @@
         src: frr_exporter/99-frr_exporter.j2
         dest: /usr/local/etc/rc.syshook.d/start/99-frr_exporter
         mode: 0755
-  notify: Restart frr_exporter

ansible/router/playbooks/setup.yml

@@ -1,5 +1,6 @@
 ---
-- hosts:
+- name: Opnsense
+  hosts:
     - opnsense
   become: false
   gather_facts: false

ansible/storage/ansible.cfg

@@ -7,7 +7,7 @@ force_valid_group_names     = ignore
 # File/Directory settings
 log_path                    = ~/.ansible/ansible.log
 inventory                   = ./inventory
-roles_path                  = ~/.ansible/roles:./roles
+roles_path                  = ~/.ansible/roles:./playbooks/roles
 collections_path            = ~/.ansible/collections
 remote_tmp                  = ~/.ansible/tmp
 local_tmp                   = ~/.ansible/tmp

ansible/storage/playbooks/apps.yml

@@ -1,12 +1,13 @@
 ---
-- hosts:
+- name: Storage
+  hosts:
     - storage
   become: true
   gather_facts: true
   any_errors_fatal: true
   pre_tasks:
     - name: Pausing for 5 seconds...
-      pause:
+      ansible.builtin.pause:
         seconds: 5
   roles:
     - role: geerlingguy.pip

ansible/storage/playbooks/os.yml

@@ -1,12 +1,13 @@
 ---
-- hosts:
+- name: OS
+  hosts:
     - storage
   become: true
   gather_facts: true
   any_errors_fatal: true
   pre_tasks:
     - name: Pausing for 5 seconds...
-      pause:
+      ansible.builtin.pause:
         seconds: 5
   roles:
     - os.storage

ansible/storage/roles/apps.storage/tasks/kopia.yml → ansible/storage/playbooks/roles/apps.storage/tasks/kopia.yml

@@ -12,7 +12,9 @@
     - "{{ docker_base_dir }}/kopia/config"
     - "{{ docker_base_dir }}/kopia/logs"
 
-- block:
+- name: Deploy Kopia
+  notify: Restart kopia
+  block:
     - name: Create kopia docker compose file
       ansible.builtin.template:
         src: kopia/docker-compose.yml.j2
@@ -27,4 +29,3 @@
         mode: 0644
       vars:
         condition_path_is_mount_point: "/"
-  notify: Restart kopia

ansible/storage/playbooks/roles/apps.storage/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+- name: Create default directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ ansible_user }}"
+    group: users
+    mode: 0775
+  loop:
+    - "{{ docker_base_dir }}"
+  tags:
+    - always
+
+# Manage Docker installation
+- name: Deploy Docker
+  ansible.builtin.import_tasks: docker.yml
+
+# Manage applications
+# - ansible.builtin.import_tasks: kopia.yml
+- name: Deploy Node Exporter
+  ansible.builtin.import_tasks: node-exporter.yml
+# - ansible.builtin.import_tasks: smartctl-exporter.yml
+- name: Deploy Vector
+  ansible.builtin.import_tasks: vector.yml