ansible-lint styling fixes

.ansible-lint

@@ -3,6 +3,9 @@
 warn_list:
   - "106" # Role name {} does not match ``^[a-z][a-z0-9_]+$`` pattern
 
+skip_list:
+  - fqcn[action-core]
+
 exclude_paths:
   - tests
   - molecule

defaults/main.yml

@@ -5,7 +5,7 @@ haproxy_bind_nonlocal_ip: true
 haproxy_ip_forward: true
 
 # Common
-haproxy_mode: system  # or docker
+haproxy_mode: system # or docker
 haproxy_firewalld: true
 haproxy_selinux: true
 haproxy_apt_backports: false
@@ -85,7 +85,7 @@ haproxy_default_errorfiles:
 
 # Stats
 haproxy_stats: true
-haproxy_stats_address: '*'
+haproxy_stats_address: "*"
 haproxy_stats_port: 9001
 haproxy_stats_ssl: false
 haproxy_stats_auth: true
@@ -110,7 +110,7 @@ haproxy_stats_timeouts:
 haproxy_ssl_certificate: /etc/ssl/uoi.io/uoi.io.pem
 haproxy_ssl_options: no-sslv3 no-tls-tickets force-tlsv12
 haproxy_ssl_ciphers: AES128+EECDH:AES128+EDH
-haproxy_ssl: 'ssl crt {{ haproxy_ssl_certificate }} ciphers {{ haproxy_ssl_ciphers }} {{ haproxy_ssl_options }}'
+haproxy_ssl: "ssl crt {{ haproxy_ssl_certificate }} ciphers {{ haproxy_ssl_ciphers }} {{ haproxy_ssl_options }}"
 
 # Frontend
 haproxy_frontend: []
@@ -136,8 +136,8 @@ haproxy_docker_ports:
   - "8443:8443"
   - "{{ haproxy_stats_port }}:{{ haproxy_stats_port }}"
 haproxy_docker_sysctls:
-  net.ipv4.ip_nonlocal_bind: "{{ 1 if haproxy_bind_nonlocal_ip|bool else 0 }}"
-  net.ipv4.ip_forward: "{{ 1 if haproxy_ip_forward|bool else 0 }}"
+  net.ipv4.ip_nonlocal_bind: "{{ 1 if haproxy_bind_nonlocal_ip | bool else 0 }}"
+  net.ipv4.ip_forward: "{{ 1 if haproxy_ip_forward | bool else 0 }}"
   net.core.somaxconn: 4096
   net.ipv4.tcp_syncookies: 1
 haproxy_docker_ulimits:

handlers/main.yml

@@ -1,12 +1,12 @@
 ---
 # file: roles/haproxy/handlers/main.yml
-- name: restart haproxy
+- name: Restart haproxy
   ansible.builtin.service:
     name: "{{ haproxy_service }}"
     state: restarted
   when: haproxy_mode == "system"
 
-- name: reload haproxy
+- name: Reload haproxy
   ansible.builtin.service:
     name: "{{ haproxy_service }}"
     state: reloaded

meta/main.yml

@@ -7,16 +7,16 @@ galaxy_info:
   company: InCloudUs
   issue_tracker_url: https://github.com/uoi-io/ansible-haproxy/issues
   license: Apache
-  min_ansible_version: 2.8
+  min_ansible_version: "2.8"
   github_branch: master
   platforms:
     - name: EL
       versions:
-        - 7
-        - 8
+        - "7"
+        - "8"
     - name: Fedora
       versions:
-        - 32
+        - "32"
     - name: Ubuntu
       versions:
         - xenial

tasks/config.yml

@@ -7,4 +7,4 @@
     mode: "0640"
     # FIXME: find a way to validate in Docker mode
     # validate: "{{ haproxy_bin }} -f %s -c"
-  notify: reload haproxy
+  notify: Reload haproxy

tasks/docker.yml

@@ -1,6 +1,6 @@
 ---
 - name: HAProxy - run a Docker container
-  docker_container:
+  community.docker.docker_container:
     # common settings
     name: "{{ haproxy_docker_name }}"
     hostname: "{{ inventory_hostname }}"
@@ -26,7 +26,7 @@
     ports: "{{ haproxy_docker_ports }}"
     purge_networks: true
     # persistent volumes
-    volumes: "{{ haproxy_docker_volumes | default([haproxy_config+':/usr/local/etc/haproxy/haproxy.cfg:ro']) }}"
+    volumes: "{{ haproxy_docker_volumes | default([haproxy_config + ':/usr/local/etc/haproxy/haproxy.cfg:ro']) }}"
     # runtime settings
     etc_hosts: >
       {
@@ -38,7 +38,7 @@
 
 # TODO: keep docker_container module support for Ansible < 2.10
 - name: HAProxy - run a Docker container (old style)
-  docker_container:
+  community.docker.docker_container:
     # common settings
     name: "{{ haproxy_docker_name }}"
     hostname: "{{ inventory_hostname }}"
@@ -64,7 +64,7 @@
     ports: "{{ haproxy_docker_ports }}"
     purge_networks: true
     # persistent volumes
-    volumes: "{{ haproxy_docker_volumes | default([haproxy_config+':/usr/local/etc/haproxy/haproxy.cfg:ro']) }}"
+    volumes: "{{ haproxy_docker_volumes | default([haproxy_config + ':/usr/local/etc/haproxy/haproxy.cfg:ro']) }}"
     # runtime settings
     etc_hosts: >
       {

tasks/firewall.yml

@@ -4,8 +4,8 @@
 #       collection. This feature will be removed from community.general in version
 #       2.0.0.
 - name: HAproxy firewalld rule
-  firewalld:
-    port: '{{ item }}'
+  ansible.posix.firewalld:
+    port: "{{ item }}"
     permanent: true
     state: enabled
     immediate: true

tasks/install-Generic.yml

@@ -3,12 +3,12 @@
 - name: "RedHat | Install basic repo file"
   ansible.builtin.yum_repository:
     name: "{{ item.name }}"
-    description: "{{ item.description  | default(omit) }}"
+    description: "{{ item.description | default(omit) }}"
     baseurl: "{{ item.baseurl }}"
-    gpgcheck: "{{ item.gpgcheck  | default(omit) }}"
-    gpgkey: "{{ item.gpgkey  | default(omit) }}"
+    gpgcheck: "{{ item.gpgcheck | default(omit) }}"
+    gpgkey: "{{ item.gpgkey | default(omit) }}"
     repo_gpgcheck: "{{ item.repo_gpgcheck | default(omit) }}"
-    file: "{{ item.file  | default(omit) }}"
+    file: "{{ item.file | default(omit) }}"
     skip_if_unavailable: "{{ item.skip_if_unavailable | default(omit) }}"
     priority: "{{ item.priority | default('99') }}"
     enabled: "{{ item.enabled | default(true) }}"

tasks/install.yml

@@ -1,8 +1,10 @@
 ---
-- include_tasks: install-Debian.yml
+- name: Include Debian tasks
+  include_tasks: install-Debian.yml
   when: ansible_os_family == 'Debian'
 
-- include_tasks: install-Generic.yml
+- name: Include Generic tasks
+  include_tasks: install-Generic.yml
   when: ansible_os_family != 'Debian'
 
 - name: Enabling and starting HAproxy service

tasks/main.yml

@@ -11,25 +11,31 @@
     - haproxy-sysctl
   when: haproxy_mode == "system"
 
-- include_tasks: install.yml
+- name: Install
+  include_tasks: install.yml
   tags: [haproxy, haproxy-install]
   when: haproxy_mode == "system"
 
-- include_tasks: firewall.yml
+- name: Firewall
+  include_tasks: firewall.yml
   tags: [haproxy, haproxy-firewall]
   when: haproxy_firewalld | bool
 
-- include_tasks: selinux.yml
+- name: SELinux
+  include_tasks: selinux.yml
   tags: [haproxy, haproxy-selinux]
   when: haproxy_selinux | bool
 
-- include_tasks: config.yml
+- name: Config
+  include_tasks: config.yml
   tags: [haproxy, haproxy-config]
 
-- include_tasks: sysctl.yml
+- name: Sysctl
+  include_tasks: sysctl.yml
   tags: [haproxy, haproxy-sysctl]
   when: haproxy_mode == "system"
 
-- include_tasks: docker.yml
+- name: Docker
+  include_tasks: docker.yml
   tags: [haproxy, haproxy-docker]
   when: haproxy_mode == "docker"

tasks/selinux.yml

@@ -1,14 +1,14 @@
 ---
 # file: roles/haproxy/tasks/selinux.yml
 - name: Allowing HAproxy to listen on some TCP ports
-  seport:
+  community.general.seport:
     ports: "{{ haproxy_stats_port }}"
     proto: tcp
     setype: tor_port_t
     state: present
 
 - name: Enabling SELinux booleans for HAproxy
-  seboolean:
+  ansible.posix.seboolean:
     name: haproxy_connect_any
     state: true
     persistent: true

tasks/sysctl.yml

@@ -1,20 +1,20 @@
 ---
 # file: roles/haproxy/tasks/sysctl.yml
 - name: Enabling/Disabling net.ipv4.ip_nonlocal_bind option
-  sysctl:
+  ansible.posix.sysctl:
     name: net.ipv4.ip_nonlocal_bind
-    value: '1'
+    value: "1"
     sysctl_file: /etc/sysctl.d/10-ip_nonlocal_bind.conf
     sysctl_set: true
     reload: true
     state: present
-  notify: restart haproxy
+  notify: Restart haproxy
   when: haproxy_bind_nonlocal_ip | bool
 
 - name: Enabling/Disabling net.ipv4.ip_forward option
-  sysctl:
+  ansible.posix.sysctl:
     name: net.ipv4.ip_forward
-    value: '1'
+    value: "1"
     sysctl_file: /etc/sysctl.d/10-ip_forward.conf
     sysctl_set: true
     reload: true