majic-ansible-roles Changeset

Changeset - 7cabc17c71c3

Parent rev.

Child rev.

[Not reviewed]

0 30 0

Branko Majic (branko) - 16 days ago 2024-09-03 14:53:33
branko@majic.rs

MAR-218: Quote all octal values in YAML files:

- Fixes linting errors, and ensures there is no ambiguity in case of
YAML specification changes.

30 files changed with 196 insertions and 196 deletions:

roles/backup/handlers/main.yml

roles/backup/tasks/main.yml

roles/backup_client/handlers/main.yml

roles/backup_client/molecule/default/converge.yml

roles/backup_client/molecule/default/prepare.yml

roles/backup_client/tasks/main.yml

roles/backup_server/tasks/main.yml

roles/bootstrap/tasks/main.yml

roles/common/molecule/default/converge.yml

roles/common/molecule/default/prepare.yml

roles/common/tasks/main.yml

roles/database/tasks/backup.yml

roles/database_server/tasks/main.yml

roles/ldap_client/tasks/main.yml

roles/ldap_server/molecule/default/prepare.yml

roles/ldap_server/tasks/backup.yml

roles/ldap_server/tasks/main.yml

roles/mail_forwarder/molecule/default/prepare.yml

roles/mail_forwarder/tasks/main.yml

roles/mail_server/molecule/default/prepare.yml

roles/mail_server/tasks/main.yml

roles/php_website/molecule/default/converge.yml

roles/php_website/tasks/main.yml

roles/preseed/tasks/main.yml

roles/web_server/molecule/default/prepare.yml

roles/web_server/tasks/main.yml

roles/wsgi_website/molecule/default/converge.yml

roles/wsgi_website/tasks/main.yml

roles/xmpp_server/molecule/default/prepare.yml

roles/xmpp_server/tasks/main.yml

0 comments (0 inline, 0 general)

roles/backup/handlers/main.yml

➞

Show inline comments

@@ @@ -6,5 +6,5 @@ @@
     src: "/etc/duply/main/patterns"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
     backup: true

roles/backup/tasks/main.yml

➞

Show inline comments

@@ @@ -6,7 +6,7 @@ @@
     dest: "/etc/duply/main/patterns/{{ backup_patterns_filename }}"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   notify:
     - Assemble Duply include patterns

roles/backup_client/handlers/main.yml

➞

Show inline comments

@@ @@ -15,7 +15,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
 - name: Import private keys  # noqa no-changed-when
   # [no-changed-when] Commands should not change things if nothing needs doing

roles/backup_client/molecule/default/converge.yml

➞

Show inline comments

@@ @@ -18,4 +18,4 @@ @@
         dest: /etc/duply/main/pre.d/10-test-pre-backup.sh
         owner: root
         group: root
         mode: 0700
+        mode: "0700"

roles/backup_client/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -26,7 +26,7 @@ @@
         dest: "{{ item.value }}"
         owner: root
         group: root
         mode: 0600
+        mode: "0600"
       with_dict:
         tests/data/ssh/server_rsa: /etc/ssh/ssh_host_rsa_key
         tests/data/ssh/server_ed25519: /etc/ssh/ssh_host_ed25519_key
@@ @@ -56,7 +56,7 @@ @@
         dest: "/etc/ssh/sshd_config.d/chroot_backup_users.conf"
         owner: root
         group: root
         mode: 0600
+        mode: "0600"
       notify:
         - Restart ssh
@@ @@ -96,7 +96,7 @@ @@
         state: directory
         owner: root
         group: root
         mode: 0755
+        mode: "0755"
       with_items: "{{ backup_users }}"
     - name: Set-up duplicity backup directories
@@ @@ -105,7 +105,7 @@ @@
         state: directory
         owner: root
         group: backup-users
         mode: 0770
+        mode: "0770"
       with_items: "{{ backup_users }}"
   handlers:

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -13,7 +13,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
   with_items:
     - "/etc/duply"
     - "/etc/duply/main"
@@ @@ -29,7 +29,7 @@ @@
     dest: "/etc/duply/main/private_keys.asc"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   notify:
     - Remove current keyring
     - Create keyring directory
@@ @@ -42,7 +42,7 @@ @@
     dest: "/etc/duply/main/public_keys.asc"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   notify:
     - Remove current keyring
     - Create keyring directory
@@ @@ -74,7 +74,7 @@ @@
     dest: "/etc/duply/main/ssh/identity"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   no_log: true
 - name: Deploy custom known_hosts for backup purposes
@@ @@ -83,7 +83,7 @@ @@
     dest: "/etc/duply/main/ssh/known_hosts"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
 - name: Deploy Duply configuration file
   template:
@@ @@ -91,7 +91,7 @@ @@
     dest: "/etc/duply/main/conf"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
 - name: Deploy base exclude pattern (exclude all by default)
   copy:
@@ @@ -99,7 +99,7 @@ @@
     dest: "/etc/duply/main/exclude"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
 - name: Set-up directory for storing pre-backup scripts
   file:
@@ @@ -107,7 +107,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
 - name: Set-up script for running all pre-backup scripts
   copy:
@@ @@ -115,7 +115,7 @@ @@
     dest: "/etc/duply/main/pre"
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
 - name: Deploy crontab entry for running backups
   cron:
@@ @@ -134,7 +134,7 @@ @@
     force: false
     group: root
     owner: root
     mode: 0600
+    mode: "0600"
 - name: Explicitly run all handlers
   include_tasks: ../handlers/main.yml

roles/backup_server/tasks/main.yml

➞

Show inline comments

@@ @@ -13,7 +13,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0751
+    mode: "0751"
 - name: Create backup client groups
   group:
@@ @@ -40,7 +40,7 @@ @@
     state: directory
     owner: root
     group: "{{ item.server | replace('.', '_') | regex_replace('^', 'bak-') }}"
     mode: 0750
+    mode: "0750"
   with_items: "{{ backup_clients }}"
 - name: Create duplicity directories for backup client users
@@ @@ -49,7 +49,7 @@ @@
     state: directory
     owner: "{{ item.server | replace('.', '_') | regex_replace('^', 'bak-') }}"
     group: "{{ item.server | replace('.', '_') | regex_replace('^', 'bak-') }}"
     mode: 0770
+    mode: "0770"
   with_items: "{{ backup_clients }}"
 - name: Create SSH directory for backup client users
@@ @@ -58,7 +58,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0751
+    mode: "0751"
   with_items: "{{ backup_clients }}"
 - name: Populate authorized keys for backup client users
@@ @@ -75,7 +75,7 @@ @@
     state: file
     owner: root
     group: "{{ item.server | replace('.', '_') | regex_replace('^', 'bak-') }}"
     mode: 0640
+    mode: "0640"
   with_items: "{{ backup_clients }}"
 - name: Deny the backup group login via regular SSH
@@ @@ -92,7 +92,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
 - name: Deploy configuration file for the backup OpenSSH server instance service
   copy:
@@ @@ -100,7 +100,7 @@ @@
     dest: "/etc/default/ssh-backup"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart backup SSH server
@@ @@ -110,7 +110,7 @@ @@
     dest: "/etc/ssh-backup/sshd_config"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   notify:
     - Restart backup SSH server
@@ @@ -120,7 +120,7 @@ @@
     dest: "/etc/ssh-backup/ssh_host_{{ item.key }}_key"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   with_dict: "{{ backup_host_ssh_private_keys }}"
   notify:
     - Restart backup SSH server
@@ @@ -132,7 +132,7 @@ @@
     dest: "/etc/systemd/system/ssh-backup.service"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Reload systemd
     - Restart backup SSH server
@@ @@ -149,7 +149,7 @@ @@
     dest: "/etc/ferm/conf.d/40-backup.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm

roles/bootstrap/tasks/main.yml

➞

Show inline comments

@@ @@ -26,7 +26,7 @@ @@
   copy:
     src: "ansible_sudo"
     dest: "/etc/sudoers.d/ansible"
     mode: 0640
+    mode: "0640"
     owner: root
     group: root

roles/common/molecule/default/converge.yml

➞

Show inline comments

@@ @@ -17,7 +17,7 @@ @@
         state: directory
         owner: root
         group: pipreqcheck
         mode: 0750
+        mode: "0750"
       with_items:
         - "/tmp/pip_check_requirements_upgrades"
         - "/tmp/pip_check_requirements_upgrades/with_updates"
@@ @@ -29,8 +29,8 @@ @@
         dest: "/tmp/{{ item }}"
         owner: root
         group: pipreqcheck
         mode: 0640
         directory_mode: 0750
         mode: "0640"
         directory_mode: "0750"
       with_items:
         - "pip_check_requirements_upgrades/with_updates/requirements.in"
         - "pip_check_requirements_upgrades/with_updates/requirements.txt"
@@ @@ -48,7 +48,7 @@ @@
         dest: /etc/ferm/conf.d/99-http.conf
         owner: root
         group: root
         mode: 0640
+        mode: "0640"
       notify:
         - Restart ferm

roles/common/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -70,7 +70,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.21: parameters-mandatory-bookworm
@@ @@ -90,7 +90,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.3: client1
@@ @@ -140,7 +140,7 @@ @@
         state: directory
         owner: root
         group: root
         mode: 0750
+        mode: "0750"
     - name: Create deprecated directory for Python 3 virtual environment (pip requirements upgrade checks)
       file:
@@ @@ -148,7 +148,7 @@ @@
         state: directory
         owner: root
         group: root
         mode: 0750
+        mode: "0750"
     - name: Create deprecated cronjob file for Python 3 (pip requirements upgrade checks)
       file:
@@ @@ -156,7 +156,7 @@ @@
         state: touch
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
     - name: Install the deprecated/obsolete NTP-related packages
       apt:

roles/common/tasks/main.yml

➞

Show inline comments

@@ @@ -29,7 +29,7 @@ @@
     dest: "/etc/apt/apt.conf.d/00proxy"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   when: apt_proxy is defined
 - name: Disable use of proxy for retrieving system packages via apt
@@ @@ -44,7 +44,7 @@ @@
     dest: "/usr/share/pam-configs/umask"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   register: pam_umask
   notify:
     - Update PAM configuration
@@ @@ -81,7 +81,7 @@ @@
     dest: "/etc/profile.d/bash_prompt.sh"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy profile configuration that allows for user-specific profile.d files
   copy:
@@ @@ -89,7 +89,7 @@ @@
     dest: "/etc/profile.d/z99-user_profile_d.sh"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Replace default and skeleton bashrc
   copy:
@@ @@ -97,7 +97,7 @@ @@
     dest: "{{ item.value }}"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   with_dict:
     bashrc: "/etc/bash.bashrc"
     skel_bashrc: "/etc/skel/.bashrc"
@@ @@ -113,7 +113,7 @@ @@
     dest: "/root/.bashrc"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   # Checksums: bookworm
   when: |
     root_bashrc_stat.stat.checksum == "1a422a148ad225aa5ba33f8dafd2b7cfcdbd701f"
@@ @@ -139,7 +139,7 @@ @@
     dest: "/etc/emacs/site-start.d/01disable-electric-indent-mode.el"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   when: "['emacs24', 'emacs24-nox', 'emacs25', 'emacs25-nox', 'emacs', 'emacs-nox'] | intersect(common_packages) | length > 0"
 - name: Set-up operating system groups
@@ @@ -201,7 +201,7 @@ @@
     dest: "/usr/local/share/ca-certificates/{{ item.key }}.crt"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   with_dict: "{{ ca_certificates }}"
   register: deploy_ca_certificates_result
@@ @@ -229,7 +229,7 @@ @@
     dest: /usr/sbin/ferm
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
   notify:
     - Restart ferm
@@ @@ -244,7 +244,7 @@ @@
     dest: "/etc/default/ferm"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart ferm
@@ @@ -254,7 +254,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0750
+    mode: "0750"
 - name: Deploy main ferm configuration file
   copy:
@@ @@ -262,7 +262,7 @@ @@
     dest: "/etc/ferm/ferm.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
@@ @@ -278,7 +278,7 @@ @@
     dest: "/etc/ferm/conf.d/00-base.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
@@ @@ -294,7 +294,7 @@ @@
     dest: "/usr/local/sbin/drop_legacy_iptables_rules.sh"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Drop legacy iptables rules
   command: "/usr/local/sbin/drop_legacy_iptables_rules.sh remove"
@@ @@ -309,7 +309,7 @@ @@
     dest: "/usr/local/bin/check_certificate.sh"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Set-up directory for holding configuration for certificate validation script
   file:
@@ @@ -317,7 +317,7 @@ @@
     state: "directory"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Deploy crontab entry for checking certificates
   cron:
@@ @@ -410,7 +410,7 @@ @@
     state: directory
     owner: pipreqcheck
     group: pipreqcheck
     mode: 0750
+    mode: "0750"
   with_items:
     - "/var/lib/pipreqcheck"
     - "/var/lib/pipreqcheck/virtualenv"
@@ @@ -434,7 +434,7 @@ @@
     state: "directory"
     owner: root
     group: pipreqcheck
     mode: 0750
+    mode: "0750"
   with_items:
     - "/etc/pip_check_requirements_upgrades"
@@ @@ -444,7 +444,7 @@ @@
     state: "directory"
     owner: root
     group: pipreqcheck
     mode: 0750
+    mode: "0750"
   with_items:
     - "/etc/pip_check_requirements_upgrades/pipreqcheck"
@@ @@ -454,7 +454,7 @@ @@
     dest: "{{ item.path }}"
     owner: root
     group: pipreqcheck
     mode: 0640
+    mode: "0640"
   with_items:
     - path: "/etc/pip_check_requirements_upgrades/pipreqcheck/requirements.in"
       requirements: "{{ pip_check_requirements_in }}"
@@ @@ -465,7 +465,7 @@ @@
     dest: "{{ item.file }}"
     owner: root
     group: pipreqcheck
     mode: 0640
+    mode: "0640"
   with_items:
     - file: "/etc/pip_check_requirements_upgrades/pipreqcheck/requirements.txt"
       requirements: "{{ pip_check_requirements }}"
@@ @@ -495,7 +495,7 @@ @@
     dest: "/usr/local/bin/pip_check_requirements_upgrades.sh"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Deploy crontab entry for checking pip requirements
   copy:
@@ @@ -503,7 +503,7 @@ @@
     dest: "/etc/cron.d/check_pip_requirements"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Install NTP packages
   apt:
@@ @@ -528,7 +528,7 @@ @@
     dest: "/etc/ntpsec/ntp.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   when: ntp_pools | length > 0
   notify:
     - Restart NTP server

roles/database/tasks/backup.yml

➞

Show inline comments

@@ @@ -6,7 +6,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
   with_items:
     - "/srv/backup"
     - "/srv/backup/mariadb"
@@ @@ -17,4 +17,4 @@ @@
     dest: "/etc/duply/main/pre.d/dump_{{ db_name }}.sh"
     owner: root
     group: root
     mode: 0700
+    mode: "0700"

roles/database_server/tasks/main.yml

➞

Show inline comments

@@ @@ -20,7 +20,7 @@ @@
     dest: "/etc/mysql/mariadb.conf.d/90-utf8.cnf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   register: mariadb_utf8_configuration
 - name: Restart MariaDB in order to use UTF-8 as default character set  # noqa no-handler

roles/ldap_client/tasks/main.yml

➞

Show inline comments

@@ @@ -11,7 +11,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Deploy LDAP client configuration file
   template:
@@ @@ -19,7 +19,7 @@ @@
     dest: /etc/ldap/ldap.conf
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Explicitly run all handlers
   include_tasks: ../handlers/main.yml

roles/ldap_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -55,7 +55,7 @@ @@
         dest: /etc/ssl/certs/testca.cert.pem
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
     - name: Remove the ss utility (see https://github.com/philpep/testinfra/pull/320)
       file:
@@ @@ -87,7 +87,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.21: parameters-mandatory-bookworm
@@ @@ -105,7 +105,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .0.2.1: parameters-optional
@@ @@ -122,7 +122,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .0.2.1: parameters-mandatory

roles/ldap_server/tasks/backup.yml

➞

Show inline comments

@@ @@ -6,7 +6,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0700
+    mode: "0700"
   with_items:
     - "/srv/backup"
@@ @@ -16,4 +16,4 @@ @@
     dest: "/etc/duply/main/pre.d/ldapdump.sh"
     owner: root
     group: root
     mode: 0700
+    mode: "0700"

roles/ldap_server/tasks/main.yml

➞

Show inline comments

@@ @@ -82,7 +82,7 @@ @@
   openssl_dhparam:
     owner: root
     group: openldap
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_ldap.dh.pem"
     size: 2048
   notify:
@@ @@ -92,7 +92,7 @@ @@
   template:
     src: "ldap_tls_key.j2"
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_ldap.key"
     mode: 0640
+    mode: "0640"
     owner: root
     group: openldap
   notify:
@@ @@ -102,7 +102,7 @@ @@
   template:
     src: "ldap_tls_cert.j2"
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_ldap.pem"
     mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ @@ -114,7 +114,7 @@ @@
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_ldap.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 # We need to have this hack around TLS configuration because OpenLDAP
 # expects both private key and certificate to be set at the same
@@ @@ -292,7 +292,7 @@ @@
     dest: "/etc/ferm/conf.d/10-ldap.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
@@ @@ -305,7 +305,7 @@ @@
     dest: "/root/.ldap_admin_password"
     owner: root
     group: root
     mode: 0400
+    mode: "0400"
   changed_when: false
 - name: Test if LDAP admin password needs to be changed

roles/mail_forwarder/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -54,7 +54,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.11: "mail-server domain1"
@@ @@ -89,7 +89,7 @@ @@
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Update CA certificate cache
@@ @@ -111,7 +111,7 @@ @@
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Update CA certificate cache
@@ @@ -121,7 +121,7 @@ @@
         dest: "/etc/ssl/{{ item }}"
         owner: root
         group: root
         mode: 0600
+        mode: "0600"
       with_items:
         - mail-server_smtp.cert.pem
         - mail-server_smtp.key.pem
@@ @@ -143,7 +143,7 @@ @@
         dest: /etc/postfix/main.cf
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Restart Postfix

roles/mail_forwarder/tasks/main.yml

➞

Show inline comments

@@ @@ -22,13 +22,13 @@ @@
     dest: "/etc/ssl/certs/smtp_relay_truststore.pem"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Generate the SMTP server Diffie-Hellman parameter
   openssl_dhparam:
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_smtp.dh.pem"
     size: 2048
   notify:
@@ @@ -40,7 +40,7 @@ @@
     dest: "/etc/mailname"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -50,7 +50,7 @@ @@
     dest: "/etc/postfix/main.cf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -108,7 +108,7 @@ @@
     dest: "/etc/ferm/conf.d/20-mail.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm

roles/mail_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -83,7 +83,7 @@ @@
         state: directory
         owner: vagrant
         group: vagrant
         mode: 0755
+        mode: "0755"
     - name: Create virtual environment for running ClamAV database sync tool
       become: true
@@ @@ -98,7 +98,7 @@ @@
         dest: /var/lib/cvdupdate/requirements.txt
         owner: vagrant
         group: vagrant
         mode: 0644
+        mode: "0644"
     - name: Install requirements in the pipreqcheck virtual environment
       become: true
@@ @@ -110,7 +110,7 @@ @@
     - name: Allow traversal of Vagrant directory by the http server user
       file:
         path: /vagrant/
         mode: 0711
+        mode: "0711"
     - name: Create directory for storing ClamAV database files
       file:
@@ @@ -118,7 +118,7 @@ @@
         state: directory
         owner: vagrant
         group: vagrant
         mode: 0755
+        mode: "0755"
     - name: Configure default location for storing ClamAV database files  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
@@ @@ -144,7 +144,7 @@ @@
       copy:
         dest: "/etc/ssl/private/nginx_https.key"
         content: "{{ clamav_database_http_server_tls_key }}"
         mode: 0640
+        mode: "0640"
         owner: root
         group: root
       notify:
@@ @@ -154,7 +154,7 @@ @@
       copy:
         dest: "/etc/ssl/certs/nginx_https.pem"
         content: "{{ clamav_database_http_server_tls_certificate }}"
         mode: 0644
+        mode: "0644"
         owner: root
         group: root
       notify:
@@ @@ -166,7 +166,7 @@ @@
         dest: /etc/nginx/sites-available/default
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Restart nginx
@@ @@ -197,7 +197,7 @@ @@
           CipherString = DEFAULT@SECLEVEL=0
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
     - name: Set-up the hosts file
@@ @@ -207,7 +207,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
         # Force mail servers to use local ClamAV database mirror.
@@ @@ -285,7 +285,7 @@ @@
         dest: "/home/vagrant/{{ item }}"
         owner: vagrant
         group: vagrant
         mode: 0600
+        mode: "0600"
       with_items:
         - imapcli-parameters-mandatory-john_doe.conf
         - imapcli-parameters-mandatory-jane_doe.conf
@@ @@ -298,7 +298,7 @@ @@
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Update CA certificate cache
@@ @@ -322,7 +322,7 @@ @@
             dest: "/etc/postfix/main.cf"
             owner: root
             group: root
             mode: 0644
+            mode: "0644"
           notify:
             - Restart Postfix

roles/mail_server/tasks/main.yml

➞

Show inline comments

@@ @@ -43,7 +43,7 @@ @@
   copy:
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_smtp.key"
     content: "{{ smtp_tls_key }}"
     mode: 0640
+    mode: "0640"
     owner: root
     group: root
   notify:
@@ @@ -53,7 +53,7 @@ @@
   copy:
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_smtp.pem"
     content: "{{ smtp_tls_certificate }}"
     mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ @@ -63,7 +63,7 @@ @@
   openssl_dhparam:
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_smtp.dh.pem"
     size: 2048
   notify:
@@ @@ -73,7 +73,7 @@ @@
   copy:
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_imap.key"
     content: "{{ imap_tls_key }}"
     mode: 0640
+    mode: "0640"
     owner: root
     group: root
   notify:
@@ @@ -83,7 +83,7 @@ @@
   copy:
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_imap.pem"
     content: "{{ imap_tls_certificate }}"
     mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ @@ -93,7 +93,7 @@ @@
   openssl_dhparam:
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_imap.dh.pem"
     size: 2048
   notify:
@@ @@ -105,7 +105,7 @@ @@
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_{{ item }}.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   with_items:
     - smtp
     - imap
@@ @@ -124,7 +124,7 @@ @@
   copy:
     dest: "/etc/clamav/clamav-milter.conf"
     src: "clamav-milter.conf"
     mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ @@ -133,7 +133,7 @@ @@
 - name: Set-up privileges for directories within Postfix chroot
   file:
     dest: "{{ item }}"
     mode: 0755
+    mode: "0755"
     state: directory
     owner: root
     group: root
@@ @@ -147,7 +147,7 @@ @@
     state: directory
     owner: clamav
     group: clamav
     mode: 0755
+    mode: "0755"
   with_items:
     - /var/spool/postfix/var/run/clamav
@@ @@ -157,7 +157,7 @@ @@
     dest: "/etc/ssl/certs/mail_ldap_tls_truststore.pem"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy the LDAP TLS truststore in Postfix chroot
   copy:
@@ @@ -165,7 +165,7 @@ @@
     dest: "/var/spool/postfix/etc/ssl/certs/mail_ldap_tls_truststore.pem"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -175,7 +175,7 @@ @@
     dest: "/etc/mailname"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -185,7 +185,7 @@ @@
     dest: "/etc/postfix/{{ item }}.cf"
     owner: root
     group: postfix
     mode: 0640
+    mode: "0640"
   with_items:
     - ldap-virtual-alias-maps
     - ldap-virtual-mailbox-domains
@@ @@ -199,7 +199,7 @@ @@
     dest: "/etc/postfix/main.cf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -241,7 +241,7 @@ @@
     dest: "/etc/dovecot/conf.d/99-local.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Dovecot
@@ @@ -251,7 +251,7 @@ @@
     dest: "/etc/dovecot/dovecot-ldap.conf.ext"
     owner: root
     group: root
     mode: 0600
+    mode: "0600"
   notify:
     - Restart Dovecot
@@ @@ -261,7 +261,7 @@ @@
     dest: "/etc/postfix/master.cf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Postfix
@@ @@ -320,7 +320,7 @@ @@
     dest: "/etc/ferm/conf.d/20-mail.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm

roles/php_website/molecule/default/converge.yml

➞

Show inline comments

@@ @@ -62,7 +62,7 @@ @@
         state: directory
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0750
+        mode: "0750"
     - name: Deploy a couple of PHP pages for testing purposes
       copy:
@@ @@ -70,7 +70,7 @@ @@
         dest: "/var/www/parameters-mandatory/htdocs/{{ item }}"
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0640
+        mode: "0640"
       with_items:
         - index.php
         - index.php3
@@ @@ -82,7 +82,7 @@ @@
         state: directory
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 0750
+        mode: "0750"
     - name: Deploy a couple of PHP pages for testing purposes
       copy:
@@ @@ -90,7 +90,7 @@ @@
         dest: "/var/www/parameters-optional.local/htdocs/{{ item }}"
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 0640
+        mode: "0640"
       with_items:
         - myindex.php
         - myindex.myphp

roles/php_website/tasks/main.yml

➞

Show inline comments

@@ @@ -22,7 +22,7 @@ @@
     state: directory
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 0750
+    mode: "0750"
 - name: Create PHP website user
   user:
@@ @@ -55,7 +55,7 @@ @@
     dest: "{{ home }}/.forward"
     owner: root
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Install extra packages for website
   apt:
@@ @@ -69,7 +69,7 @@ @@
     validate: "{{ php_fpm_binary }} -t -y %s"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart PHP-FPM
@@ @@ -79,7 +79,7 @@ @@
     content: "{{ https_tls_key }}"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart nginx
@@ @@ -89,7 +89,7 @@ @@
     content: "{{ https_tls_certificate }}"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart nginx
@@ @@ -99,7 +99,7 @@ @@
     dest: "/etc/check_certificate/{{ fqdn }}_https.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy nginx configuration file for website
   template:
@@ @@ -107,7 +107,7 @@ @@
     dest: "/etc/nginx/sites-available/{{ fqdn }}"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     validate: "/usr/local/bin/nginx_verify_site.sh -n '{{ fqdn }}' %s"
   notify:
     - Restart nginx

roles/preseed/tasks/main.yml

➞

Show inline comments

@@ @@ -3,14 +3,14 @@ @@
 - name: Create directory for storing preseed configurations
   file:
     path: "{{ preseed_directory }}"
     mode: 0750
+    mode: "0750"
     state: directory
 - name: Create preseed configuration file
   template:
     src: "preseed.cfg.j2"
     dest: "{{ preseed_directory }}/{{ item }}.cfg"
     mode: 0640
+    mode: "0640"
   when: item != "localhost"
   with_items: "{{ groups['all'] }}"

roles/web_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -76,7 +76,7 @@ @@
           CipherString = DEFAULT@SECLEVEL=0
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
 - name: Prepare, test fixtures
@@ @@ -91,7 +91,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.11: "client"
@@ @@ -124,7 +124,7 @@ @@
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Update CA certificate cache

roles/web_server/tasks/main.yml

➞

Show inline comments

@@ @@ -17,7 +17,7 @@ @@
   copy:
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_https.key"
     content: "{{ default_https_tls_key }}"
     mode: 0640
+    mode: "0640"
     owner: root
     group: root
   notify:
@@ @@ -27,7 +27,7 @@ @@
   copy:
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_https.pem"
     content: "{{ default_https_tls_certificate }}"
     mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ @@ -37,7 +37,7 @@ @@
   openssl_dhparam:
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_https.dh.pem"
     size: 2048
   notify:
@@ @@ -49,7 +49,7 @@ @@
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_https.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Remove TLS protocol configuration from the main configuration file
   lineinfile:
@@ @@ -66,7 +66,7 @@ @@
     src: "tls.conf.j2"
     owner: "root"
     group: "root"
     mode: 0644
+    mode: "0644"
   notify:
     - Restart nginx
@@ @@ -76,7 +76,7 @@ @@
     dest: "/usr/local/bin/nginx_verify_site.sh"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Deploy default vhost configuration
   template:
@@ @@ -84,7 +84,7 @@ @@
     dest: "/etc/nginx/sites-available/default"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     validate: "/usr/local/bin/nginx_verify_site.sh -n default %s"
   notify:
     - Restart nginx
@@ @@ -103,7 +103,7 @@ @@
     dest: "/etc/ferm/conf.d/30-web.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
@@ @@ -121,7 +121,7 @@ @@
     state: directory
     owner: root
     group: www-data
     mode: 0750
+    mode: "0750"
 - name: Deploy the default index.html
   template:
@@ @@ -129,7 +129,7 @@ @@
     dest: /var/www/default/index.html
     owner: root
     group: www-data
     mode: 0640
+    mode: "0640"
 - name: Enable nginx service
   service:
@@ @@ -156,7 +156,7 @@ @@
     state: directory
     owner: root
     group: www-data
     mode: 0750
+    mode: "0750"
   with_items:
     - wsgi
     - php
@@ @@ -167,7 +167,7 @@ @@
     dest: "/etc/tmpfiles.d/{{ item.tmpfiles_d }}"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   with_items:
     - socket_dir: wsgi
       tmpfiles_d: "wsgi.conf"
@@ @@ -180,7 +180,7 @@ @@
     state: directory
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Configure PHP-FPM service to run with umask 0007
   copy:
@@ @@ -188,7 +188,7 @@ @@
     dest: "/etc/systemd/system/{{ php_fpm_service_name }}.service.d/umask.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Reload systemd
     - Restart PHP-FPM
@@ @@ -210,7 +210,7 @@ @@
     dest: "{{ item }}/30-timezone.ini"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   with_items:
     - "{{ php_base_config_dir }}/cli/conf.d/"
     - "{{ php_base_config_dir }}/fpm/conf.d/"

roles/wsgi_website/molecule/default/converge.yml

➞

Show inline comments

@@ @@ -102,7 +102,7 @@ @@
         state: directory
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 02750
+        mode: "02750"
       with_items:
         - htdocs/static
         - htdocs/media
@@ @@ -113,7 +113,7 @@ @@
         dest: "/var/www/parameters-mandatory/code/testapp.py"
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0640
+        mode: "0640"
       notify:
         - Restart parameters-mandatory
     - name: Deploy a static file
@@ @@ -122,14 +122,14 @@ @@
         dest: "/var/www/parameters-mandatory/htdocs/static/static_file.txt"
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0640
+        mode: "0640"
     - name: Deploy a media file
       copy:
         src: "tests/data/media_file.txt"
         dest: "/var/www/parameters-mandatory/htdocs/media/media_file.txt"
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0640
+        mode: "0640"
     # parameters-optional application
     - name: Set-up directories where application files are hosted at
@@ @@ -138,7 +138,7 @@ @@
         state: directory
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 02750
+        mode: "02750"
       with_items:
         - htdocs/static
         - htdocs/media
@@ @@ -149,7 +149,7 @@ @@
         dest: "/var/www/parameters-optional.local/code/testapp.py"
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 0640
+        mode: "0640"
       notify:
         - Restart parameters-optional.local
     - name: Deploy a static file
@@ @@ -158,14 +158,14 @@ @@
         dest: "/var/www/parameters-optional.local/htdocs/static/static_file.txt"
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 0640
+        mode: "0640"
     - name: Deploy a media file
       copy:
         src: "tests/data/media_file.txt"
         dest: "/var/www/parameters-optional.local/htdocs/media/media_file.txt"
         owner: admin-parameters-optional_local
         group: web-parameters-optional_local
         mode: 0640
+        mode: "0640"
     # parameters-paste-req application
     - name: Set-up directories where application files are hosted at
@@ @@ -174,7 +174,7 @@ @@
         state: directory
         owner: admin-parameters-paste-req
         group: web-parameters-paste-req
         mode: 02750
+        mode: "02750"
       with_items:
         - htdocs/static
         - htdocs/media
@@ @@ -185,7 +185,7 @@ @@
         dest: "/var/www/parameters-paste-req/code/{{ item }}"
         owner: admin-parameters-paste-req
         group: web-parameters-paste-req
         mode: 0640
+        mode: "0640"
       with_items:
         - config.ini
         - testapp.py
@@ @@ -198,14 +198,14 @@ @@
         dest: "/var/www/parameters-paste-req/htdocs/static/static_file.txt"
         owner: admin-parameters-paste-req
         group: web-parameters-paste-req
         mode: 0640
+        mode: "0640"
     - name: Deploy a media file
       copy:
         src: "tests/data/media_file.txt"
         dest: "/var/www/parameters-paste-req/htdocs/media/media_file.txt"
         owner: admin-parameters-paste-req
         group: web-parameters-paste-req
         mode: 0640
+        mode: "0640"
   handlers:
     - name: Restart parameters-mandatory

roles/wsgi_website/tasks/main.yml

➞

Show inline comments

@@ @@ -22,7 +22,7 @@ @@
     state: directory
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 0750
+    mode: "0750"
 - name: Deploy profile configuration file for auto-activating the virtual environment
   copy:
@@ @@ -30,7 +30,7 @@ @@
     dest: "{{ home }}/.profile.d/virtualenv.sh"
     owner: root
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Deploy profile configuration file for setting environment variables
   template:
@@ @@ -38,7 +38,7 @@ @@
     dest: "{{ home }}/.profile.d/environment.sh"
     owner: root
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Create WSGI website user
   user:
@@ @@ -71,7 +71,7 @@ @@
     dest: "{{ home }}/.forward"
     owner: root
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Install extra packages for website
   apt:
@@ @@ -128,7 +128,7 @@ @@
     state: directory
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 02750
+    mode: "02750"
 - name: Create Python virtual environment
   command: '/usr/bin/virtualenv --python "{{ python_interpreter }}" --prompt "{{ virtualenv_prompt }}" "{{ home }}/virtualenv"'
@@ @@ -143,7 +143,7 @@ @@
     dest: "{{ home }}/virtualenv/.project"
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Deploy virtualenv wrapper
   template:
@@ @@ -151,7 +151,7 @@ @@
     dest: "{{ home }}/virtualenv/bin/exec"
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 0750
+    mode: "0750"
 - name: Set-up directory for storing requirements file for upgrade checks
   file:
@@ @@ -159,7 +159,7 @@ @@
     state: directory
     owner: root
     group: pipreqcheck
     mode: 0750
+    mode: "0750"
 - name: Deploy WSGI requirements files for upgrade checks
   template:
@@ @@ -167,7 +167,7 @@ @@
     dest: "{{ pip_check_requirements_upgrades_directory }}/{{ fqdn }}/{{ item }}"
     owner: root
     group: pipreqcheck
     mode: 0640
+    mode: "0640"
   with_items:
     - wsgi_requirements.in
     - wsgi_requirements.txt
@@ @@ -178,7 +178,7 @@ @@
     dest: "{{ home }}/.wsgi_requirements.txt"
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 0640
+    mode: "0640"
 - name: Install Gunicorn via requirements file
   become: true
@@ @@ -209,7 +209,7 @@ @@
     dest: "/etc/systemd/system/{{ fqdn }}.socket"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   register: deploy_systemd_socket_configuration
   notify:
     - Reload systemd
@@ @@ -221,7 +221,7 @@ @@
     dest: "/etc/systemd/system/{{ fqdn }}.service"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   register: deploy_systemd_service_configuration
   notify:
     - Reload systemd
@@ @@ -239,7 +239,7 @@ @@
     state: directory
     owner: "{{ admin }}"
     group: "{{ user }}"
     mode: 02750
+    mode: "02750"
 - name: Deploy nginx TLS private key for website
   copy:
@@ @@ -247,7 +247,7 @@ @@
     content: "{{ https_tls_key }}"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart nginx
@@ @@ -257,7 +257,7 @@ @@
     content: "{{ https_tls_certificate }}"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart nginx
@@ @@ -267,7 +267,7 @@ @@
     dest: "/etc/check_certificate/{{ fqdn }}_https.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy nginx configuration file for website
   template:
@@ @@ -275,7 +275,7 @@ @@
     dest: "/etc/nginx/sites-available/{{ fqdn }}"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
     validate: "/usr/local/bin/nginx_verify_site.sh -n '{{ fqdn }}' %s"
   notify:
     - Restart nginx

roles/xmpp_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -94,7 +94,7 @@ @@
           CipherString = DEFAULT@SECLEVEL=0
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
     - name: Set-up the hosts file
@@ @@ -104,7 +104,7 @@ @@
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
         state: present
       with_dict:
 .168.56.11: "ldap-server backup-server"
@@ @@ -128,7 +128,7 @@ @@
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root
         mode: 0644
+        mode: "0644"
       notify:
         - Update CA certificate cache
@@ @@ -159,7 +159,7 @@ @@
         dest: "~user/{{ item.jid }}.cfg"
         owner: user
         group: user
         mode: 0600
+        mode: "0600"
       with_items:
         - jid: john.doe@domain1
           password: johnpassword
@@ @@ -280,4 +280,4 @@ @@
         dest: "/usr/local/bin/list_prosody_modules.lua"
         owner: root
         group: root
         mode: 0755
+        mode: "0755"

roles/xmpp_server/tasks/main.yml

➞

Show inline comments

@@ @@ -9,7 +9,7 @@ @@
     dest: /etc/apt/sources.list.d/backports.list
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   register: backports_repository_configuration
 - name: Update apt cache if backports repository configuration changed (for immediate use)  # noqa no-handler
@@ @@ -50,7 +50,7 @@ @@
     content: "{{ xmpp_tls_key }}"
     owner: root
     group: prosody
     mode: 0640
+    mode: "0640"
   notify:
     - Restart Prosody
@@ @@ -60,7 +60,7 @@ @@
     content: "{{ xmpp_tls_certificate }}"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
   notify:
     - Restart Prosody
@@ @@ -68,7 +68,7 @@ @@
   openssl_dhparam:
     owner: root
     group: prosody
     mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_xmpp.dh.pem"
     size: 2048
   notify:
@@ @@ -80,7 +80,7 @@ @@
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_xmpp.conf"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy script for validating Prosody certificate
   copy:
@@ @@ -88,7 +88,7 @@ @@
     dest: "/usr/local/bin/check_prosody_certificate.sh"
     owner: root
     group: root
     mode: 0755
+    mode: "0755"
 - name: Set-up crontab task that runs the Prosody certificate checker script once a day
   copy:
@@ @@ -96,7 +96,7 @@ @@
     dest: "/etc/cron.d/check_prosody_certificate"
     owner: root
     group: root
     mode: 0644
+    mode: "0644"
 - name: Deploy LDAP client configuration (for validating LDAP server certificate)
   copy:
@@ @@ -104,7 +104,7 @@ @@
     dest: "/var/lib/prosody/.ldaprc"
     owner: root
     group: prosody
     mode: 0640
+    mode: "0640"
   notify:
     - Restart Prosody
@@ @@ -114,7 +114,7 @@ @@
     dest: "/etc/prosody/prosody.cfg.lua"
     owner: root
     group: prosody
     mode: 0640
+    mode: "0640"
   notify:
     - Restart Prosody
@@ @@ -130,7 +130,7 @@ @@
     dest: "/etc/ferm/conf.d/30-xmpp.conf"
     owner: root
     group: root
     mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm

0 comments (0 inline, 0 general)