Merge pull request #2 from RWejlgaard/fix-lint-nitpicks

Fix ansible-lint yaml nitpicks

ansible/.yamllint

@@ -0,0 +1,11 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 160
+  truthy:
+    allowed-values: ["true", "false"]
+
+ignore:
+  - group_vars/all/secrets.enc.yaml

ansible/dotfiles/pr-test.yml

@@ -1,30 +0,0 @@
-name: PR Test
-
-on:
-  pull_request:
-    branches:
-      - master
-      - main
-
-jobs:
-  test:
-    strategy:
-      matrix:
-        distro:
-          - alpine
-          - archlinux
-          - fedora
-          - ubuntu
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Only build
-        run: |
-          docker buildx build --platform linux/amd64 --output "type=image,push=false" -f tests/Dockerfile-${{ matrix.distro }} .

ansible/roles/common/tasks/main.yml

@@ -88,9 +88,9 @@
     line: "{{ item.line }}"
     state: present
   loop:
-    - { regexp: '^#?PermitRootLogin', line: 'PermitRootLogin prohibit-password' }
-    - { regexp: '^#?PasswordAuthentication', line: 'PasswordAuthentication no' }
-    - { regexp: '^#?X11Forwarding', line: 'X11Forwarding no' }
+    - {regexp: '^#?PermitRootLogin', line: 'PermitRootLogin prohibit-password'}
+    - {regexp: '^#?PasswordAuthentication', line: 'PasswordAuthentication no'}
+    - {regexp: '^#?X11Forwarding', line: 'X11Forwarding no'}
   notify: Restart sshd
   when: ansible_facts["os_family"] != "FreeBSD"
 

ansible/roles/dotfiles/tasks/main.yml

@@ -15,9 +15,9 @@
     mode: '0644'
     backup: true
   loop:
-    - { src: 'config/tmux/tmux.conf', dest: '/root/.tmux.conf' }
-    - { src: 'config/fish/config.fish', dest: '/root/.config/fish/config.fish' }
-    - { src: 'config/git/gitconfig', dest: '/root/.gitconfig' }
+    - {src: 'config/tmux/tmux.conf', dest: '/root/.tmux.conf'}
+    - {src: 'config/fish/config.fish', dest: '/root/.config/fish/config.fish'}
+    - {src: 'config/git/gitconfig', dest: '/root/.gitconfig'}
   failed_when: false
   when:
     - dotfiles_dir.stat.exists

ansible/services/authelia/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Authelia - SSO/authentication portal with LLDAP + MariaDB
 # Host: helsinki-a (100.67.6.27)
 # Data: /root/authelia/

ansible/services/bitwarden/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Bitwarden - Self-hosted password manager
 # Host: helsinki-a (100.67.6.27)
 # Data: Docker volume (bitwarden)

ansible/services/forgejo/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Forgejo - Self-hosted Git forge
 # Host: helsinki-a (100.67.6.27)
 # Data: /srv/forgejo/data

ansible/services/grafana/provisioning/alerting/contact-points.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 # Contact points — defines where alerts are sent.

ansible/services/grafana/provisioning/alerting/notification-policy.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 # Notification routing policy.

ansible/services/grafana/provisioning/alerting/rules-critical.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 # Tier 1 — Critical alerts. These page PagerDuty.

ansible/services/grafana/provisioning/alerting/rules-warning.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 # Tier 2 — Warning alerts. These send email only (non-paging).
@@ -239,4 +240,3 @@ groups:
         labels:
           severity: warning
         isPaused: false
-

ansible/services/grafana/provisioning/dashboards/dashboards.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 # Dashboard provisioning — tells Grafana where to find dashboard JSON files.

ansible/services/jellyseerr/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Jellyseerr - Media request management
 # Host: london-b (100.84.65.101)
 # Data: /var/share/jellyseer

ansible/services/minecraft/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Minecraft - PaperMC server
 # Host: copenhagen-a (100.89.206.60)
 # Data: Docker volume (minecraft_minecraftserver)

ansible/services/miniflux/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Miniflux - RSS reader
 # Host: london-b (100.84.65.101)
 # Data: Docker volume (miniflux-db)

ansible/services/navidrome/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Navidrome - Music streaming server
 # Host: london-b (100.84.65.101)
 # Data: /root/navidrome (config), /hdd/music (library)

ansible/services/nextcloud-aio/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Nextcloud AIO - All-in-one Nextcloud deployment
 # Host: london-b (100.84.65.101)
 # Data: Docker volume (nextcloud_aio_mastercontainer)

ansible/services/plex-exporter/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Plex exporter - Plex metrics for Prometheus
 # Host: london-b (100.84.65.101)
 # Access: http://london-b:9000/metrics

ansible/services/poste-io/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # Poste.io - Self-hosted mail server
 # Host: nuremberg-a (100.117.235.28)
 # Data: /root/postio/data

ansible/services/prometheus/prometheus.yml

@@ -1,3 +1,4 @@
+---
 # Prometheus configuration — extracted from london-a (FreeBSD)
 # Config file location on london-a: /usr/local/etc/prometheus.yml
 # Prometheus runs as: /usr/local/bin/prometheus --config.file=/usr/local/etc/prometheus.yml
@@ -10,12 +11,9 @@ global:
 alerting:
   alertmanagers:
     - static_configs:
-        - targets:
-          # - alertmanager:9093
+        - targets: []
 
-rule_files:
-  # - "first_rules.yml"
-  # - "second_rules.yml"
+rule_files: []
 
 scrape_configs:
   - job_name: "prometheus"

ansible/services/slskd/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # slskd - Soulseek client (web UI)
 # Host: london-b (100.84.65.101)
 # Data: /root/slskd (app), /hdd/music/slskd (downloads)

ansible/services/smartctl-exporter/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 # smartctl-exporter - SMART disk metrics for Prometheus
 # Host: london-b (100.84.65.101)
 # Access: http://london-b:9633/metrics