Add linter pipeline

Defining variable acertmgr_version from role defaults, allows version
string to be overridden. Role defaults are set in connection: local scope.
This also shortens long line to make this role linter compliant

.drone.yml

@@ -0,0 +1,12 @@
+---
+
+name: playbook
+kind: pipeline
+type: docker
+
+steps:
+- name: lint
+  image: alpine:latest
+  commands:
+  - apk add git ansible ansible-lint
+  - ansible-lint -x305,403,701

roles/acertmgr/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+
+acertmgr_version: "{{ lookup('url', 'https://raw.githubusercontent.com/moepman/acertmgr/master/version.txt') | trim }}"

roles/acertmgr/tasks/main.yml

@@ -8,16 +8,9 @@
     - python3-yaml
     - python3-pkg-resources
 
-- name: Find current acertmgr version
-  get_url:
-    url: "https://raw.githubusercontent.com/moepman/acertmgr/master/version.txt"
-    dest: /tmp/acertmgr.version
-  vars:
-    ansible_connection: local
-
 - name: Install acertmgr
   apt:
-   deb: "https://github.com/moepman/acertmgr/releases/download/{{ lookup('file', '/tmp/acertmgr.version') }}/python3-acertmgr_{{ lookup('file', '/tmp/acertmgr.version') }}-1_all.deb"
+    deb: "https://github.com/moepman/acertmgr/releases/download/{{ acertmgr_version }}/python3-acertmgr_{{ acertmgr_version }}-1_all.deb"
 
 - name: Create config directories
   file:

roles/common-handlers/handlers/main.yml

@@ -0,0 +1,4 @@
+---
+
+- name: 'Reload systemd'
+  systemd: daemon_reload=yes

roles/fastd-exporter/handlers/main.yml

@@ -1,7 +1,4 @@
 ---
 
-- name: Reload systemd
-  command: systemctl daemon-reload
-
 - name: Restart fastd-exporter
   service: name=fastd-exporter state=restarted

roles/fastd-exporter/meta/main.yml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+- { role: common-handlers }

roles/fastd/handlers/main.yml

@@ -3,6 +3,3 @@
 - name: Restart fastd
   service: name=fastd@{{ site_code }}{{ item }} state=restarted
   with_sequence: start=0 count={{ fastd_instances }}
-
-- name: Reload systemd
-  command: systemctl daemon-reload

roles/fastd/meta/main.yml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+- { role: common-handlers }

roles/mesh-interfaces/handlers/main.yml

@@ -2,6 +2,3 @@
 
 - name: Reload interfaces
   command: /sbin/ifreload -a
-
-- name: Reload systemd
-  command: systemctl daemon-reload

roles/mesh-interfaces/meta/main.yml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+- { role: common-handlers }

roles/nginx/tasks/main.yml

@@ -8,7 +8,13 @@
   when: nginx_ssl
 
 - name: Ensure certificates are available
-  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ ansible_fqdn }}.key -out /etc/nginx/ssl/{{ ansible_fqdn }}.crt -days 730 -subj "/CN={{ ansible_fqdn }}" creates=/etc/nginx/ssl/{{ ansible_fqdn }}.crt
+  command:
+    cmd: >
+      openssl req -x509 -nodes -newkey rsa:2048
+      -keyout /etc/nginx/ssl/{{ ansible_fqdn }}.key
+      -out /etc/nginx/ssl/{{ ansible_fqdn }}.crt
+      -days 730 -subj "/CN={{ ansible_fqdn }}"
+    creates: /etc/nginx/ssl/{{ ansible_fqdn }}.crt
   when: nginx_ssl
   notify: Restart nginx
 

roles/node_exporter/handlers/main.yml

@@ -1,7 +1,4 @@
 ---
 
-- name: Reload systemd
-  command: systemctl daemon-reload
-
 - name: Restart node_exporter
   service: name=node_exporter state=restarted

roles/node_exporter/meta/main.yml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+- { role: common-handlers }

roles/prometheus/handlers/main.yml

@@ -1,8 +1,5 @@
 ---
 
-- name: Reload systemd
-  command: systemctl daemon-reload
-
 - name: Restart prometheus
   service: name=prometheus state=restarted
 

roles/prometheus/meta/main.yml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+- { role: common-handlers }

roles/respondd/handlers/main.yml

@@ -1,7 +1,4 @@
 ---
 
-- name: Reload systemd
-  command: systemctl daemon-reload
-
 - name: Restart respondd
   service: name=respondd state=restarted

roles/respondd/meta/main.yml

@@ -1,4 +1,5 @@
 ---
 
 dependencies:
+- { role: common-handlers }
 - { role: git }

roles/web-gw/tasks/main.yml

@@ -1,7 +1,13 @@
 ---
 
 - name: Ensure certificates are available
-  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ ansible_fqdn }}.key -out /etc/nginx/ssl/{{ ansible_fqdn }}.crt -days 730 -subj "/CN={{ ansible_fqdn }}" creates=/etc/nginx/ssl/{{ ansible_fqdn }}.crt
+  command:
+    cmd: >
+      openssl req -x509 -nodes -newkey rsa:2048
+      -keyout /etc/nginx/ssl/{{ ansible_fqdn }}.key
+      -out /etc/nginx/ssl/{{ ansible_fqdn }}.crt
+      -days 730 -subj "/CN={{ ansible_fqdn }}"
+    creates: /etc/nginx/ssl/{{ ansible_fqdn }}.crt
   notify: Restart nginx
 
 - name: Create web content directory

roles/web-svc/tasks/websvc.yml

@@ -1,7 +1,13 @@
 ---
 
 - name: Ensure certificates are available
-  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ domain }}.key -out /etc/nginx/ssl/{{ domain }}.crt -days 730 -subj "/CN={{ domain }}" creates=/etc/nginx/ssl/{{ domain }}.crt
+  command:
+    cmd: >
+      openssl req -x509 -nodes -newkey rsa:2048
+      -keyout /etc/nginx/ssl/{{ domain }}.key
+      -out /etc/nginx/ssl/{{ domain }}.crt
+      -days 730 -subj "/CN={{ domain }}"
+    creates: /etc/nginx/ssl/{{ domain }}.crt
   notify: Restart nginx
 
 - name: Configure certificate manager

roles/yanic/handlers/main.yml

@@ -1,8 +1,5 @@
 ---
 
-- name: Reload systemd
-  command: systemctl daemon-reload
-
 - name: Restart yanic
   service: name=yanic state=restarted
 

roles/yanic/meta/main.yml

@@ -1,4 +1,5 @@
 ---
 
 dependencies:
+- { role: common-handlers }
 - { role: go }