From b1e2c2912a4257c52a2741d5f625f37812d554a0 Mon Sep 17 00:00:00 2001 From: Dave Dittrich Date: Wed, 20 Nov 2024 14:49:52 -0800 Subject: [PATCH] Consistently resolve yamllint octal findings --- .yamllint | 4 ++- molecule/branding/converge.yml | 4 ++- molecule/default/converge.yml | 4 ++- molecule/delegated/converge.yml | 4 ++- molecule/dropins/converge.yml | 4 ++- molecule/ip_in_issue/converge.yml | 4 ++- molecule/kali_like/converge.yml | 4 ++- molecule/kdmt/converge.yml | 4 ++- molecule/shared/prepare.yml | 14 ++++----- playbooks/install-zaproxy.yml | 6 ++-- roles/branding/tasks/boot_splash.yml | 12 ++++---- roles/branding/tasks/check_custom_splash.yml | 12 ++++---- roles/branding/tasks/clipit-nohistory.yml | 4 +-- .../branding/tasks/lxde-desktop-configure.yml | 4 +-- roles/branding/tasks/main.yml | 12 ++++---- roles/dropins/tasks/main.yml | 6 ++-- roles/dropins/tasks/setup_dropin.yml | 2 +- roles/ip_in_issue/tasks/main.yml | 18 +++++------ .../tasks/install_helper_scripts.yml | 4 +-- roles/kali_like/tasks/main.yml | 4 +-- .../tasks/prepare_for_kali_packages.yml | 30 +++++++++---------- roles/kali_like/tasks/serial_hostname.yml | 6 ++-- .../tasks/configure_keyboard_capslockctrl.yml | 6 ++-- .../tasks/configure_keyboard_hid_apple.yml | 6 ++-- roles/kdmt/tasks/setup_xsessiond_dropin.yml | 6 ++-- roles/kdmt/tasks/user_visible_bell.yml | 10 +++---- .../kdmt/tasks/user_xmodmap_capslockctrl.yml | 4 +-- .../tasks/user_xmodmap_natural_scrolling.yml | 4 +-- tasks/add_repo_signing_key.yml | 18 +++++------ tasks/check_repair_user_pipx.yml | 6 ++-- tasks/install_guacamole.yml | 6 ++-- tasks/setup-vnc.yml | 18 +++++------ 32 files changed, 133 insertions(+), 117 deletions(-) diff --git a/.yamllint b/.yamllint index a48dd5b..d654cc8 100644 --- a/.yamllint +++ b/.yamllint @@ -30,8 +30,10 @@ rules: new-line-at-end-of-file: disable new-lines: type: unix + # The following 'forbid-*' rules may not mean what you think they mean. + # See: https://yamllint.readthedocs.io/en/stable/rules.html#module-yamllint.rules.octal_values octal-values: - forbid-explicit-octal: false + forbid-explicit-octal: true forbid-implicit-octal: true trailing-spaces: disable truthy: disable diff --git a/molecule/branding/converge.yml b/molecule/branding/converge.yml index 0f02f0e..94f8b8a 100644 --- a/molecule/branding/converge.yml +++ b/molecule/branding/converge.yml @@ -23,7 +23,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index bf2ab42..d9f7af3 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -38,7 +38,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/delegated/converge.yml b/molecule/delegated/converge.yml index 19758fb..71be58e 100644 --- a/molecule/delegated/converge.yml +++ b/molecule/delegated/converge.yml @@ -37,7 +37,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/dropins/converge.yml b/molecule/dropins/converge.yml index 91eeb9c..50d1735 100644 --- a/molecule/dropins/converge.yml +++ b/molecule/dropins/converge.yml @@ -13,7 +13,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/ip_in_issue/converge.yml b/molecule/ip_in_issue/converge.yml index 7d83024..820a82a 100644 --- a/molecule/ip_in_issue/converge.yml +++ b/molecule/ip_in_issue/converge.yml @@ -28,7 +28,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/kali_like/converge.yml b/molecule/kali_like/converge.yml index 7d8769a..2bbfbc7 100644 --- a/molecule/kali_like/converge.yml +++ b/molecule/kali_like/converge.yml @@ -13,7 +13,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/kdmt/converge.yml b/molecule/kdmt/converge.yml index 4431b04..d560c5e 100644 --- a/molecule/kdmt/converge.yml +++ b/molecule/kdmt/converge.yml @@ -23,7 +23,9 @@ content: | {{ vars | to_yaml }} dest: '{{ molecule_ephemeral_directory }}/ansible-vars.yml' - mode: 0o600 + owner: 'root' + group: 'root' + mode: '0o600' changed_when: false delegate_to: localhost diff --git a/molecule/shared/prepare.yml b/molecule/shared/prepare.yml index 9244367..faade35 100644 --- a/molecule/shared/prepare.yml +++ b/molecule/shared/prepare.yml @@ -17,9 +17,9 @@ ansible.builtin.copy: src: 'config.txt' dest: '/boot/config.txt' - owner: root - group: root - mode: 0o640 + owner: 'root' + group: 'root' + mode: '0o640' when: boot_config.stat.exists is false - name: Stat `/boot/cmdline.txt` file. @@ -31,9 +31,9 @@ ansible.builtin.copy: src: 'cmdline.txt' dest: '/boot/cmdline.txt' - owner: root - group: root - mode: 0o640 + owner: 'root' + group: 'root' + mode: '0o640' when: boot_cmdline.stat.exists is false - name: Include account enumeration tasks. @@ -45,7 +45,7 @@ state: directory owner: '{{ user }}' group: '{{ user }}' - mode: 0o700 + mode: '0o700' loop: '{{ accounts }}' loop_control: loop_var: user diff --git a/playbooks/install-zaproxy.yml b/playbooks/install-zaproxy.yml index 22b02c1..3d04534 100644 --- a/playbooks/install-zaproxy.yml +++ b/playbooks/install-zaproxy.yml @@ -70,9 +70,9 @@ ansible.builtin.copy: src: '{{ zaproxy_deb_dir }}{{ zaproxy_deb }}' dest: '/tmp//{{ zaproxy_deb }}' - owner: root - group: root - mode: 0o660 + owner: 'root' + group: 'root' + mode: '0o660' become: true - name: Ensure zaproxy DEB is installed. diff --git a/roles/branding/tasks/boot_splash.yml b/roles/branding/tasks/boot_splash.yml index f0e0935..eccd5a4 100644 --- a/roles/branding/tasks/boot_splash.yml +++ b/roles/branding/tasks/boot_splash.yml @@ -14,7 +14,7 @@ state: present owner: 'root' group: 'root' - mode: 0o640 + mode: '0o640' become: true when: branding__boot_config.stat.exists @@ -31,7 +31,7 @@ state: absent owner: 'root' group: 'root' - mode: 0o640 + mode: '0o640' backup: false become: true check_mode: true @@ -49,7 +49,7 @@ backup: false owner: 'root' group: 'root' - mode: 0o640 + mode: '0o640' become: true when: branding__boot_cmdline.stat.exists and not branding__nologo_exists.found @@ -76,9 +76,9 @@ ansible.builtin.template: src: 'splashscreen.service.j2' dest: '/lib/systemd/system/splashscreen.service' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true notify: Enable splashscreen diff --git a/roles/branding/tasks/check_custom_splash.yml b/roles/branding/tasks/check_custom_splash.yml index b7a871c..105c4ba 100644 --- a/roles/branding/tasks/check_custom_splash.yml +++ b/roles/branding/tasks/check_custom_splash.yml @@ -38,9 +38,9 @@ src: '/boot/custom-splash.jpg' dest: '/root/custom-splash.jpg' remote_src: true - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' - name: Ensure `/boot/custom-splash.jpg` is absent. ansible.builtin.file: @@ -64,9 +64,9 @@ ansible.builtin.copy: src: '{{ branding__custom_splash }}' dest: '/root/custom-splash{{ branding__custom_splash_ext }}' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' - name: Ensure file exists in `.jpg` format. ansible.builtin.shell: > diff --git a/roles/branding/tasks/clipit-nohistory.yml b/roles/branding/tasks/clipit-nohistory.yml index 2ca8707..efe1b2f 100644 --- a/roles/branding/tasks/clipit-nohistory.yml +++ b/roles/branding/tasks/clipit-nohistory.yml @@ -15,7 +15,7 @@ state: directory owner: '{{ user }}' group: '{{ user }}' - mode: 0o750 + mode: '0o750' recurse: false become: true @@ -25,7 +25,7 @@ dest: '{{ homedir[user] }}/.config/clipit/clipitrc' owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' become: true when: not branding__clipitrc.stat.exists diff --git a/roles/branding/tasks/lxde-desktop-configure.yml b/roles/branding/tasks/lxde-desktop-configure.yml index 54cc77a..3aa551f 100644 --- a/roles/branding/tasks/lxde-desktop-configure.yml +++ b/roles/branding/tasks/lxde-desktop-configure.yml @@ -67,7 +67,7 @@ state: directory owner: '{{ user }}' group: '{{ user }}' - mode: 0o750 + mode: '0o750' become: true become_user: '{{ user }}' loop: '{{ branding__config_templates }}' @@ -83,7 +83,7 @@ dest: "{{ branding__dot_config_dir + item | replace('.j2', '') }}" owner: '{{ user }}' group: '{{ user }}' - mode: 0o750 + mode: '0o750' become: true become_user: '{{ user }}' loop: '{{ branding__config_templates }}' diff --git a/roles/branding/tasks/main.yml b/roles/branding/tasks/main.yml index cabd8ab..a4c12a0 100644 --- a/roles/branding/tasks/main.yml +++ b/roles/branding/tasks/main.yml @@ -95,9 +95,9 @@ ansible.builtin.file: path: '{{ branding__lxde_wallpapers_directory }}' state: directory - owner: root - group: root - mode: 0o755 + owner: 'root' + group: 'root' + mode: '0o755' become: true - name: Ensure `custom-splash.jpg` is an optional desktop background. @@ -105,9 +105,9 @@ src: '/root/custom-splash.jpg' dest: '{{ branding__lxde_wallpapers_directory }}/custom-splash.jpg' remote_src: true - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true # https://martin.hoppenheit.info/blog/2016/where-to-put-application-icons-on-linux/ diff --git a/roles/dropins/tasks/main.yml b/roles/dropins/tasks/main.yml index 9dd1425..1ccaa29 100644 --- a/roles/dropins/tasks/main.yml +++ b/roles/dropins/tasks/main.yml @@ -42,9 +42,9 @@ ansible.builtin.copy: src: dotlocal.sh dest: /etc/profile.d/dotlocal.sh - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true # vim: ft=ansible : diff --git a/roles/dropins/tasks/setup_dropin.yml b/roles/dropins/tasks/setup_dropin.yml index e143db0..5d2ee83 100644 --- a/roles/dropins/tasks/setup_dropin.yml +++ b/roles/dropins/tasks/setup_dropin.yml @@ -61,7 +61,7 @@ ansible.builtin.template: dest: '{{ dropins__dropin_path }}' src: 'dropin_header.j2' - mode: 0o640 + mode: '0o640' register: dropins__copy_result when: not dropins__file_result.stat.exists diff --git a/roles/ip_in_issue/tasks/main.yml b/roles/ip_in_issue/tasks/main.yml index a3d46d5..d25f09c 100644 --- a/roles/ip_in_issue/tasks/main.yml +++ b/roles/ip_in_issue/tasks/main.yml @@ -101,9 +101,9 @@ ansible.builtin.template: src: issue.j2 dest: /etc/issue - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' register: ip_in_issue__etc_issue changed_when: - ip_in_issue__etc_issue.changed @@ -134,9 +134,9 @@ ansible.builtin.file: path: /etc/issue.d state: directory - owner: root - group: root - mode: 0o755 + owner: 'root' + group: 'root' + mode: '0o755' become: true # NetworkManager randomizes the MAC address on the `wlan0` @@ -148,9 +148,9 @@ ansible.builtin.template: src: '{{ item }}' dest: '/etc/issue.d/{{ item.replace(".j2", "") | basename }}' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' with_items: '{{ ip_in_issue__issue_templates }}' changed_when: false become: true diff --git a/roles/kali_like/tasks/install_helper_scripts.yml b/roles/kali_like/tasks/install_helper_scripts.yml index bebca4c..aab8058 100644 --- a/roles/kali_like/tasks/install_helper_scripts.yml +++ b/roles/kali_like/tasks/install_helper_scripts.yml @@ -24,7 +24,7 @@ state: directory owner: '{{ user }}' group: '{{ user }}' - mode: 0o750 + mode: '0o750' become: true when: not kali_like__dot_local_result.stat.exists @@ -34,7 +34,7 @@ dest: "{{ kali_like__dot_local_bin + item | replace('.sh.j2', '') }}" owner: '{{ user }}' group: '{{ user }}' - mode: 0o755 + mode: '0o755' become: true loop: '{{ kali_like__script_templates }}' diff --git a/roles/kali_like/tasks/main.yml b/roles/kali_like/tasks/main.yml index 0c7dceb..05e7ce0 100644 --- a/roles/kali_like/tasks/main.yml +++ b/roles/kali_like/tasks/main.yml @@ -66,7 +66,7 @@ state: directory owner: 'root' group: 'root' - mode: 0o755 + mode: '0o755' become: true - name: Ensure kali-applications.menu exists. @@ -75,7 +75,7 @@ dest: '/etc/xdg/menus/applications-merged/kali-applications.menu' owner: 'root' group: 'root' - mode: 0o644 + mode: '0o644' become: true - name: Include hostname configuration tasks. diff --git a/roles/kali_like/tasks/prepare_for_kali_packages.yml b/roles/kali_like/tasks/prepare_for_kali_packages.yml index 2e15e6c..e146a16 100644 --- a/roles/kali_like/tasks/prepare_for_kali_packages.yml +++ b/roles/kali_like/tasks/prepare_for_kali_packages.yml @@ -57,9 +57,9 @@ dest: "/etc/apt/apt.conf.d/dpkg-options" content: | DPkg::options { "--force-confdef"; "--force-confold"; } - owner: "root" - group: "root" - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Ensure Debian sources in `/etc/apt/sources.list.d/debian.list` @@ -68,9 +68,9 @@ content: | deb http://deb.debian.org/debian unstable main contrib non-free deb http://deb.debian.org/debian experimental main - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Ensure Kali sources in `/etc/apt/sources.list.d/kali.list` @@ -81,9 +81,9 @@ deb http://http.kali.org/kali kali-rolling main contrib non-free deb-src http://http.kali.org/kali kali-bleeding-edge main contrib non-free deb-src http://http.kali.org/kali kali-rolling main contrib non-free - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Block for updating APT cache after list changes. @@ -120,9 +120,9 @@ content: | # NOTE: This has the effect of setting the Pin-Priority for this repo to 990. APT::Default-Release "kali-rolling"; - owner: "root" - group: "root" - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Ensure additional custom APT package priority policy is set. @@ -142,9 +142,9 @@ Pin: release a=unstable Pin-Priority: 800 # - owner: "root" - group: "root" - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Get current APT policy. diff --git a/roles/kali_like/tasks/serial_hostname.yml b/roles/kali_like/tasks/serial_hostname.yml index 2bea163..da6b3da 100644 --- a/roles/kali_like/tasks/serial_hostname.yml +++ b/roles/kali_like/tasks/serial_hostname.yml @@ -66,9 +66,9 @@ path: '/etc/hosts' line: '127.0.1.1 {{ kali_like__host_serial }}' insertafter: '127.0.0.1 localhost' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true - name: Ensure hostname has serialized Kali host name. diff --git a/roles/kdmt/tasks/configure_keyboard_capslockctrl.yml b/roles/kdmt/tasks/configure_keyboard_capslockctrl.yml index 5810e06..5689f65 100644 --- a/roles/kdmt/tasks/configure_keyboard_capslockctrl.yml +++ b/roles/kdmt/tasks/configure_keyboard_capslockctrl.yml @@ -30,9 +30,9 @@ # Remap CapsLock <-> Left CTRL KEYBOARD_KEY_70039=leftctrl KEYBOARD_KEY_700E0=capslock - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' register: kdmt__udev_hwdb become: true diff --git a/roles/kdmt/tasks/configure_keyboard_hid_apple.yml b/roles/kdmt/tasks/configure_keyboard_hid_apple.yml index 112b48c..276a2dd 100644 --- a/roles/kdmt/tasks/configure_keyboard_hid_apple.yml +++ b/roles/kdmt/tasks/configure_keyboard_hid_apple.yml @@ -13,9 +13,9 @@ ansible.builtin.template: dest: '/etc/modprobe.d/hid_apple.conf' src: 'hid_apple.conf.j2' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' register: kdmt__hid_apple_conf - name: Ensure initrd images are updated. diff --git a/roles/kdmt/tasks/setup_xsessiond_dropin.yml b/roles/kdmt/tasks/setup_xsessiond_dropin.yml index 7bdf779..d864826 100644 --- a/roles/kdmt/tasks/setup_xsessiond_dropin.yml +++ b/roles/kdmt/tasks/setup_xsessiond_dropin.yml @@ -16,9 +16,9 @@ ansible.builtin.copy: src: 'custom_load_xmodmap' dest: '{{ kdmt__custom_xmodmap }}' - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' become: true when: kdmt__xsessiond.stat.exists diff --git a/roles/kdmt/tasks/user_visible_bell.yml b/roles/kdmt/tasks/user_visible_bell.yml index fdc6249..f5681e4 100644 --- a/roles/kdmt/tasks/user_visible_bell.yml +++ b/roles/kdmt/tasks/user_visible_bell.yml @@ -11,7 +11,7 @@ set prefer-visible-bell owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' create: true become: true @@ -23,7 +23,7 @@ # set bellstyle visible # owner: '{{ user }}' # group: '{{ user }}' -# mode: 0o640 +# mode: '0o640' # create: true # # Hack to get idempotence test to pass for now. # changed_when: false @@ -37,7 +37,7 @@ set visiblebell owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' create: true become: true @@ -49,7 +49,7 @@ set flash owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' create: true become: true @@ -61,7 +61,7 @@ set vb t_vb= owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' create: true become: true diff --git a/roles/kdmt/tasks/user_xmodmap_capslockctrl.yml b/roles/kdmt/tasks/user_xmodmap_capslockctrl.yml index bc16afa..6b4299a 100644 --- a/roles/kdmt/tasks/user_xmodmap_capslockctrl.yml +++ b/roles/kdmt/tasks/user_xmodmap_capslockctrl.yml @@ -24,7 +24,7 @@ create: true owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' when: kdmt__keyboard_swapcapslockctrl | bool - name: 'Ensure file does not swap capslock/ctrl: {{ kdmt__user_xmodmap[user] }}' @@ -35,7 +35,7 @@ create: true owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' when: not kdmt__keyboard_swapcapslockctrl | bool # vim: ft=ansible: diff --git a/roles/kdmt/tasks/user_xmodmap_natural_scrolling.yml b/roles/kdmt/tasks/user_xmodmap_natural_scrolling.yml index e9b0031..e868550 100644 --- a/roles/kdmt/tasks/user_xmodmap_natural_scrolling.yml +++ b/roles/kdmt/tasks/user_xmodmap_natural_scrolling.yml @@ -20,7 +20,7 @@ create: true owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' when: kdmt__natural_scrolling | bool - name: 'Ensure file does not enable natural scrolling: {{ kdmt__user_xmodmap }}' @@ -31,7 +31,7 @@ create: true owner: '{{ user }}' group: '{{ user }}' - mode: 0o640 + mode: '0o640' when: not kdmt__natural_scrolling | bool # vim: ft=ansible: diff --git a/tasks/add_repo_signing_key.yml b/tasks/add_repo_signing_key.yml index da9179a..72a49ec 100644 --- a/tasks/add_repo_signing_key.yml +++ b/tasks/add_repo_signing_key.yml @@ -43,9 +43,9 @@ ansible.builtin.file: path: "{{ shared_keyrings }}" state: directory - owner: root - group: root - mode: 0o755 + owner: 'root' + group: 'root' + mode: '0o755' become: true - name: Stat signing key file. @@ -61,9 +61,9 @@ ansible.builtin.copy: src: "{{ kali_like__signing_key }}" dest: "{{ tmp_key_path }}" - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' changed_when: false rescue: @@ -71,9 +71,9 @@ ansible.builtin.get_url: url: "{{ kali_like__signing_key }}" dest: "{{ tmp_key_path }}" - owner: root - group: root - mode: 0o644 + owner: 'root' + group: 'root' + mode: '0o644' changed_when: false # - name: Stat the key file in shared directory. diff --git a/tasks/check_repair_user_pipx.yml b/tasks/check_repair_user_pipx.yml index 26af1e1..f6dc260 100644 --- a/tasks/check_repair_user_pipx.yml +++ b/tasks/check_repair_user_pipx.yml @@ -41,9 +41,9 @@ - name: Ensure `.bashrc` sources `.bash_aliases`. ansible.builtin.blockinfile: - path: "{{ homedir[user] }}/.bashrc" - owner: "{{ user }}" - mode: 0o640 + path: '{{ homedir[user] }}/.bashrc' + owner: '{{ user }}' + mode: '0o640' block: | if [ -f ~/.bash_aliases ]; then . ~/.bash_aliases diff --git a/tasks/install_guacamole.yml b/tasks/install_guacamole.yml index 107652e..99c51a8 100644 --- a/tasks/install_guacamole.yml +++ b/tasks/install_guacamole.yml @@ -93,7 +93,7 @@ state: directory owner: 'root' group: 'root' - mode: 0o770 + mode: '0o770' become: true - name: Ensure `/etc/guacamole` directory exists. @@ -102,7 +102,7 @@ state: directory owner: 'root' group: 'root' - mode: 0o755 + mode: '0o755' become: true - name: Ensure `guacd` configuration file exists`. @@ -114,7 +114,7 @@ bind_port = 4822 owner: 'root' group: 'root' - mode: 0o644 + mode: '0o644' become: true - name: Ensure timezone tables exist. diff --git a/tasks/setup-vnc.yml b/tasks/setup-vnc.yml index 72c0424..6a48ed4 100644 --- a/tasks/setup-vnc.yml +++ b/tasks/setup-vnc.yml @@ -9,19 +9,19 @@ - name: Ensure user's `~/.vnc` directory exists. ansible.builtin.file: state: directory - path: "{{ user_vnc_directory }}" - owner: "{{ user }}" - group: "{{ user }}" - mode: 0o640 + path: '{{ user_vnc_directory }}' + owner: '{{ user }}' + group: '{{ user }}' + mode: '0o640' become: true - name: Ensure user's `xstartup` script exists in `~/.vnc` directory. ansible.builtin.copy: - src: "xstartup" - dest: "{{ user_vnc_directory }}" - owner: "{{ user }}" - group: "{{ user }}" - mode: 0o750 + src: 'xstartup' + dest: '{{ user_vnc_directory }}' + owner: '{{ user }}' + group: '{{ user }}' + mode: '0o750' become: true # https://unix.stackexchange.com/questions/529375/configuring-tigervnc-systemd-process-on-ubuntu-18-04