feat: fix linting errors

.ansible-lint

@@ -1,3 +1,8 @@
 exclude_paths:
-  ./.travis.yml
-  tests/*
+  - tests/*
+  - .github/**
+skip_list:
+  - name[template]
+  - command-instead-of-shell  # Use shell only when shell functionality is required.
+  - no-changed-when  # Commands should not change things if nothing needs doing.
+  - package-latest  # Package installs should not use latest.

.ansible-lint-ignore

@@ -0,0 +1,8 @@
+tasks/ssh_client_config.yml no-changed-when
+tasks/create_routes_dns.yml no-changed-when
+tasks/create_routes_lb.yml no-changed-when
+tasks/create_routes_cidr.yml no-changed-when
+tasks/configure_sysctl.yml no-changed-when
+tasks/configure_sysctl.yml command-instead-of-shell
+tasks/install.yml no-changed-when
+tasks/install.yml package-latest

.config/.ansible-lint

@@ -0,0 +1,5 @@
+exclude_paths:
+  - tests/*
+  - .github/**
+skip_list:
+  - name[template]

.config/.ansible-lint-ignore

@@ -0,0 +1,8 @@
+tasks/ssh_client_config.yml no-changed-when
+tasks/create_routes_dns.yml no-changed-when
+tasks/create_routes_lb.yml no-changed-when
+tasks/create_routes_cidr.yml no-changed-when
+tasks/configure_sysctl.yml no-changed-when
+tasks/configure_sysctl.yml command-instead-of-shell
+tasks/install.yml no-changed-when
+tasks/install.yml package-latest

.github/FUNDING.yml

@@ -1,4 +1,4 @@
 # These are supported funding model platforms
 
 patreon: papanito
-custom: https://flattr.com/@papanito
+custom: https://flattr.com/@papanito

.github/workflows/release.yml

@@ -29,60 +29,60 @@ jobs:
     name: Prepare Release
     runs-on: ubuntu-latest
     steps:
-      - name: Set RELEASE_VERSION
-        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV 
-      - uses: actions/checkout@v2
-        with:
-          ref: ${{ github.ref }}
-          fetch-depth: 0
-      - name: Create release branch
-        run: git checkout -b release/$RELEASE_VERSION &&  git push --set-upstream origin release/$RELEASE_VERSION
-      - name: Install auto-changelog
-        run: sudo npm install -g auto-changelog
-      - name: Set current version
-        run: echo $RELEASE_VERSION > ./VERSION
-      - name: Create changelog
-        run: auto-changelog --ignore-commit-pattern "^\[?ci|docu|Merge|meta\]?|fixup" --release-summary 
-      - uses: stefanzweifel/git-auto-commit-action@v4
-        with:
-          commit_message: "meta: Update changelog, bump version"
-          file_pattern: ./VERSION ./CHANGELOG.md
-          commit_user_name: GitHub Actions
-          commit_user_email: ci@wyssmann.com
-          commit_author: Papanito <papanito@wyssmann.com>
-          push_options: --force
+    - name: Set RELEASE_VERSION
+      run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV 
+    - uses: actions/checkout@v2
+      with:
+        ref: ${{ github.ref }}
+        fetch-depth: 0
+    - name: Create release branch
+      run: git checkout -b release/$RELEASE_VERSION &&  git push --set-upstream origin release/$RELEASE_VERSION
+    - name: Install auto-changelog
+      run: sudo npm install -g auto-changelog
+    - name: Set current version
+      run: echo $RELEASE_VERSION > ./VERSION
+    - name: Create changelog
+      run: auto-changelog --ignore-commit-pattern "^\[?ci|docu|Merge|meta\]?|fixup" --release-summary 
+    - uses: stefanzweifel/git-auto-commit-action@v4
+      with:
+        commit_message: "meta: Update changelog, bump version"
+        file_pattern: ./VERSION ./CHANGELOG.md
+        commit_user_name: GitHub Actions
+        commit_user_email: ci@wyssmann.com
+        commit_author: Papanito <papanito@wyssmann.com>
+        push_options: --force
 
   create-release:
     name: Create Release
     runs-on: ubuntu-latest
     steps:
-      - name: Set env
-        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-      - name: Checkout code
-        uses: actions/checkout@v2
-      - name: Install auto-changelog
-        run: sudo npm install -g auto-changelog
-      - name: Create release notes
-        run: auto-changelog --ignore-commit-pattern "^\[?ci|docu|Merge|meta\]?|fixup" --starting-version $RELEASE_VERSION -o RELEASENOTES.md --release-summary 
-      - name: Create Release
-        id: create_release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
-        with:
-          tag_name: ${{ github.ref }}
-          release_name: Release ${{ github.ref }}
-          body_path: ./RELEASENOTES.md
-          draft: false
-          prerelease: false
+    - name: Set env
+      run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+    - name: Checkout code
+      uses: actions/checkout@v2
+    - name: Install auto-changelog
+      run: sudo npm install -g auto-changelog
+    - name: Create release notes
+      run: auto-changelog --ignore-commit-pattern "^\[?ci|docu|Merge|meta\]?|fixup" --starting-version $RELEASE_VERSION -o RELEASENOTES.md --release-summary 
+    - name: Create Release
+      id: create_release
+      uses: actions/create-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+      with:
+        tag_name: ${{ github.ref }}
+        release_name: Release ${{ github.ref }}
+        body_path: ./RELEASENOTES.md
+        draft: false
+        prerelease: false
     needs: 
     - build
     - prepare-release
 
   import-role:
     runs-on: ubuntu-latest
     needs: create-release
-    steps: 
+    steps:
     - uses: 0x022b/galaxy-role-import-action@v1
       with:
         galaxy_api_key: ${{ secrets.ansible_galaxy_apikey }}

README.md

@@ -271,7 +271,7 @@ The following example installs an [named tunnel] `servers` with an ingress to `{
 ```yaml
 - hosts: servers
   remote_user: ansible
-  become: yes
+  become: true
   vars:
     cf_cert_location: /home/papanito/.cloudflared/cert.mycompany.com.pem
     cf_tunnels:
@@ -299,8 +299,8 @@ The following example simply downloads `cloudflared` on your local machine and c
 - hosts: localhost
   remote_user: papanito #your local user who has admin
   vars:
-    cf_install_only: True
-    cf_ssh_client_config: True
+    cf_install_only: true
+    cf_ssh_client_config: true
     cf_ssh_client_config_group: servers
   roles:
     - papanito.cloudflared

defaults/main.yml

@@ -3,20 +3,20 @@
 cf_init_system: systemd
 cf_systemd_user: root
 cf_systemd_group: root
-cf_remove_setup_certificate: False
+cf_remove_setup_certificate: false
 
 cf_download_baseurl: https://github.com/cloudflare/cloudflared/releases/latest/download/
 cf_download_folder: ./download
-cf_install_only: False
-cf_force_install: False
-cf_remove_unused_tunnel: False
-cf_ssh_client_config: False
+cf_install_only: false
+cf_force_install: false
+cf_remove_unused_tunnel: false
+cf_ssh_client_config: false
 cf_ssh_client_config_group: ""
 
 cf_credentials_dir: "/root/.cloudflared/"
 
-cf_os_package_enable: False
-cf_sysctl_buffer_size_increase: False
+cf_os_package_enable: false
+cf_sysctl_buffer_size_increase: false
 cf_repository_key_url: https://pkg.cloudflare.com/cloudflare-main.gpg
 cf_repository_key_install_path: /usr/share/keyrings/cloudflare-main.gpg
 cf_repository: "deb [signed-by={{ cf_repository_key_install_path }}] https://pkg.cloudflare.com/cloudflared {{ ansible_distribution_release }} main"

handlers/main.yml

@@ -1,2 +1,31 @@
 ---
-# handlers file for cloudflared
+# handlers file for cloudflared
+- name: Reload systemd
+  ansible.builtin.systemd:
+    daemon_reload: true
+    no_block: false
+
+- name: Link Stop-Script
+  ansible.builtin.file:
+    src: "/etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
+    path: "/etc/{{ item_runlevel }}/K01{{ systemd_filename }}-{{ tunnel_name }}"
+    state: link
+  with_items:
+    - rc0.d
+    - rc1.d
+    - rc6.d
+  loop_control:
+    loop_var: item_runlevel
+
+- name: Link Start-Script
+  ansible.builtin.file:
+    src: "/etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
+    path: "/etc/{{ item_runlevel }}/S99{{ systemd_filename }}-{{ tunnel_name }}"
+    state: link
+  with_items:
+    - rc2.d
+    - rc3.d
+    - rc4.d
+    - rc5.d
+  loop_control:
+    loop_var: item_runlevel

meta/main.yml

@@ -6,21 +6,21 @@ galaxy_info:
   company: wyssmann.com
   issue_tracker_url: https://github.com/papanito/ansible-role-cloudflared/issues
   license: Apache
-  min_ansible_version: 2.7
+  min_ansible_version: "2.7"
 
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
+    - name: EL
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
 
   galaxy_tags:
-  - networking
-  - cloudflare
+    - networking
+    - cloudflare
 
-dependencies: []
+dependencies: []

tasks/configure_initv.yml

@@ -1,42 +1,19 @@
+---
 - name: Define required variables for configure
-  set_fact:
+  ansible.builtin.set_fact:
     tunnel_name: "{{ item.key }}"
     initv_pid_file: "/var/run/{{ systemd_filename }}_{{ tunnel_name }}.pid"
     initv_log_file: "/var/log/{{ systemd_filename }}_{{ tunnel_name }}.log"
 
-- name: Install cloudflared service for service '{{ tunnel_name }}' in System-V
+- name: Install cloudflare system-v service for service '{{ tunnel_name }}'
   ansible.builtin.template:
     src: cloudflared.initv.j2
     dest: "/etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
     owner: root
     group: root
-    mode: 0755
+    mode: "755"
   register: service_template
-  no_log: True
-
-- name: Link Stop-Script to /etc/init.d/"{{ systemd_filename }}-{{ tunnel_name }}"
-  ansible.builtin.file:
-    src: "/etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
-    path: "/etc/{{ item_runlevel }}/K01{{ systemd_filename }}-{{ tunnel_name }}"
-    state: link
-  with_items:
-    - rc0.d
-    - rc1.d
-    - rc6.d
-  loop_control:
-    loop_var: item_runlevel
-  when: service_template.changed
-
-- name: "Link Start-Script /etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
-  ansible.builtin.file:
-    src: "/etc/init.d/{{ systemd_filename }}-{{ tunnel_name }}"
-    path: "/etc/{{ item_runlevel }}/S99{{ systemd_filename }}-{{ tunnel_name }}"
-    state: link
-  with_items:
-    - rc2.d
-    - rc3.d
-    - rc4.d
-    - rc5.d
-  loop_control:
-    loop_var: item_runlevel
-  when: service_template.changed
+  no_log: true
+  notify:
+    - Link Stop-Script
+    - Link Start-Script

tasks/configure_sysctl.yml

@@ -1,13 +1,13 @@
 - name: Register OS uname
-  shell: uname
+  ansible.builtin.shell: uname
   register: os_uname
 
-- name: "Change sysctl-settings net.core.rmem_max=2500000 (uname: {{ os_uname.stdout }})"
-  sysctl:
+- name: "Change sysctl-settings net.core.rmem_max=2500000 (uname: {{ os_uname.stdout }})"
+  ansible.posix.sysctl:
     name: net.core.rmem_max
     value: 2500000
-    sysctl_set: yes
+    sysctl_set: true
     state: present
-    reload: yes
-    ignoreerrors: yes
+    reload: true
+    ignoreerrors: true
   when: os_uname.stdout == "Linux"

tasks/configure_systemd.yml

@@ -1,16 +1,13 @@
 - name: Define required variables for configure
-  set_fact:
+  ansible.builtin.set_fact:
     tunnel_name: "{{ cf_tunnel.key }}"
 
 - name: Install cloudflared service for service '{{ tunnel_name }}' in systemd
   ansible.builtin.template:
     src: cloudflared.service.j2
     dest: "{{ cf_systemd_target_dir }}/{{ systemd_filename }}@.service"
+    mode: "644"
   register: service_template
-  no_log: True
-
-- name: Reload systemd
-  ansible.builtin.systemd:
-    daemon_reload: yes
-    no_block: no
-  when: service_template.changed
+  no_log: true
+  notify:
+    - Reload systemd