style: correct ansible lint

tasks/AUR_builder.yml

@@ -1,18 +1,18 @@
-- name: install base-devel package
+- name: Install base-devel package
-  pacman:
+  community.general.pacman:
     state: present # not required. choices: absent;latest;present. Desired state of the package.
     name: ["base-devel"] # not required. Name or list of names of the packages to install, upgrade, or remove.
     update_cache: true
   become: true
 
 - name: Create aur_builder user
-  user:
+  ansible.builtin.user:
     name: aur_builder
     group: wheel
   become: true
 
 - name: Allow aur_builder to run pacman as root
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/sudoers.d/11-install-aur_builder
     line: "aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman"
     create: true
@@ -20,7 +20,7 @@
     mode: 0600
   become: true
 
-- name: install yay
+- name: Install yay
   aur:
     state: present
     name: yay

tasks/base_software.yml

@@ -1,5 +1,5 @@
-- name: upgrade arch-keyring
+- name: Upgrade arch-keyring
-  pacman:
+  community.general.pacman:
     state: latest # noqa package-latest
     name: archlinux-keyring
     force: true
@@ -7,8 +7,8 @@
   become: true
   when: system_upgrade and  ansible_facts['os_family'] == "Archlinux"
 
-- name: upgrade system
+- name: Upgrade system
-  pacman:
+  community.general.pacman:
     state: latest # noqa package-latest
     upgrade: true
     force: true
@@ -18,19 +18,19 @@
   register: upgrade
 
 - name: Reboot  updates to apply
-  reboot:
+  ansible.builtin.reboot:
     reboot_timeout: 3600
   when: upgrade.changed and "linux" in upgrade.packages and system_upgrade and  ansible_facts['os_family'] == "Archlinux"
   become: true
 
-- name: launch arch base install software
+- name: Launch arch base install software
-  pacman:
+  community.general.pacman:
     state: present
     name: "{{ system_base_softwares }}"
   become: true
   when: ansible_facts['os_family'] == "Archlinux"
 
-- name: install aur workstation soft
+- name: Install aur workstation soft
   aur:
     name: "{{ system_base_aur_soft }}"
     state: present
@@ -38,23 +38,23 @@
   become_user: aur_builder
   when: ansible_facts['os_family'] == "Archlinux" and system_base_aur_soft
 
-- name: launch debian base install software
+- name: Launch debian base install software
-  apt:
+  ansible.builtin.apt:
     state: present
     name: "{{ system_base_softwares }}"
     update_cache: true
   become: true
   when: ansible_facts['os_family'] == "Debian"
 
-- name: launch redhat base install software
+- name: Launch redhat base install software
-  dnf:
+  ansible.builtin.dnf:
     state: present
     name: "{{ system_base_softwares }}"
     update_cache: true
   become: true
   when: ansible_facts['os_family'] == "RedHat"
 
-#- name: pass user shell to zsh
+#- name: Pass user shell to zsh
 #  user:
 #    name: "{{ user.name }}"
 #    shell: /bin/zsh

tasks/bat.yml

@@ -1,5 +1,5 @@
 - name: GITHUB | Get current version of bat
-  shell: >
+  ansible.builtin.shell: >
     set -o pipefail &&
     curl -L --silent https://api.github.com/repos/sharkdp/bat/releases/latest |
     grep '"tag_name":' |
@@ -12,14 +12,12 @@
      bat_version.rc != 0 or
      not bat_version.stdout|regex_search('\w+\.\w+\.\w+')
 - name: DEBIAN | Set URL to download bins
-  set_fact:
+  ansible.builtin.set_fact:
     debian_url: "https://github.com/sharkdp/bat/releases/download/v{{ bat_version.stdout }}/bat_{{ bat_version.stdout }}_amd64.deb"
   when: ansible_facts['os_family'] == "Debian"
 
 - name: DEBIAN | Install deb from github
   become: true
-  apt:
+  ansible.builtin.apt:
     deb: "{{ debian_url }}"
   when: ansible_facts['os_family'] == "Debian"
-
-

tasks/depot_debian.yml

@@ -1,5 +1,5 @@
-- name: add repo main contrib
+- name: Add repo main contrib
-  apt_repository:
+  ansible.builtin.apt_repository:
     repo: deb http://ftp.fr.debian.org/debian/ stable main contrib non-free
     state: present
     update_cache: true

tasks/depot_redhat.yml

@@ -1,5 +1,5 @@
-- name: add repo main contrib
+- name: Add repo main contrib
-  dnf:
+  ansible.builtin.dnf:
     name: epel-release
     state: present
     update_cache: true

tasks/dhcpcd.yml

@@ -1,10 +1,10 @@
 ---
-- name: ensure dhcpcd is instaled
+- name: Ensure dhcpcd is instaled
-  pacman:
+  community.general.pacman:
     name: dhcpcd
     state: present
-- name: change hostname setting
+- name: Change hostname setting
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/dhcpcd.conf
     regexp: "^#hostname"
     line: "hostname"

tasks/firewalld.yml

@@ -1,6 +1,6 @@
 ---
-- name: disable firewalld
+- name: Disable firewalld
-  service:
+  ansible.builtin.service:
     name: firewalld
     state: stopped
     enabled: false

tasks/hostname.yml

@@ -1,5 +1,5 @@
 - name: Ensure hostname set
-  hostname:
+  ansible.builtin.hostname:
     name: "{{ inventory_hostname }}"
     use: systemd
   become: true

tasks/hosts.yml

@@ -1,6 +1,6 @@
 - name: Install custom hosts file
   become: true
-  template:
+  ansible.builtin.template:
     src: etc_hosts.j2
     dest: "{{ hosts_file }}"
     owner: root

tasks/locales.yml

@@ -1,6 +1,6 @@
 ---
 - name: Set keymap
-  copy:
+  ansible.builtin.copy:
     content: "KEYMAP={{ arch_base_keymap }}\n"
     dest: /etc/vconsole.conf
     mode: 0644
@@ -8,14 +8,14 @@
   become: true
 
 - name: Generate locales
-  locale_gen:
+  community.general.locale_gen:
     name: "{{ item }}"
     state: present
   with_items: "{{ arch_base_locales }}"
   become: true
 
 - name: Set locale
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/locale.conf
     line: "LANG={{ arch_base_locale }}"
     regexp: "^LANG="
@@ -25,6 +25,6 @@
 
 - name: Set timezone
   become: true
-  command: timedatectl set-timezone {{ arch_base_timezone }}
+  ansible.builtin.command: timedatectl set-timezone {{ arch_base_timezone }}
   args:
     creates: /etc/localtime

tasks/main.yml

@@ -1,31 +1,49 @@
-- name: gather os specific variables
+- name: Gather os specific variables
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
   with_first_found:
     - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
     - "{{ ansible_os_family }}.yml"
   tags: vars
 
-- include_tasks: hostname.yml
+- name: Include hostname
-- include_tasks: hosts.yml
+  ansible.builtin.include_tasks: hostname.yml
-- include_tasks: tasks.sysctl.yml
+- name: Include hosts
-- include_tasks: dhcpcd.yml
+  ansible.builtin.include_tasks: hosts.yml
+- name: Include tasks.sysctl
+  ansible.builtin.include_tasks: tasks.sysctl.yml
+- name: Include wol
+  ansible.builtin.include_tasks: wol.yml
+- name: Include dhcpcd
+  ansible.builtin.include_tasks: dhcpcd.yml
   when: ansible_os_family == "Archlinux"
-- include_tasks: locales.yml
+- name: Include locales
+  ansible.builtin.include_tasks: locales.yml
   when: ansible_os_family == "Archlinux"
-- include_tasks: time.yml
+- name: Include time
-- include_tasks: usergroup.yml
+  ansible.builtin.include_tasks: time.yml
-- include_tasks: ssh.yml
+- name: Include usergroup
-- include_tasks: sudoers.yml
+  ansible.builtin.include_tasks: usergroup.yml
-- include_tasks: pacman.yml
+- name: Include ssh
+  ansible.builtin.include_tasks: ssh.yml
+- name: Include sudoers
+  ansible.builtin.include_tasks: sudoers.yml
+- name: Include pacman
+  ansible.builtin.include_tasks: pacman.yml
   when: ansible_facts['os_family'] == "Archlinux"
-- include_tasks: firewalld.yml
+- name: Include firewalld
+  ansible.builtin.include_tasks: firewalld.yml
   when: ansible_facts['os_family'] == "RedHat"
-- include_tasks: depot_debian.yml
+- name: Include depot_debian
+  ansible.builtin.include_tasks: depot_debian.yml
   when: ansible_facts['os_family'] == "Debian"
-- include_tasks: depot_redhat.yml
+- name: Inclide depot_redhat
+  ansible.builtin.include_tasks: depot_redhat.yml
   when: ansible_os_family == "RedHat"
-- include_tasks: AUR_builder.yml
+- name: Include AUR_builder
+  ansible.builtin.include_tasks: AUR_builder.yml
   when: ansible_facts['os_family'] == "Archlinux"
-- include_tasks: base_software.yml
+- name: Include base_software 
-- include_tasks: bat.yml
+  ansible.builtin.include_tasks: base_software.yml
+- name: Include bat
+  ansible.builtin.include_tasks: bat.yml
   when: ansible_facts['os_family'] == "Debian"

tasks/pacman.yml

@@ -1,33 +1,42 @@
 ---
 - name: Configure pacman color
-  replace: dest=/etc/pacman.conf regexp="^#(Color)" replace="\1"
+  ansible.builtin.replace: 
+    dest: /etc/pacman.conf
+    regexp: ^#(Color)"
+    replace: \1"
   become: true
 
 - name: Configure more pacman visuals
-  replace: dest=/etc/pacman.conf regexp="#(VerbosePkgLists)" replace="\1\nILoveCandy"
+  ansible.builtin.replace: 
+    dest: /etc/pacman.conf 
+    regexp: "#(VerbosePkgLists)"
+    replace: \1\nILoveCandy"
   become: true
 
 - name: Configure pacman multilib repo
   become: true
-  replace: dest=/etc/pacman.conf regexp="^#(\[multilib\])\n^#(.*)$" replace="\1\n\2"
+  ansible.builtin.replace: 
+    dest: /etc/pacman.conf 
+    regexp: ^#(\[multilib\])\n^#(.*)$" 
+    replace: \1\n\2"
   notify: Update_pacman_repos
   when: ansible_architecture == "x86_64"
 
-- name: add local repo to mirrorlist
+- name: Add local repo to mirrorlist
   become: true
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/pacman.d/mirrorlist
     line: "Server= {{ system_arch_local_mirror }}/$repo/os/$arch"
     state: present
     insertbefore: BOF
   when: system_arch_local_mirror
 
-- name: stat ca-certificates
+- name: Stat ca-certificates
-  stat:
+  ansible.builtin.stat:
     path: "/etc/ssl/certs/ca-certificates.crt" # required. The full path of the file/object to get the facts of.
   register: cacertificates
 
-- name: reinstall certificate for old system
+- name: Reinstall certificate for old system
-  command: "pacman -Sy ca-certificates-utils openssl --noconfirm"
+  ansible.builtin.command: "pacman -Sy ca-certificates-utils openssl --noconfirm"
   become: true
   when: not cacertificates.stat.exists

tasks/ssh.yml

@@ -1,91 +1,91 @@
-- name: ensure SSH instalation
+- name: Ensure SSH instalation
   become: true
-  package:
+  ansible.builtin.package:
-    name: "{{ system_ssh_package }}"
+    name: '{{ system_ssh_package }}'
     state: present
-- name: ensure .ssh exist  for user
+- name: Ensure .ssh exist  for user
   become: true
-  file:
+  ansible.builtin.file:
     state: directory
-    path: "/home/{{item}}/.ssh"
+    path: '/home/{{ item }}/.ssh'
-    owner: "{{item}}"
+    owner: '{{ item }}'
     mode: 0700
   with_items:
-    - "{{user.name}}"
+    - '{{ user.name }}'
     - ansible
 
-- name: copy  ssh config for user
+- name: Copy  ssh config for user
   become: true
-  template:
+  ansible.builtin.template:
-    dest: "/home/{{ item }}/.ssh/config"
+    dest: '/home/{{ item }}/.ssh/config'
-    src: "ssh/config.j2"
+    src: 'ssh/config.j2'
     force: true
     remote_src: false
-    mode: "600"
+    mode: '600'
     selevel: s0
-    owner: "{{ item }}"
+    owner: '{{ item }}'
   with_items:
-    - "{{ user.name }}"
+    - '{{ user.name }}'
     - ansible
-- name: ensure root ssh directory exist
+- name: Ensure root ssh directory exist
   become: true
-  file:
+  ansible.builtin.file:
     state: directory
-    path: "/root/.ssh"
+    path: '/root/.ssh'
-    owner: "root"
+    owner: 'root'
     mode: 0700
 
-- name: copy  ssh config for root
+- name: Copy  ssh config for root
   become: true
-  copy:
+  ansible.builtin.copy:
     dest: /root/.ssh/
-    src: "ssh/config"
+    src: 'ssh/config'
     force: true
     remote_src: false
-    mode: "600"
+    mode: '600'
     selevel: s0
-    owner: "root"
+    owner: 'root'
 
-- name: ensure key directory exist
+- name: Ensure key directory exist
   become: true
-  file:
+  ansible.builtin.file:
     state: directory
-    path: "{{ item.keyfile | dirname }}"
+    path: '{{ item.keyfile | dirname }}'
-    owner: "{{ item.user }}"
+    owner: '{{ item.user }}'
     mode: 0700
-  with_items: "{{ privatekeytodeploy }}"
+  with_items: '{{ privatekeytodeploy }}'
 
 - name: Install ssh private key
   become: true
-  copy:
+  ansible.builtin.copy:
-    content: "{{ item.privatekey }}"
+    content: '{{ item.privatekey }}'
-    dest: "{{ item.keyfile }}"
+    dest: '{{ item.keyfile }}'
     mode: 0600
-    owner: "{{ item.user }}"
+    owner: '{{ item.user }}'
-  with_items: "{{ privatekeytodeploy }}"
+  with_items: '{{ privatekeytodeploy }}'
 
 - name: Deploy SSH-Keys to remote host
-  authorized_key:
+  ansible.posix.authorized_key:
-    user: "{{ item.user }}"
+    user: '{{ item.user }}'
-    key: "{{ item.sshkey }}"
+    key: '{{ item.sshkey }}'
     exclusive: false
-  with_items: "{{ keystodeploy }}"
+  with_items: '{{ keystodeploy }}'
   become: true
 
-- name: les connexions par mot de passe sont désactivées
+- name: Les connexions par mot de passe sont désactivées
   become: true
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/ssh/sshd_config
-    regexp: "^#?PasswordAuthentication"
+    regexp: '^#?PasswordAuthentication'
-    line: "PasswordAuthentication no"
+    line: 'PasswordAuthentication no'
     state: present
   notify: Restart sshd
 
 - name: Remove root SSH access
   become: true
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: /etc/ssh/sshd_config
-    regexp: "^PermitRootLogin"
+    regexp: '^PermitRootLogin'
-    line: "PermitRootLogin no"
+    line: 'PermitRootLogin no'
     state: present
   notify: Restart sshd

tasks/sudoers.yml

@@ -1,24 +1,23 @@
-- name: set sudoers right
+- name: Set sudoers right
-  lineinfile:
+  ansible.builtin.lineinfile:
-    dest: "/etc/sudoers.d/{{user.name}}"
+    dest: '/etc/sudoers.d/{{ user.name }}'
-    regexp: "{{ item.regexp }}"
+    regexp: '{{ item.regexp }}'
-    line: "{{ item.line }}"
+    line: '{{ item.line }}'
-    state: "present"
+    state: 'present'
     create: True
-    owner: "root"
+    owner: 'root'
-    group: "root"
+    group: 'root'
-    mode: "0440"
+    mode: '0440'
     validate: 'visudo -cf "%s"'
   with_items:
-    - regexp: '^{{user.name}}\s'
+    - regexp: '^{{ user.name }}\s'
-      line: "{{user.name}} ALL = (ALL) NOPASSWD:ALL"
+      line: '{{ user.name }} ALL = (ALL) NOPASSWD:ALL'
   become: True
 
-- name: change secure path
+- name: Change secure path
-  replace:
+  ansible.builtin.replace:
-    path: "/etc/sudoers"
+    path: '/etc/sudoers'
     regexp: ^Defaults\s*secure_path.*
     replace: Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
     validate: 'visudo -cf "%s"'
   become: true
-

tasks/tasks.sysctl.yml

@@ -1,6 +1,6 @@
 ---
-- name: disable IPV6
+- name: Disable IPV6
-  template:
+  ansible.builtin.template:
     src: 40-ipv6.j2
     dest: /etc/sysctl.d/40-ipv6.conf
     owner: root

tasks/time.yml

@@ -1,6 +1,6 @@
 ---
 - name: Enable timesync
-  service:
+  ansible.builtin.service:
     name: systemd-timesyncd.service
     enabled: true
     state: started
@@ -8,7 +8,7 @@
   when: ansible_facts['os_family'] == 'Archlinux' and not ansible_virtualization_type  in ["lxc","docker"]
 
 - name: Set timezone and hardware clock
-  timezone:
+  community.general.timezone:
     hwclock: "{{ time.hwclock }}"
     name: "{{ time.timezone }}"
   become: true

tasks/usergroup.yml

@@ -1,15 +1,15 @@
 ---
-- name: create system user
+- name: Create system user
   become: true
-  user:
+  ansible.builtin.user:
-    name: "{{ item.name }}"
+    name: '{{ item.name }}'
     system: true
     home: "{{ item.home | default('/') }}"
-    shell: "{{ item.shell |default('/usr/bin/nologin') }}"
+    shell: "{{ item.shell | default('/usr/bin/nologin') }}"
-  with_items: "{{ system_user }}"
+  with_items: '{{ system_user }}'
 
-- name: create system group
+- name: Create system group
-  group:
+  ansible.builtin.group:
-    name: "{{ item.name }}"
+    name: '{{ item.name }}'
-  with_items: "{{ system_group }}"
+  with_items: '{{ system_group }}'
   become: true