diff --git a/all/playbook.yaml b/all/playbook.yaml index a3258b2..71a78fa 100644 --- a/all/playbook.yaml +++ b/all/playbook.yaml @@ -3,13 +3,13 @@ vars: users: - name: arya - password: {{arya_encrypted_pass}} + password: "{{arya_encrypted_pass}}" - name: devrand - password: {{devrand_encrypted_pass}} + password: "{{devrand_encrypted_pass}}" - name: midou - password: {{midou_encrypted_pass}} + password: "{{midou_encrypted_pass}}" - name: ansiblerunner - password: {{ansiblerunner_encrypted_pass}} + password: "{{ansiblerunner_encrypted_pass}}" tasks: - name: Enable backports ansible.builtin.apt_repository: @@ -200,11 +200,11 @@ - role: borgbase.ansible_role_borgbackup borg_repository: - ssh://zh3117@zh3117.rsync.net/data1/home/zh3117/backups/{{rsyncnet_slug}} - borg_source_directories: {{bkp_source_directories}} - borg_exclude_patterns: {{bkp_exclude_patterns}} + borg_source_directories: "{{bkp_source_directories}}" + borg_exclude_patterns: "{{bkp_exclude_patterns}}" borg_remote_path: /usr/local/bin/borg_1.2.4/borg1 borgmatic_hooks: - postgresql_databases: {{bkp_postgresql_databases}} + postgresql_databases: "{{bkp_postgresql_databases}}" healthchecks: ping_url: https://healthchecks.projectsegfau.lt/ping/{{bkp_hc_uuid}} states: @@ -213,7 +213,8 @@ keep_daily: 7 keep_weekly: 4 keep_monthly: 3 - borg_encryption_passcommand: cat /etc/borgmatic/passphrase # very secure I know; it has to be plain text anyway for automated backups, unless there is a better way (in which case please email me@aryak.me) + # very secure I know; it has to be plain text anyway for automated backups, unless there is a better way (in which case please email me@aryak.me) + borg_encryption_passcommand: "cat /etc/borgmatic/passphrase" - name: UFW Firewall Configuration hosts: eu,us # IN is behind router so no f/w is needed tasks: @@ -234,7 +235,7 @@ - name: Deny rules community.general.ufw: rule: allow - port: {{item.port}} - proto: {{item.proto}} + port: "{{ item.port }}" + proto: "{{ item.proto }}" with_items: - "{{ ufw_deny_rules }}"