Fix lint errors

2022-07-23 01:03:23 +02:00 · 2022-07-23 01:03:23 +02:00 · 44b97e681c
commit 44b97e681c
parent daaed8df51
4 changed files with 174 additions and 168 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -3,11 +3,11 @@ traefik_version: "2.8.1"
 cluster_domain: "local"
 traefik_namespace: "traefik"
 traefik_service_type: LoadBalancer
-#ingress_whitelist:
+# ingress_whitelist:
 #   - 10.96.0.0/12
 #   - 10.244.0.0/16
 #   - 192.168.0.0/24
-#traefik_node_selector:
+# traefik_node_selector:
 #   - localhost
 traefik_cpu_limit: 500m
 traefik_memory_limit: 300Mi
@ -15,11 +15,11 @@ traefik_entrypoints: []
 #     - { name: "http", port: 8000, proto: "TCP", hostport: 80 middlewares: ["{{ traefik_namespace }}-crowdsec-traefik-bouncer@kubernetescrd"] }
 #     - { name: "https", port: 4443, proto: "TCP", hostport: 443, tls: true middlewares: ["{{ traefik_namespace }}-crowdsec-traefik-bouncer@kubernetescrd"] }
 #     - { name: "traefik", port: 8080, proto: "TCP" }
-#traefik_external_ips: []
+# traefik_external_ips: []
 #    - 1.2.3.4
 basic_auth: false
-#traefik_dashboard_certificate: wildcard-cluster
+# traefik_dashboard_certificate: wildcard-cluster
 crowdsec_namespace: "crowdsec"
 crowdsec_traefik_bouncer_chart_version: "0.1.0"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -82,7 +82,7 @@
 #      register: traefik_actual_resources
 # 
 #    - name: Retreive actual traefik version
-#    shell: echo "{{ traefik_actual_resources.resources }}" | sed "s/.*traefik:\([0-9]\.[0-9]*\).*/\1/" | uniq
+#      ansible.builtin.shell: echo "{{ traefik_actual_resources.resources }}" | sed "s/.*traefik:\([0-9]\.[0-9]*\).*/\1/" | uniq
 #      register: traefik_actual_version
 # 
 #    - name: Remove old traefik version {{ traefik_actual_version.stdout }}
--- a/templates/traefik-files.yml.j2
+++ b/templates/traefik-files.yml.j2
@ -29,10 +29,10 @@ data:
            burst: 50
        security_headers:
          headers:
-    #        accessControlAllowMethods: ["GET", "OPTIONS", "PUT"]
+            accessControlAllowMethods: ["GET", "OPTIONS", "PUT"]
    #        accessControlAllowOrigin: "origin-list-or-null"
-    #        accessControlMaxAge: 100
+            accessControlMaxAge: 100
-    #        addVaryHeader: true
+            addVaryHeader: true
            browserXssFilter: true
            contentTypeNosniff: true
            forceSTSHeader: true
@ -42,11 +42,14 @@ data:
            customFrameOptionsValue: "SAMEORIGIN"
            referrerPolicy: "same-origin"
            permissionsPolicy: "vibrate 'self'"
            permissionsPolicy: "camera 'none'; microphone 'none'; geolocation 'none'; payment 'none';"
            stsSeconds: 315360000
-            contentSecurityPolicy: "default-src 'self' 'unsafe-inline'"
+    #        contentSecurityPolicy: "default-src 'self' 'unsafe-inline'"
    #        customResponseHeaders:
    #          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex,"
    #          server: ""
            hostsProxyHeaders:
              - "X-Forwarded-Host"
 {% if ingress_whitelist is defined %}
        traefik-ipwhitelist:
          ipWhiteList:
@ -99,6 +102,9 @@ data:
              - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
              - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
              - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
            alpnProtocols:
              - h2
              - http/1.1
 {% if false %}
      stores:
        default: