fix: Upgrade molecule ⬆️

Add yamllint to "make lint"

.ansible-lint

@@ -1,3 +1,5 @@
+profile: basic
+
 skip_list: # or 'skip_list' to silence them completely
   - experimental # all rules tagged as experimental
   - unnamed-task # All tasks should be named

.drone.jsonnet

@@ -1,82 +0,0 @@
-// Distros to Test on ;)
-local distros = ['centos7',
-                 'centos8',
-                 'rockylinux8', 
-                 'debian10', 
-                 'debian11'];
-
-/* Configuration of DIND */
-local docker_service() =
- {
-   name: 'docker',
-   image: 'docker:dind',
-   privileged: true,
-   volumes: [{ name: 'dockersock', path: '/var/run' },],
- };
-
-local email_notification() =
- {
-   name: 'notify by email',
-   image: 'drillster/drone-email',
-   settings:
-    { host: 
-        { from_secret: 'EMAIL_HOST' },
-      username:
-        { from_secret: 'EMAIL_USER' },
-      password:
-        { from_secret: 'EMAIL_PASS' },
-      from: 'drone@guise.net.nz'
-    }
-  };
-
-local test_distro(distribution) =
-  {
-    name: 'Molecule test on %(distribution)s' % { distribution: distribution },
-    volumes: [{ name: 'dockersock', path: '/var/run' },],
-    pull: true,
-    image: 'guisea/ansible-molecule:alpine-latest',
-    commands: [
-      'sleep 10', // give docker enough time to start
-      'mkdir ${DRONE_REPO_NAME}',
-      'rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}',
-      'cd ${DRONE_REPO_NAME}',
-      'molecule test'
-    ],
-    environment:
-     { MOLECULE_DISTRO: '%(distribution)s' % { distribution: distribution }
-     },
-  };
-
-local gen_pipeline(distro) = 
-  {kind: 'pipeline',
-   type: 'docker',
-   name: 'Test on %(distro)s' % { distro: distro },
-   steps: 
-    [test_distro(distro)],
-   services: 
-     [docker_service()],
-   volumes: 
-   [{
-     name: 'dockersock',
-     temp: {}, 
-   },],
-  };
-
-// Generate the output
-[ 
-  gen_pipeline('centos7'),
-  gen_pipeline('centos8'),
-  gen_pipeline('rockylinux8'),
-  gen_pipeline('debian10'),
-  gen_pipeline('debian11'),
-  {kind: 'pipeline',
-   type: 'docker',
-   name: 'Notify',
-   steps: [email_notification()],
-   when:
-     {  status: [ 'success', 'failure' ] },
-    depends_on: 
-      ['Test on %(distro)s' % { distro: distro }
-        for distro in distros]
-  }
-]

.drone.yml

@@ -1,210 +0,0 @@
----
-kind: pipeline
-name: runners
-steps:
-- commands:
-  - cd terraform
-  - terraform init
-  - terraform plan -out /data/runners.plan
-  - terraform apply /data/runners.plan
-  environment:
-    TF_VAR_linode_api_token:
-      from_secret: linode_api_token
-    TF_VAR_root_pass:
-      from_secret: root_pass
-    TF_VAR_ssh_pubkey:
-      from_secret: TF_VAR_ssh_pubkey
-  image: hashicorp/terraform:1.1.7
-  name: Provision with terraform
-  volumes:
-  - name: terraform-data
-    path: /data
-type: docker
-volumes:
-- host:
-    path: /mnt/nfs/swarm/runners
-  name: terraform-data
----
-depends_on:
-- runners
-kind: pipeline
-name: Test on centos7
-node:
-  linodrone: "true"
-services:
-- image: docker:dind
-  name: docker
-  privileged: true
-  volumes:
-  - name: dockersock
-    path: /var/run
-steps:
-- commands:
-  - sleep 10
-  - mkdir ${DRONE_REPO_NAME}
-  - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}
-  - cd ${DRONE_REPO_NAME}
-  - molecule test
-  environment:
-    MOLECULE_DISTRO: centos7
-  image: guisea/ansible-molecule:latest
-  name: Molecule test on centos7
-  volumes:
-  - name: dockersock
-    path: /var/run
-type: docker
-volumes:
-- name: dockersock
-  temp: {}
----
-depends_on:
-- runners
-kind: pipeline
-name: Test on centos8
-node:
-  linodrone: "true"
-services:
-- image: docker:dind
-  name: docker
-  privileged: true
-  volumes:
-  - name: dockersock
-    path: /var/run
-steps:
-- commands:
-  - sleep 10
-  - mkdir ${DRONE_REPO_NAME}
-  - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}
-  - cd ${DRONE_REPO_NAME}
-  - molecule test
-  environment:
-    MOLECULE_DISTRO: centos8
-  image: guisea/ansible-molecule:latest
-  name: Molecule test on centos8
-  volumes:
-  - name: dockersock
-    path: /var/run
-type: docker
-volumes:
-- name: dockersock
-  temp: {}
----
-depends_on:
-- runners
-kind: pipeline
-name: Test on rockylinux8
-node:
-  linodrone: "true"
-services:
-- image: docker:dind
-  name: docker
-  privileged: true
-  volumes:
-  - name: dockersock
-    path: /var/run
-steps:
-- commands:
-  - sleep 10
-  - mkdir ${DRONE_REPO_NAME}
-  - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}
-  - cd ${DRONE_REPO_NAME}
-  - molecule test
-  environment:
-    MOLECULE_DISTRO: rockylinux8
-  image: guisea/ansible-molecule:latest
-  name: Molecule test on rockylinux8
-  volumes:
-  - name: dockersock
-    path: /var/run
-type: docker
-volumes:
-- name: dockersock
-  temp: {}
----
-depends_on:
-- runners
-kind: pipeline
-name: Test on debian10
-node:
-  linodrone: "true"
-services:
-- image: docker:dind
-  name: docker
-  privileged: true
-  volumes:
-  - name: dockersock
-    path: /var/run
-steps:
-- commands:
-  - sleep 10
-  - mkdir ${DRONE_REPO_NAME}
-  - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}
-  - cd ${DRONE_REPO_NAME}
-  - molecule test
-  environment:
-    MOLECULE_DISTRO: debian10
-  image: guisea/ansible-molecule:latest
-  name: Molecule test on debian10
-  volumes:
-  - name: dockersock
-    path: /var/run
-type: docker
-volumes:
-- name: dockersock
-  temp: {}
----
-depends_on:
-- runners
-kind: pipeline
-name: Test on debian11
-node:
-  linodrone: "true"
-services:
-- image: docker:dind
-  name: docker
-  privileged: true
-  volumes:
-  - name: dockersock
-    path: /var/run
-steps:
-- commands:
-  - sleep 10
-  - mkdir ${DRONE_REPO_NAME}
-  - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}
-  - cd ${DRONE_REPO_NAME}
-  - molecule test
-  environment:
-    MOLECULE_DISTRO: debian11
-  image: guisea/ansible-molecule:latest
-  name: Molecule test on debian11
-  volumes:
-  - name: dockersock
-    path: /var/run
-type: docker
-volumes:
-- name: dockersock
-  temp: {}
----
-depends_on:
-- Test on centos7
-- Test on centos8
-- Test on rockylinux8
-- Test on debian10
-- Test on debian11
-kind: pipeline
-name: Notify
-steps:
-- image: drillster/drone-email
-  name: notify by email
-  settings:
-    from: drone@guise.net.nz
-    host: mail.guise.net.nz
-    password:
-      from_secret: EMAIL_PASS
-    username:
-      from_secret: EMAIL_USER
-type: docker
-when:
-  status:
-  - success
-  - failure

.github/workflows/ci.yml

@@ -0,0 +1,83 @@
+name: CI
+on:
+  push:
+    branches:
+      - "**"
+    tags:
+      - "!**"
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+          cache: 'pip' # caching pip dependencies
+      - name: Ensure requirements are installed
+        run: pip install -r requirements.txt
+      - name: Lint with ansible-lint
+        run: ansible-lint -c ".ansible-lint"
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+      - name: Lint with yamllint
+        run: yamllint .
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+  molecule:
+    name: Molecule Test
+    runs-on: ubuntu-latest
+    needs: lint
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [almalinux8, almalinux9]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+          cache: 'pip' # caching pip dependencies
+
+      - name: Ensure requirements are installed
+        run: pip install -r requirements.txt
+
+      - name: Run Molecule tests.
+        run: molecule test
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_DISTRO: ${{ matrix.os }}
+  release:
+    runs-on: ubuntu-latest
+    needs:
+      - lint
+      - molecule
+    steps:
+     - uses: actions/checkout@v4
+     - uses: actions/setup-go@v5
+       with:
+         go-version: '1.22'
+     - name: Install gitea provider for Go Semantic Release
+       run: |
+         mkdir -p .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/ && \
+         wget https://github.com/cybercinch/go-semantic-release-provider-gitea/releases/download/v${GITEA_PROVIDER_VER}/go-semantic-release-provider-gitea_v${GITEA_PROVIDER_VER}_linux_amd64 \
+         -O .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/gitea && \
+         chmod a+x .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/gitea
+       env:
+         GITEA_PROVIDER_VER: 1.0.11
+     - run: |
+         echo "github repo: ${GITHUB_REPOSITORY}"
+         echo "env vars: $(env)"
+     - uses: go-semantic-release/action@v1
+       with:
+         custom-arguments: --provider=gitea
+       env:
+         GITEA_TOKEN: ${{ secrets.G_TOKEN }}
+         GITEA_HOST: ${{ secrets.G_SERVER_URL}}

.gitignore

@@ -12,6 +12,7 @@ roles/*
 !files/authorized_keys/
 files/authorized_keys/*
 !files/authorized_keys/.gitkeep
+env/
 
 # Do not commit Vault password
 .vault_password.txt

.woodpecker/cron.yml

@@ -0,0 +1,28 @@
+matrix:
+  include:
+    - MOLECULE_DISTRO: centos7
+    - MOLECULE_DISTRO: almalinux8
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      submodule_update_remote: true
+when:
+  event: [ cron ]
+
+steps:
+  test:
+    name: Test on ${MOLECULE_DISTRO}
+    image: guisea/ansible-molecule
+    pull: true
+    environment:
+      PY_COLORS: '1'
+      ANSIBLE_FORCE_COLOR: '1'
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    commands:
+      - molecule test --scenario-name ${MOLECULE_SCENARIO:-default}
+    when:
+      event: [ cron ]

.woodpecker/lint.yml

@@ -0,0 +1,43 @@
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      submodule_update_remote: true
+when:
+  event: [ push, manual ]
+
+steps:
+  ansible-lint:
+    group: test
+    name: "Lint: Ansible-lint"
+    image: guisea/ansible-molecule
+    environment:
+      PY_COLORS: '1'
+      ANSIBLE_FORCE_COLOR: '1'
+    commands:
+      - ansible-lint -c ".ansible-lint"
+    when:
+      event: [ push, manual ]
+  yamllint:
+    group: test
+    name: "Lint: Yamllint"
+    image: guisea/ansible-molecule
+    commands:
+      - yamllint -f colored .
+    when:
+      event: [ push, manual ]
+  ntfy:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: "Lint failed for ${CI_REPO_NAME}"
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,warning,rotating_light,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          📝 Commit by ${CI_COMMIT_AUTHOR} on ${CI_COMMIT_BRANCH}:
+                ${CI_COMMIT_MESSAGE}
+    when:
+      event: [ push, manual ]
+      status: [ failure ]

.woodpecker/release.yml

@@ -0,0 +1,48 @@
+matrix:
+  include:
+    - MOLECULE_DISTRO: centos7
+    - MOLECULE_DISTRO: almalinux8
+    - MOLECULE_DISTRO: almalinux9
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      submodule_update_remote: true
+when:
+  event: [ push ]
+
+steps:
+  create-release:
+    name: Test on ${MOLECULE_DISTRO}
+    image: guisea/ansible-molecule
+    pull: true
+    environment:
+      PY_COLORS: '1'
+      ANSIBLE_FORCE_COLOR: '1'
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    commands:
+      - molecule test --scenario-name ${MOLECULE_SCENARIO:-default}
+    #secrets: [ auth_duo_host, auth_duo_ikey, auth_duo_skey, auth_duo_mirror_url ]
+    when:
+      event:
+        - push
+        - manual
+  ntfy:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: "Test failed for ${CI_REPO_NAME} - Distro: ${MOLECULE_DISTRO} Scenario: ${MOLECULE_SCENARIO:-default}"
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,warning,rotating_light,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          📝 Commit by ${CI_COMMIT_AUTHOR} on ${CI_COMMIT_BRANCH}:
+                ${CI_COMMIT_MESSAGE}
+    when:
+      event: [ push, manual ]
+      status: [ failure ]
+depends_on:
+  - lint

.woodpecker/test.yml

@@ -0,0 +1,48 @@
+matrix:
+  include:
+    - MOLECULE_DISTRO: centos7
+    - MOLECULE_DISTRO: almalinux8
+    - MOLECULE_DISTRO: almalinux9
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      submodule_update_remote: true
+when:
+  event: [ push, manual ]
+
+steps:
+  test:
+    name: Test on ${MOLECULE_DISTRO}
+    image: guisea/ansible-molecule
+    pull: true
+    environment:
+      PY_COLORS: '1'
+      ANSIBLE_FORCE_COLOR: '1'
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    commands:
+      - molecule test --scenario-name ${MOLECULE_SCENARIO:-default}
+    #secrets: [ auth_duo_host, auth_duo_ikey, auth_duo_skey, auth_duo_mirror_url ]
+    when:
+      event:
+        - push
+        - manual
+  ntfy:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: "Test failed for ${CI_REPO_NAME} - Distro: ${MOLECULE_DISTRO} Scenario: ${MOLECULE_SCENARIO:-default}"
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,warning,rotating_light,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          📝 Commit by ${CI_COMMIT_AUTHOR} on ${CI_COMMIT_BRANCH}:
+                ${CI_COMMIT_MESSAGE}
+    when:
+      event: [ push, manual ]
+      status: [ failure ]
+depends_on:
+  - lint

.woodpecker/z.ntfy-cron.yml

@@ -0,0 +1,16 @@
+skip_clone: true
+
+steps:
+  ntfy-success:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: Build succeeded on ${CI_REPO_NAME}
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,white_check_mark,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          Test success when run by cron for ${CI_REPO_NAME}.
+depends_on:
+  - "cron"
+runs_on: [ success ]

.woodpecker/z.ntfy.yml

@@ -0,0 +1,20 @@
+skip_clone: true
+
+steps:
+  ntfy:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: "Build completed for ${CI_REPO_NAME}"
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,tada,white_check_mark,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          📝 Commit by ${CI_COMMIT_AUTHOR} on ${CI_COMMIT_BRANCH}:
+                ${CI_COMMIT_MESSAGE}
+    when:
+      event: [ push, manual ]
+      status: [ success ]
+depends_on:
+  - lint
+  - test

.woodpecker/zz.ntfy-cron-failed.yml

@@ -0,0 +1,16 @@
+skip_clone: true
+
+steps:
+  ntfy-failed:
+    image: codeberg.org/l-x/woodpecker-ntfy
+    settings:
+        url: https://ntfy.cybercinch.nz/ci-status
+        title: Build failed on ${CI_REPO_NAME}
+        priority: urgent
+        icon: https://woodpecker-ci.org/img/logo.svg
+        tags: robot,rotating_light,no_entry,${CI_BUILD_EVENT},${CI_REPO_NAME}
+        message: >
+          Test failed when run by cron for ${CI_REPO_NAME}.
+depends_on:
+  - "cron"
+runs_on: [ failure ]

.yamllint

@@ -2,6 +2,8 @@
 # Based on ansible-lint config
 extends: default
 
+ignore: |
+  .venv/
 rules:
   braces:
     max-spaces-inside: 1
@@ -26,8 +28,8 @@ rules:
   indentation: disable
   key-duplicates: enable
   line-length: disable
-  new-line-at-end-of-file: disable
+  new-line-at-end-of-file: enable
   new-lines:
     type: unix
-  trailing-spaces: disable
+  trailing-spaces: enable
   truthy: disable

Makefile

@@ -0,0 +1,36 @@
+.PHONY: clean virtualenv lint test docker dist dist-upload
+
+clean:
+	find . -name '*.py[co]' -delete
+
+virtualenv:
+	virtualenv --prompt '|> ansible-role-common <| ' .venv
+	.venv/bin/pip install --upgrade pip
+	.venv/bin/pip install -r requirements.txt
+	.venv/bin/ansible-galaxy collection install -r requirements.yml
+	@echo
+	@echo "VirtualENV Setup Complete. Now run: source .venv/bin/activate"
+	@echo
+
+test:
+	for distro in almalinux9 ; do \
+		MOLECULE_DISTRO=$$distro molecule test --all ; \
+	done
+
+lint:
+	@echo "Linting"
+	@act -j lint
+	@echo
+
+docker: clean
+	docker buildx build --platform 'linux/amd64,linux/arm64' --push \
+	-t hub.cybercinch.nz/cybercinch/imap_retention_manager:latest \
+	-t docker.io/cybercinch/imap_retention_manager:latest .
+
+dist: clean
+	rm -rf dist/*
+	python setup.py sdist
+	python setup.py bdist_wheel
+
+dist-upload:
+	twine upload dist/*

README.md

@@ -1,40 +1,89 @@
-# Common [![Build Status](https://drone.guise.net.nz/api/badges/ansible-roles/common/status.svg)](https://drone.guise.net.nz/ansible-roles/common) 
+# Common [![status-badge](https://hub.cybercinch.nz/cybercinch/ansible-role-common/actions/workflows/ci.yml/badge.svg)](https://hub.cybercinch.nz/cybercinch/ansible-role-common/actions?workflow=ci.yml)
 =========
 
-A brief description of the role goes here.
+This role is a collection of functionality to ease common setup of Linux based VM's. Some functionality for windows servers is available.
 
-Requirements
+Features:
+* Dynamic motd - This displays information to administrators at login.
+* Helper commands - These are commands to help with online resizing of Linux Partitions/Drives when running on VMWare.
+* Set DNS resolvers for use on the host.
+* Install common packages for the host (Win/Linux)
+
+Requirements 
 ------------
 
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+Nil
 
 Role Variables
 --------------
 
-A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+Role variables can be found in defaults/main.yml
+
+```yaml
+domain: exampledomain.com
+ad_domain_joined: no
+win_timezone: New Zealand Standard Time
+vendors_hosts: []
+
+dns_servers:
+  - 1.0.0.1
+  - 1.1.1.1
+
+admin_group: admins
+
+
+common_grub_timeout: 5
+postfix_configure: false
+
+common_packages: # Packages we will/would like to install
+  - nano
+  - git
+  - htop
+  - atop
+  - wget
+  - bind-utils
+  - yum-utils
+  - unzip
+
+win_packages:
+  - notepadplusplus.install
+  - firefoxesr
+  - baretail
+  - 7zip.install
+
+apply_win_updates: false
+
+common_show_ipv6: false|bool
+common_root_pwd: $y0urp@$$ ## You should always use a vault encrypted string here.
+common_root_email: admin@somplace.co.nz # Configures forwarding address for root.
+```
 
 Dependencies
 ------------
 
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+Nil external dependencies.  Requires only builtin functions
 
 Example Playbook
 ----------------
 
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+This is an example playbook.  Executes the role overriding two variables. 
+
+You could alternately set these in host_vars or group_vars:
 
 ```yaml
-    - hosts: servers
+    - hosts: server
       roles:
-         - { role: username.rolename, x: 42 }
+         - { role: cybercinch.common, 
+             common_show_ipv6: true,
+             common_root_email: iamroot@example.com }
 ```
 
 License
 -------
 
-BSD
+MIT
 
 Author Information
 ------------------
 
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).
+This role was created in 2017 by [Aaron Guise](https://guise.net.nz/)

defaults/main.yml

@@ -1,5 +1,4 @@
 ---
-# defaults file for guisea.common
 domain: exampledomain.com
 ad_domain_joined: no
 win_timezone: New Zealand Standard Time
@@ -9,7 +8,7 @@ dns_servers:
   - 1.0.0.1
   - 1.1.1.1
 
-ADMIN_GROUP: admins
+admin_group: admins
 
 
 common_grub_timeout: 5
@@ -24,15 +23,15 @@ common_packages:
   - bind-utils
   - yum-utils
   - unzip
-  
+
 win_packages:
   - notepadplusplus.install
   - firefoxesr
   - baretail
   - 7zip.install
-  
+
 apply_win_updates: false
 
 common_show_ipv6: false|bool
-common_root_pwd: l3tm31nN0w
-common_root_email: admin@somplace.co.nz
+common_root_pwd: $y0urp@$$
+common_root_email: admin@somplace.co.nz

files/helpers/set_dhcp_ip.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# This script will reset the IP Address back to default of DHCP
+# helpful for a pending restore
+
+/bin/nmcli c m "System eth0" ipv4.method auto
+/bin/nmcli c m "System eth0" ipv4.address "" ipv4.gateway ""
+/bin/nmcli connection up "System eth0"

files/helpers/set_static_ip.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# get subnet
+subnet=$(ip a | grep "inet " | tail -1 | awk '{print $2}')
+
+# get router/gateway
+router=$(ip route show | head -1 | awk '{print $3}')
+
+# get size of network portion of address in bytes
+sz=$(echo $subnet | awk -F / '{print $2}')
+bytes=$(("$sz" / 8))
+prefix=$(echo "$subnet" | cut -d. -f1-$bytes)      # e.g., 192.168.0
+
+# get IP address to be set
+IP=$(hostname -I | awk '{print $1}')             # current IP
+echo -n "Keep IP address?—$IP [yn]> "
+read -r ans
+if [ "$ans" == "n" ]; then
+  echo -n "Enter new IP address: "
+  read -r IP
+  # check if specified IP is properly formatted
+  if [[ ! $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+    echo Invalid IP
+  fi
+  # check if specified IP works for local network
+  if [[ ! $IP =~ ^$prefix ]]; then
+    echo "ERROR: Specified IP not usable for local network"
+    exit
+  fi
+fi
+
+# check if specified IP is properly formatted
+if [[ ! $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+  echo Invalid IP
+fi
+
+# fetch the UUID
+UUID=$(nmcli connection show | tail -1 | awk '{print $4}')
+if [[ "$UUID" == "ethernet" ]]; then
+ # This is the other format of nmcli connection show
+ UUID=$(nmcli connection show | head -2 | tail -1 | awk '{print $3}')
+fi
+
+# run commands to set up the permanent IP address
+nmcli connection modify "$UUID" IPv4.address "$IP"/"$sz"
+nmcli connection modify "$UUID" IPv4.gateway "$router"
+nmcli connection modify "$UUID" IPv4.method manual
+nmcli connection up "$UUID"

handlers/main.yml

@@ -15,10 +15,10 @@
     name: ntpd
     state: restarted
 
-- name: reboot windows
+- name: Reboot Windows
   win_reboot:
 
-- name: restart NetworkManager
+- name: Restart NetworkManager
   service:
     name: NetworkManager
     state: restarted

molecule/default/converge.yml

@@ -4,4 +4,4 @@
   tasks:
     - name: "Include common"
       include_role:
-        name: "common"
+        name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"

molecule/default/molecule.yml

@@ -4,18 +4,21 @@ dependency:
 driver:
   name: docker
 platforms:
-  - name: instance
-    image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
+  - name: molecule-${MOLECULE_DISTRO:-almalinux8}
+    image: "cybercinch/docker-${MOLECULE_DISTRO:-almalinux8}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     privileged: true
     pre_build_image: true
 provisioner:
   name: ansible
+  env:
+    MOLECULE_NO_LOG: true
 # verifier:
 #  name: ansible
-lint: |
-  set -e
-  yamllint .
-  ansible-lint
+# lint: |
+#   set -e
+#   yamllint .
+#   ansible-lint

requirements.txt

@@ -0,0 +1,6 @@
+ansible-core<2.17
+ansible-compat >= 4
+molecule[docker]== 24.2.1
+ansible-lint==24.2.2
+yamllint==1.35.1
+passlib==1.7.4

requirements.yml

@@ -0,0 +1,3 @@
+collections:
+  - ansible.windows
+  - community.general

tasks/RedHat.yml

@@ -3,7 +3,7 @@
 - include_tasks: networking.yml
 
 - name: Ensure common packages (RHEL)
-  yum: 
+  yum:
     name: "{{ common_packages }}"
     state: present
     enablerepo: epel
@@ -17,7 +17,7 @@
     enablerepo: ol7_developer_EPEL
   when: ansible_distribution == 'OracleLinux'
   tags: packages
-  
+
 - name: Check if SELinux is installed
   stat:
     path: /etc/selinux/config
@@ -38,7 +38,9 @@
 #  tags: security
 
 - name: Create admin group
-  group: name={{ ADMIN_GROUP }} state=present
+  group:
+    name: "{{ admin_group }}"
+    state: present
 
 - name: Configure yum limit
   lineinfile:
@@ -49,25 +51,18 @@
 
 - name: Ensure Helpers are present
   copy:
-    src: "{{ helpers.src }}"
-    dest: "{{ helpers.dest }}"
+    src: helpers/
+    dest: /usr/local/bin/
     mode: u+rwx,g+rx,o+rx
-  with_items:
-    - src: helpers/reload_scsi_devices
-      dest: /usr/local/bin/reload_scsi_devices
-    - src: helpers/reload_scsi_hosts
-      dest: /usr/local/bin/reload_scsi_hosts
-  loop_control:
-    loop_var: helpers
-    
+
 - name: Ensure Hostname is set
-  hostname: 
+  hostname:
     name: "{{ inventory_hostname }}.{{ domain }}"
-  when: ansible_virtualization_type != "docker"
-    
+  when: ansible_virtualization_type != "docker" and ansible_virtualization_type != "container"
+
 - name: Change root password
-  user:  
-    name: root 
+  user:
+    name: root
     password: "{{ common_root_pwd | password_hash('sha512') }}"
   changed_when: false
   tags: rootpw

tasks/Windows.yml

@@ -30,7 +30,7 @@
     admin_password: "{{ vault_ad_password }}"
     domain_name: "{{ authconfig_domain }}"
   when: ad_domain_joined
-  notify: reboot windows
+  notify: Reboot Windows
 - meta: flush_handlers
 
 - name: Ensure Important dirs exist
@@ -53,7 +53,7 @@
 - name: Apply Windows Updates
   win_updates:
   when: apply_windows_updates
-  notify: reboot windows
+  notify: Reboot Windows
 - meta: flush_handlers
 
 - name: Ensure default applications installed

tasks/communication.yml

@@ -1,7 +1,8 @@
 ---
 - name: Postfix Configuration
+  when: postfix_configure
   block:
-    - name: postfix | Apply postfix configuration
+    - name: Postfix | Apply postfix configuration
       lineinfile:
         dest: "{{ configurations.dest }}"
         regexp: "{{ configurations.regexp }}"
@@ -33,12 +34,11 @@
       loop_control:
         loop_var: configurations
 
-    - name: postfix | Ensure Postfix is Started/Enabled
+    - name: Postfix | Ensure Postfix is Started/Enabled
       service:
         name: postfix
         state: started
         enabled: yes
-  when: postfix_configure
 
 - name: Ensure root forwarding address is set
   lineinfile:

tasks/grub.yml

@@ -20,7 +20,7 @@
     no_extra_spaces: yes
   when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version > '6'"
   notify:
-    - Check if grub.cfg exists 
+    - Check if grub.cfg exists
     - Update GRUB
   tags:
-    - grub
+    - grub

tasks/networking.yml

@@ -1,5 +1,9 @@
 ---
-- name: Ensure DNS and SSH common config
+- name: What is virtualization type?
+  debug:
+    msg: "Virtualization is: {{ ansible_virtualization_type }}"
+
+- name: Ensure Network Setup (RedHat only)
   template:
     src: "{{ network_config.src }}"
     dest: "{{ network_config.dest }}"
@@ -12,8 +16,25 @@
         mode: u+rw,
         a+r,
       }
+  when: >
+    ansible_virtualization_type != "docker"
+    and ansible_virtualization_type != "container"
+    and ansible_os_family == "RedHat"
+  loop_control:
+    loop_var: network_config
+  tags: dns
+
+- name: Ensure Resolvers Configured
+  template:
+    src: "{{ network_config.src }}"
+    dest: "{{ network_config.dest }}"
+    mode: "{{ network_config.mode }}"
+    backup: yes
+  with_items:
     - { src: etc.resolv.conf.j2, dest: /etc/resolv.conf, mode: u+rw, a+r }
-  when: ansible_virtualization_type != "docker"
+  when: >
+    ansible_virtualization_type != "docker"
+    and ansible_virtualization_type != "container"
   loop_control:
     loop_var: network_config
   tags: dns
@@ -52,7 +73,7 @@
       }
   loop_control:
     loop_var: hosts_config
-  when: ansible_virtualization_type != "docker"
+  when: ansible_virtualization_type != "docker" and ansible_virtualization_type != "container"
 
 - name: Ensure NetworkManager does not fiddle DNS
   ini_file:
@@ -63,7 +84,7 @@
     backup: yes
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7")
   notify:
-    - restart NetworkManager
+    - Restart NetworkManager
   changed_when: false
 
 - name: Ensure correct permissions (hosts/resolv.conf)

templates/dynmotd

@@ -15,41 +15,42 @@
 #      /usr/local/bin/dynmotd
 #
 
-USER=`whoami`
-HOSTNAME=`uname -n | cut -d. -f1`
-IP=`ip route get 1 | awk '{print $NF;exit}'`
-NUM_CPU=`lscpu | grep "CPU(s):" | head -n 1 | awk '{print $2}'`
-ROOT=`df -x fuse.gvfs-fuse-daemon -Ph | egrep -i 'root|logvol|vda' | awk '{print $4}' | tr -d '\n'`
-HOME=`df -x fuse.gvfs-fuse-daemon -Ph | grep home | awk '{print $4}' | tr -d '\n'`
-FILESYSTEMS=`cat /etc/fstab | grep -v '#' | grep -v 'swap' | awk '{if(NF>0) {print $2}}'`
-BACKUP=`df -x fuse.gvfs-fuse-daemon -Ph | grep backup | awk '{print $4}' | tr -d '\n'`
-OS_RELEASE=`awk -F= '$1=="PRETTY_NAME" { print $2 ;}' /etc/os-release | sed -e 's/^"//' -e 's/"$//'`
-MEMORY=`free -m | grep "Mem" | awk '{print $2,"-",$3,"-",$4}'`
-SWAP=`free -m | grep "Swap" | awk '{print $2,"-",$3,"-",$4}'`
-PSA=`ps -Afl | wc -l`
+if getent group "{{ admin_group }}" | grep -qw "$(whoami)"; then
+  USER=`/usr/bin/env whoami`
+  HOSTNAME=`/usr/bin/env uname -n | /usr/bin/env cut -d. -f1`
+  IP=`/usr/bin/env ip route get 1 | /usr/bin/env grep -Po '(?<=src.)[\w\d.]+'`
+  IP6=`/usr/bin/env ip -6 addr | /usr/bin/env awk -F '[ \t]+|/' '$3 == "::1" { next;} $3 ~ /^fe80::/ { next ; } /inet6/ {print $3} '`
+  NUM_CPU=`cat /proc/cpuinfo | grep processor | wc -l`
+  #ROOT=`/usr/bin/df / -x fuse.gvfs-fuse-daemon -Ph | /usr/bin/egrep -i 'root|logvol|vda' | awk '{print $4}' | tr -d '\n'`
+  #HOME=`/usr/bin/df /home -x fuse.gvfs-fuse-daemon -Ph | grep home | awk '{print $4}' | tr -d '\n'`
+  #BACKUP=`/usr/bin/df -x fuse.gvfs-fuse-daemon -Ph | grep backup | awk '{print $4}' | tr -d '\n'`
+  FILESYSTEMS=`cat /etc/fstab | grep -v '#' | grep -v 'swap' | grep -v 'proc' | awk '{if(NF>0) {print $2}}'`
+  MEMORY=`/usr/bin/env free -m | /usr/bin/env grep "Mem" | /usr/bin/env awk '{print $2,"-",$3,"-",$4}'`
+  SWAP=`/usr/bin/env free -m | /usr/bin/env grep "Swap" | /usr/bin/env awk '{print $2,"-",$3,"-",$4}'`
+  PSA=`/usr/bin/env ps -Afl | /usr/bin/env wc -l`
 
-# time of day
-HOUR=$(date +"%H")
-if [ $HOUR -lt 12  -a $HOUR -ge 0 ]
-then    TIME="morning"
-elif [ $HOUR -lt 17 -a $HOUR -ge 12 ]
-then    TIME="afternoon"
-else
+  # time of day
+  HOUR=$(/usr/bin/env date +"%H")
+  if [ $HOUR -lt 12  -a $HOUR -ge 0 ]
+  then    TIME="morning"
+  elif [ $HOUR -lt 17 -a $HOUR -ge 12 ]
+  then    TIME="afternoon"
+  else
     TIME="evening"
-fi
+  fi
 
-#System uptime
-uptime=`cat /proc/uptime | cut -f1 -d.`
-upDays=$((uptime/60/60/24))
-upHours=$((uptime/60/60%24))
-upMins=$((uptime/60%60))
-upSecs=$((uptime%60))
+  #System uptime
+  uptime=`/usr/bin/env cat /proc/uptime | cut -f1 -d.`
+  upDays=$((uptime/60/60/24))
+  upHours=$((uptime/60/60%24))
+  upMins=$((uptime/60%60))
+  upSecs=$((uptime%60))
 
-#System load
-LOADAVG=`cat /proc/loadavg`
-LOAD1=`echo $LOADAVG | awk {'print $1'}`
-LOAD5=`echo $LOADAVG | awk {'print $2'}`
-LOAD15=`echo $LOADAVG | awk {'print $3'}`
+  #System load
+  LOADAVG=`/usr/bin/env cat /proc/loadavg`
+  LOAD1=`echo $LOADAVG | /usr/bin/env awk {'print $1'}`
+  LOAD5=`echo $LOADAVG | /usr/bin/env awk {'print $2'}`
+  LOAD15=`echo $LOADAVG | /usr/bin/env awk {'print $3'}`
 
 echo ""
 echo -e "\e[7m--- GOOD $TIME $USER ----\e[0m"
@@ -62,22 +63,42 @@ COLOR_VALUE="\e[31m"
 RESET_COLORS="\e[0m"
 echo -e "
 ===========================================================================
- $COLOR_COLUMN- Hostname$RESET_COLORS............: $COLOR_VALUE $HOSTNAME $RESET_COLORS
- $COLOR_COLUMN- IP Address (Default)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS
- $COLOR_COLUMN- Release$RESET_COLORS.............: $COLOR_VALUE $OS_RELEASE $RESET_COLORS
- $COLOR_COLUMN- Users$RESET_COLORS...............: $COLOR_VALUE Currently `users | wc -w` user(s) logged on $RESET_COLORS
+$COLOR_COLUMN- Hostname$RESET_COLORS............: $COLOR_VALUE $HOSTNAME $RESET_COLORS
+{% if common_show_ipv6 == true %}
+$COLOR_COLUMN- IP Address (Main v4)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS  
+$COLOR_COLUMN- IP Address (Main v6)$RESET_COLORS: $COLOR_VALUE $IP6 $RESET_COLORS  
+{% else %} 
+$COLOR_COLUMN- IP Address (Default)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS
+{% endif %}
+{% if ansible_distribution == "Alpine" %}
+$COLOR_COLUMN- Release$RESET_COLORS.............: $COLOR_VALUE Alpine `/usr/bin/env cat /etc/os-release` $RESET_COLORS
+{% else %}
+$COLOR_COLUMN- Release$RESET_COLORS.............: $COLOR_VALUE `/usr/bin/env cat /etc/os-release | /usr/bin/env grep PRETTY_NAME | /usr/bin/env cut -d '"' -f 2` $RESET_COLORS
+{% endif %}
+{% if ansible_distribution != "Alpine" %}
+$COLOR_COLUMN- Users$RESET_COLORS...............: $COLOR_VALUE Currently `users | wc -w` user(s) logged on $RESET_COLORS
+{% endif %}
 =========================================================================== $RESET_COLORS
- $COLOR_COLUMN- Current user$RESET_COLORS........: $COLOR_VALUE $USER $RESET_COLORS
- $COLOR_COLUMN- Number of CPU$RESET_COLORS.......: $COLOR_VALUE $NUM_CPU $RESET_COLORS
- $COLOR_COLUMN- CPU usage$RESET_COLORS...........: $COLOR_VALUE $LOAD1 - $LOAD5 - $LOAD15 (1-5-15 min) $RESET_COLORS
- $COLOR_COLUMN- Memory used$RESET_COLORS.........: $COLOR_VALUE $MEMORY (total-used-free) $RESET_COLORS
- $COLOR_COLUMN- Swap in use$RESET_COLORS.........: $COLOR_VALUE $SWAP (total-used-free) MB $RESET_COLORS
- $COLOR_COLUMN- Processes$RESET_COLORS...........: $COLOR_VALUE $PSA running $RESET_COLORS
- $COLOR_COLUMN- System uptime$RESET_COLORS.......: $COLOR_VALUE $upDays days $upHours hours $upMins minutes $upSecs seconds $RESET_COLORS
- $COLOR_COLUMN- Disk space$RESET_COLORS..........: "
+$COLOR_COLUMN- Current user$RESET_COLORS........: $COLOR_VALUE $USER $RESET_COLORS
+$COLOR_COLUMN- Number of CPU$RESET_COLORS.......: $COLOR_VALUE $NUM_CPU $RESET_COLORS
+$COLOR_COLUMN- CPU usage$RESET_COLORS...........: $COLOR_VALUE $LOAD1 - $LOAD5 - $LOAD15 (1-5-15 min) $RESET_COLORS
+$COLOR_COLUMN- Memory used$RESET_COLORS.........: $COLOR_VALUE $MEMORY (total-used-free) $RESET_COLORS
+$COLOR_COLUMN- Swap in use$RESET_COLORS.........: $COLOR_VALUE $SWAP (total-used-free) MB $RESET_COLORS
+$COLOR_COLUMN- Processes$RESET_COLORS...........: $COLOR_VALUE $PSA running $RESET_COLORS
+$COLOR_COLUMN- System uptime$RESET_COLORS.......: $COLOR_VALUE $upDays days $upHours hours $upMins minutes $upSecs seconds $RESET_COLORS
+{% if ansible_virtualization_type != "lxc" %}
+$COLOR_COLUMN- Disk space$RESET_COLORS..........: "
 for FS in ${FILESYSTEMS}; do
-echo -e " $COLOR_COLUMN- ..........$RESET_COLORS..........: $COLOR_VALUE `df -H ${FS} | grep -v 'Filesystem' | grep -v '^[[:space:]]*$' | awk '{print $6 " " $4}'` remaining $RESET_COLORS"
+echo -e "$COLOR_COLUMN- ..........$RESET_COLORS..........: $COLOR_VALUE `df -H ${FS} | grep -v 'Filesystem' | grep -v '^[[:space:]]*$' | awk '{print $6 \" \" $4}'` remaining $RESET_COLORS"
 done
+{% endif %}
 echo -e "
 ===========================================================================
 "
+if [ -f /etc/motd ]; then
+  /usr/bin/env cat /etc/motd
+fi
+else
+# Just exit :)
+exit 0
+fi;

terraform/.terraform.lock.hcl

@@ -1,22 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/linode/linode" {
-  version     = "1.16.0"
-  constraints = "1.16.0"
-  hashes = [
-    "h1:JpBtHnebAi6yr/aDdlk8EybaEiEY+VPtFP3o0QoMTng=",
-    "zh:03c867440797b82012cd5d97f58fef5885dc0248683227299a39af836df222db",
-    "zh:0486be7f72d6ea73d10140e23be8c1d2772b2d8be28c7bb39c73be83601405cf",
-    "zh:181929d6880cac6500f4af1f3799385c47ccd69872cacf1042a3a48e445b2b02",
-    "zh:18b7f6cc1ddf86e28322638607e1f84c1e9d56824c26903e22d4d12352f20b6e",
-    "zh:4e65e7f9e17c334ff7047fc2dd8fc479c2509cba66834d89e2033a45e9275fe3",
-    "zh:6077eda3fdf77a5158d9dc1a0c38492e23f7d679b1ac96382ba92ebe92e19266",
-    "zh:642e7c96867c519176d84228a7f9104352212ae3c999b409eee1076b7ed90a96",
-    "zh:6451f5117125fad9884214fe2f2635a2bed95912e64cf1c66a57c38558dfe907",
-    "zh:83b957b30da19586393b9aea2cc93524a7d4c43dd07d11129a11d29c2b4bfb21",
-    "zh:852954fe6cfe5278bd7c3d1079a9832bbf8c58436486489ed85154c0a0600633",
-    "zh:a2385c51147a3c40707f7bfceb673c077e1054e8af6fb4c808cef56f995b8193",
-    "zh:d21cd5cb5a635d18547430fe6cdfe3c6898541f9f3adc110edbf8d6e0439390d",
-  ]
-}

terraform/drone-runners.tf

@@ -1,58 +0,0 @@
-variable "drone_instances" {
-  description = "How many runner instances should there be?"
-  default = 3
-}
-variable "root_pass" {
-  description = "Root password to set on the node"
-}
-
-variable "linode_api_token" {
-  description = "Linode API Token"
-}
-
-variable "ssh_pubkey" {
-    description = "SSH key to be allowed access by default"
-}
-
-terraform {
-  required_providers {
-    linode = {
-      source = "linode/linode"
-      version = "1.16.0"
-    }
-  }
- backend "local" {
-         path = "/data/runner.tfstate"  
- }
-}
-
-provider "linode" {
-  token = var.linode_api_token
-}
-
-resource "linode_instance" "terraform-drone" {
-  connection { 
-               type = "ssh"
-               user = "root"
-               password = var.root_pass    
-               host     = self.ip_address  
-             }
-
-        count = var.drone_instances
-        image = "private/15818922"
-        label = "drone-runner-${count.index + 1}"
-        group = "docker"
-        tags = ["tag_Testing","docker"]
-        region = "ap-southeast"
-        type = "g6-standard-2"
-        authorized_keys = [ var.ssh_pubkey ]
-        root_pass = var.root_pass
-
-  provisioner "remote-exec" {
-    inline = [
-        "yum upgrade -y && systemctl restart docker",
-        "docker rm -f runner",
-        "docker run --detach --volume=/var/run/docker.sock:/var/run/docker.sock --env=DRONE_RPC_PROTO=https --env=DRONE_RPC_HOST=drone.guise.net.nz --env=DRONE_RPC_SECRET=super-duper-secret --env=DRONE_RUNNER_CAPACITY=2 --env=DRONE_RUNNER_NAME=drone-runner-${count.index + 1} --env=DRONE_RUNNER_LABELS='linodrone:true' --env=--publish=3000:3000 --restart=always --name=runner drone/drone-runner-docker:1"
-    ]
-  }
-}

utils.libsonnet

@@ -1,42 +0,0 @@
-{
-docker_service()::
- {
-   name: 'docker',
-   image: 'docker:dind',
-   privileged: true,
-   volumes: [{ name: 'dockersock', path: '/var/run' },],
- },
-
-email_notification()::
- {
-   name: 'notify by email',
-   image: 'drillster/drone-email',
-   settings:
-    { host: 'mail.guise.net.nz',
-      username:
-        { from_secret: 'EMAIL_USER' },
-      password:
-        { from_secret: 'EMAIL_PASS' },
-      from: 'drone@guise.net.nz'
-    },
-   when:
-     {  status: [ 'changed', 'failure' ] },
-  },
-
-test_distro(distribution)::
-  {
-    name: 'Test on %(distribution)s' % { distribution: distribution },
-    volumes: [{ name: 'dockersock', path: '/var/run' },],
-    image: 'guisea/ansible-molecule:latest',
-    commands: [
-      'sleep 10', // give docker enough time to start
-      'mkdir ${DRONE_REPO_NAME}',
-      'rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}',
-      'cd ${DRONE_REPO_NAME}',
-      'molecule test'
-    ],
-    environment:
-     { MOLECULE_DISTRO: '%(distribution)s' % { distribution: distribution }
-     },
-  },
-}