Fix yamllint errors

approved
(Bruce Becker) #1

Fix yamllint errors

From dd78647fd6a3df99822f7c87b7584ac59ffcad34 Mon Sep 17 00:00:00 2001
From: Bruce Becker <brucellino@gmail.com>
Date: Wed, 10 Oct 2018 11:06:33 +0200
Subject: [PATCH] Fix yamllint errors


diff --git a/.travis.yml b/.travis.yml
index a355aca..7966f94 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -10,14 +10,14 @@ install:
   # - pip install ansible
   - pip install yamllint
   - bundle
-before_script: 
+before_script:
 script:
   - find . -name "*.yml" -exec yamllint {} \;
   - cd tests/content
   - inspec exec categories
-after_success: 
-after_failure: 
-after_script: 
+after_success:
+after_failure:
+after_script:
 notifications:
   slack:
     secure: QVsFzD+yZnQvqXEazoCr04N+z1dFLxagP8rJ3EMpq//YyA52xwPDPrEXaKBmiFYGYaOBWsLV4O01Ds4x0eJRkkYFZT24+gY4Mb3fcLrEKvTvzLqCWj8N5PyZ8sgqiyUJ6E8YTnnarmKhZheoO0j6xBuDfbxPDtYe6z/9g+IOHuw0f/GgfDVUDfniFVNnAs0kbpInr9gERwx6/OVI9ugtZP3ZIb7pNKWwTZKMgiDaGO/Vifcxuy55TH3BBePwp0T1PorV42MqBH1LIsCpqb/zHB9ce0KqlMcWT0iQMVl11pQe9N20PoHUtj5mBKyU8+nq5OI7qW51+CVDPnlopv1ST/jlfuTTXViICpfe+EfCjE8JScxvT1v96KwMx9/gw0eSSB8njA3gBz9rULSfJu5fskuX/SmDSj7mRGWYCEzGzidp8GqPSsvXBTRknQgmfOwx28H0ab3u6Adag/JktiOrk+4dcLKVtAe9GPvRdcZtUOCXd/wBIUjj8W0Wo63m217IVGXLIGIRjjfO6NB6GzdM67H4kAz2Um21F1OhBGP/TgHXJz4yV4o85sbcenaE6JcRbMv13gKoK+W6h5C1rvDAqIlyyzOcctbYH0KRBDWa7KPwjEzZOOmrNz4uf6l7lPfkLuFsbU/nC+UbVALoWfD6511NHf1rvkpq7nvzAiURc5s=
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000..addf0aa
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,7 @@
+extends: default
+
+rules:
+  # 80 chars should be enough, but don't fail if a line is longer
+  line-length:
+    max: 80
+    level: warning
diff --git a/Vagrantfile b/Vagrantfile
new file mode 100644
index 0000000..f2fbaf0
--- /dev/null
+++ b/Vagrantfile
@@ -0,0 +1,6 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure('2') do |config|
+  config.vm.box = 'geerlingguy/centos7'
+end
diff --git a/group_vars/forum.yml b/group_vars/forum.yml
index becf732..1042942 100644
--- a/group_vars/forum.yml
+++ b/group_vars/forum.yml
@@ -8,21 +8,21 @@ ssh_server_enabled: true               # sshd
 ssh_use_dns: false                      # sshd
 # true or value if compression is needed
 ssh_compression: false                  # sshd
-# For which components (client and server) to generate the configuration for. 
+# For which components (client and server) to generate the configuration for.
 # Can be useful when running against a client without an SSH server.
 ssh_client_hardening: true          # ssh
 ssh_server_hardening: true          # sshd
-# true if CBC for ciphers is required. 
-# This is usually only necessary, if older M2M mechanism need to communicate with SSH, that don't have any of the configured secure ciphers enabled. 
-# CBC is a weak alternative. 
+# true if CBC for ciphers is required.
+# This is usually only necessary, if older M2M mechanism need to communicate with SSH, that don't have any of the configured secure ciphers enabled.
+# CBC is a weak alternative.
 # Anything weaker should be avoided and is thus not available.
 ssh_client_cbc_required: false          # ssh
 ssh_server_cbc_required: false          # sshd
-# true if weaker HMAC mechanisms are required. 
+# true if weaker HMAC mechanisms are required.
 # This is usually only necessary, if older M2M mechanism need to communicate with SSH, that don't have any of the configured secure HMACs enabled.
 ssh_client_weak_hmac: false             # ssh
 ssh_server_weak_hmac: false             # sshd
-# true if weaker Key-Exchange (KEX) mechanisms are required. 
+# true if weaker Key-Exchange (KEX) mechanisms are required.
 # This is usually only necessary, if older M2M mechanism need to communicate with SSH, that don't have any of the configured secure KEXs enabled.
 ssh_client_weak_kex: false              # ssh
 ssh_server_weak_kex: false              # sshd
@@ -33,12 +33,12 @@ ssh_server_password_login: false          # sshd
 ssh_server_ports: ['22']      # sshd
 # port to which ssh-client should connect
 ssh_client_port: '22'         # ssh
-# one or more ip addresses, to which ssh-server should listen to. 
+# one or more ip addresses, to which ssh-server should listen to.
 # Default is empty, but should be configured for security reasons!
 ssh_listen_to: ['0.0.0.0']    # sshd
 # Host keys to look for when starting sshd.
 ssh_host_key_files: []  # sshd
-# Specifies  the  maximum  number  of authentication attempts permitted per connection.  
+# Specifies  the  maximum  number  of authentication attempts permitted per connection.
 # Once the number of failures reaches half this value, additional failures are logged.
 ssh_max_auth_retries: 2
 ssh_client_alive_interval: 600          # sshd
@@ -147,30 +147,30 @@ ssh_server_revoked_keys: []
 cert_location: /etc/ssl/certs/
 nginx_sites:
   http:
-    -  listen      80 default
+    - listen      80 default
     - server_name community.egi.eu
 ## redirect http to https ##
     - return      301 https://$server_name$request_uri
   https:
-     - listen 443 
-     - listen [::]:443
-     - ssl on
-     - ssl_certificate    /etc/ssl/certs/server.crt
-     - ssl_certificate_key    /etc/ssl/certs/server.key
-     - ssl_session_timeout 1d
-     - ssl_protocols TLSv1.2
-     - ssl_ciphers  'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
-     - ssl_prefer_server_ciphers on
-     - ssl_session_cache shared:SSL:10m
-     - add_header Strict-Transport-Security max-age=15768000
-     - server_name community.egi.eu
-     - | 
-            location / { 
-                proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:; 
-                proxy_set_header Host $http_host; proxy_http_version 1.1; 
-                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
-                proxy_set_header X-Forwarded-Proto $scheme; 
-                }
+    - listen 443
+    - listen [::]:443
+    - ssl on
+    - ssl_certificate    /etc/ssl/certs/server.crt
+    - ssl_certificate_key    /etc/ssl/certs/server.key
+    - ssl_session_timeout 1d
+    - ssl_protocols TLSv1.2
+    - ssl_ciphers  'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
+    - ssl_prefer_server_ciphers on
+    - ssl_session_cache shared:SSL:10m
+    - add_header Strict-Transport-Security max-age=15768000
+    - server_name community.egi.eu
+    - |
+          location / {
+              proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
+              proxy_set_header Host $http_host; proxy_http_version 1.1;
+              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+              proxy_set_header X-Forwarded-Proto $scheme;
+              }
 # Discourse stuff
 #discourse_hostname:
 developer_emails: 'brucellino@gmail.com'
diff --git a/tests/content/categories/files/categories.yml b/tests/content/categories/files/categories.yml
index 937122b..1401074 100644
--- a/tests/content/categories/files/categories.yml
+++ b/tests/content/categories/files/categories.yml
@@ -1,9 +1,9 @@
 ---
-categories: 
-# These should also somehow reflect the hierarchy of the categories.
+categories:
+  # These should also somehow reflect the hierarchy of the categories.
   - name: 'AAI'
     slug: 'aai'
   - name: 'EGI Operations'
     slug: 'egi-ops'
   - name: 'EGI Services'
-    slug: 'egi-services'
\ No newline at end of file
+    slug: 'egi-services'
diff --git a/tests/content/categories/inspec.yml b/tests/content/categories/inspec.yml
index 64cc86d..bb33feb 100644
--- a/tests/content/categories/inspec.yml
+++ b/tests/content/categories/inspec.yml
@

GitHub