Switched to usage of FQCNs

local.yml

@@ -12,31 +12,31 @@
 
   pre_tasks:
     - name: pre-run | get status of marker file
-      stat:
+      ansible.builtin.stat:
         path: "{{ ansible_pull_marker_file }}"
       register: marker_file_stat
       tags: always
 
     - name: pre-run | check if last run was within cooldown period
-      meta: end_play
+      ansible.builtin.meta: end_play
       when:
         - marker_file_stat.stat.exists
         - (ansible_date_time.epoch | int) - (marker_file_stat.stat.mtime | int) < (ansible_reboot_cooldown_minutes | int * 60)
       tags: always
 
     - name: pre-run | set marker file path as a cached fact
-      set_fact:
+      ansible.builtin.set_fact:
         ansible_pull_marker_file: "{{ ansible_pull_marker_file }}"
         cacheable: true
       tags: always
 
     - name: pre-run | update apt repository (debian, ubuntu, etc.) # noqa no-changed-when
-      apt: update_cache=yes
+      ansible.builtin.apt: update_cache=yes
       #changed_when: false
       when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
       ignore_errors: True
     - name: pre-run | update pacman repository (arch)
-      pacman: update_cache=yes
+      community.general.pacman: update_cache=yes
       #changed_when: false
       when: ansible_distribution == 'Archlinux'
       ignore_errors: True
@@ -50,12 +50,12 @@
 - hosts: all:!database
   pre_tasks:
     - name: pre-run | upgrade system (debian, ubuntu, etc.)
-      apt: upgrade=dist
+      ansible.builtin.apt: upgrade=dist
       #changed_when: false
       when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
       ignore_errors: True
     - name: pre-run | upgrade system (arch)
-      pacman: upgrade=true
+      community.general.pacman: upgrade=true
       when: ansible_distribution == 'Archlinux'
       ignore_errors: True
 
@@ -216,14 +216,14 @@
   post_tasks:
     - name: cleanup package cache (debian and ubuntu)
       tags: always
-      apt:
+      ansible.builtin.apt:
         autoclean: yes
       changed_when: false
       when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
     - name: autoremove orphan packages (debian and ubuntu)
       tags: always
-      apt:
+      ansible.builtin.apt:
         autoremove: yes
         purge: yes
       when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
@@ -231,7 +231,7 @@
     - name: post-run | update marker file timestamp on successful run
       file:
         path: "{{ ansible_pull_marker_file }}"
-        state: touch
+        state: ansible.builtin.touch
       tags: always
     # - name: send completion alert
     #   include_tasks: playbooks/send_completion_alert.yml

roles/backup/tasks/system_setup/copy_backup_config.yml

@@ -1,5 +1,5 @@
 - name: backup | system setup | create backup config directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
   loop:
@@ -8,24 +8,24 @@
     - "/opt/backup/config"
     
 - name: backup | system setup | create a link to backup script
-  file:
+  ansible.builtin.file:
     path: "/opt/backup/bin/backup_remote.bash"
     state: link
     src: "{{ ansible_user_dir }}/bin/backup_remote.bash"
 
 - name: backup | system setup | copy backup config files
-  copy:
+  ansible.builtin.copy:
     dest: "/opt/backup/config/"
     src: "config/"
 
 - name: backup | system setup | copy backup config files 2
-  template:
+  ansible.builtin.template:
     src: "backup_remote.j2"
     dest: "/opt/backup/config/backup_remote.conf"
     force: Yes
   
 - name: backup | system setup | add entries to ssh_config
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: "{{ ansible_user_dir }}/.ssh/config"
     block: "{{ lookup('template', 'ssh_config.j2') }}"
     marker: "## {mark} ANSIBLE MANAGED BLOCK FOR backup"

roles/docker/tasks/install_docker.yml

@@ -1,13 +1,13 @@
 - block:
   - name: docker | install docker | get convenience script
-    get_url:
+    ansible.builtin.get_url:
       url: "https://get.docker.com"
       dest: "~/get-docker.sh"
       mode: "0777"  # not required. The permissions the resulting file or directory should have. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like C(0644) or C(01777)) or quote it (like C('644') or C('1777')) so Ansible receives a string and can do its own conversion from string into number. Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)). As of Ansible 2.6, the mode may also be the special string C(preserve). When set to C(preserve) the file will be given the same permissions as the source file.
       use_proxy: No
 
   - name: docker | install docker | execute convenience script
-    shell:
+    ansible.builtin.shell:
       cmd: "/tmp/get-docker.sh"
       creates: /usr/bin/docker
 
@@ -18,7 +18,7 @@
   when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: docker | install docker | docker-compose
-  package:
+  ansible.builtin.package:
     name: "{{ item }}"
     state: latest
   loop:
@@ -26,7 +26,7 @@
     - docker-compose
 
 - name: docker | install docker | enable service
-  service:
+  ansible.builtin.service:
     name: docker 
     state: started
     enabled: true

roles/drone/tasks/create_app.yml

@@ -1,20 +1,20 @@
 - name: drone | create app | generate shared secret
-  command: openssl rand -hex 16
+  ansible.builtin.command: openssl rand -hex 16
   register: DRONE_RPC_SECRET
 
 - name: drone | create app | create docker dir
-  file:
+  ansible.builtin.file:
     path: "/opt/docker/drone"
     state: directory
 
 - name: drone | create app | create docker-compose.yml
-  template:
+  ansible.builtin.template:
     src: "docker-compose.yml.j2"
     dest: "/opt/docker/drone/docker-compose.yml"
     force: no
     validate: "docker-compose -f %s config" # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the examples below. The command is passed securely so shell features like expansion and pipes will not work.
 
 - name: drone | create app | start docker container
-  command:
+  ansible.builtin.command:
     cmd: "docker-compose up -d"
     chdir: "/opt/docker/drone"

roles/podman/tasks/main.yml

@@ -8,7 +8,7 @@
     update_cache: yes
 
 - name: Create local mount point for Podman NFS data
-  ansible.builtin.file:
+  ansible.builtin.file: # noqa name[missing]
     path: "{{ podman_data_mount_point }}"
     state: directory
     mode: '0755'
@@ -48,7 +48,7 @@
     update_cache: yes
 
 - name: Create directory for Portainer compose file
-  ansible.builtin.file:
+  ansible.builtin.file: # noqa name[missing]
     path: "{{ podman_data_mount_point }}/compose/portainer"
     state: directory
     mode: '0755'

roles/server/tasks/utilities/snmpd.yml

@@ -1,12 +1,12 @@
-- include_vars: snmp_users.yml
+- ansible.builtin.include_vars: snmp_users.yml
 
 - name: server | snmpd | install package
-  package:
+  ansible.builtin.package:
     name: "{{ snmpd_package }}"
     state: present
 
 - name: server | snmpd | install sudoers file
-  copy:
+  ansible.builtin.copy:
     dest: "/etc/sudoers.d/10-debian-snmp"
     src: "sudoers"
     owner: "root"
@@ -16,14 +16,14 @@
   when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: server | snmpd | create /etc/snmp
-  file:
+  ansible.builtin.file:
     path: "/etc/snmp"
     state: directory
     owner: "root"
     group: "root"
 
 - name: server | snmpd | insert anchors to snmpd.conf
-  blockinfile:
+  ansible.builtin.blockinfile:
     path: "{{ snmpd_conf }}"
     create: true
     marker: "# {mark} ANSIBLE MANAGED BLOCK"
@@ -32,24 +32,24 @@
       # SECTION: custom settings
 
 - name: server | snmpd | stop service
-  service:
+  ansible.builtin.service:
     name: "snmpd"
     state: stopped
 
 - name: server | snmpd | setup monitoring user SNMPv3
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_user_file }}"
     create: true
     line: "createuser {{ snmp_user }} {{ snmp_auth_proto }} {{ snmp_auth_pass }} {{ snmp_priv_proto }} {{ snmp_priv_pass }}"
 
 - name: server | snmpd | setup ACLs
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
     line: "rouser {{ snmp_user }} authpriv"
     insertafter: "# SECTION: custom settings"
 
 - name: server | snmpd | enable service on wireguard interface
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}"
     regexp: "^agentaddress.*$"
     state: present
@@ -57,34 +57,34 @@
   when: wg_local_ip is defined
 
 - name: server | snmpd | set sysLocation
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}"
     regexp: '^sysLocation.*$'
     state: present
     line: "sysLocation  {{ snmp_location }}"
 
 - name: server | snmpd | set sysContact
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}"
     regexp: '^sysContact.*$'
     state: present
     line: "sysContact  {{ snmp_contact }}"
 
 - name: server | snmpd | enable service on all interfaces
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}"
     regexp: "^agentaddress.*$"
     state: absent
   when: wg_local_ip is not defined
 
 - name: server | snmpd | copy distro script
-  copy:
+  ansible.builtin.copy:
     dest: "/etc/snmp/distro"
     src: "distro"
     mode: "0755"
 
 - name: server | snmpd | get os-updates script
-  get_url:
+  ansible.builtin.get_url:
     url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/osupdate"
     dest: "/etc/snmp/osupdate"
     mode: "0755"
@@ -92,7 +92,7 @@
     group: "root"
 
 - name: server | snmpd | configure extends
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ snmpd_conf }}"
     state: present
     line: "extend {{ item.service }} '{{ item.script }}'"
@@ -106,14 +106,14 @@
 
 - block:
   - name: server | snmpd | get proxmox script
-    get_url:
+    ansible.builtin.get_url:
       url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/agent-local/proxmox"
       dest: "/usr/local/bin/proxmox"
       mode: "0755"
       owner: "root"
       group: "root"
   - name: server | snmpd | configure proxmox extends
-    lineinfile:
+    ansible.builtin.lineinfile:
       path: "{{ snmpd_conf }}"
       state: present
       line: "extend proxmox {{ sudo }} /usr/local/bin/proxmox"
@@ -123,7 +123,7 @@
     - is_proxmox == true
 
 - name: server | snmpd start service
-  service:
+  ansible.builtin.service:
     name: "snmpd"
     state: started
     enabled: true

roles/server/tasks/utilities/telegraf.yml

@@ -4,29 +4,29 @@
 #     state: absent
 
 - name: server | telegraf | download key
-  uri:
+  ansible.builtin.uri:
     url: "https://repos.influxdata.com/influxdata-archive_compat.key"
     dest: "/tmp/influxdb.key"
     creates: "/tmp/influxdb.key"
 
 - name: server | telegraf | verify and import key
-  shell:
+  ansible.builtin.shell:
     cmd: "echo '393e8779c89ac8d958f81f942f9ad7fb82a25e133faddaf92e15b16e6ac9ce4c /tmp/influxdb.key' | sha256sum -c && cat /tmp/influxdb.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null"
     creates: "/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg"
 
 - name: server | telegraf | add repository
-  shell:
+  ansible.builtin.shell:
     cmd: "echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list"
     creates: "/etc/apt/sources.list.d/influxdata.list"
 
 - name: server | telegraf | install telegraf
-  apt:
+  ansible.builtin.apt:
     name: "telegraf"
     state: latest
     update_cache: yes
 
 - name: server | telegraf | copy basic config
-  copy:
+  ansible.builtin.copy:
     dest: "/etc/telegraf/telegraf.d/{{ item | basename }}"
     src: "{{ item }}"
   with_fileglob:

roles/webservers/tasks/apps/nextcloud/prereq.yml

@@ -1,5 +1,5 @@
 - name: webservers | nextcloud | basic tools
-  package:
+  ansible.builtin.package:
     state: latest
     name:
       - ca-certificates
@@ -10,19 +10,19 @@
   when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: webservers | nextcloud | prereq | get php repo key
-  uri:
+  ansible.builtin.uri:
     url: "https://packages.sury.org/php/apt.gpg"
     dest: "/etc/apt/trusted.gpg.d/php.gpg"
 
 - name: webservers | nextcloud | prereq | add php repo
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "/etc/apt/sources.list.d/php.list"
     state: present
     line: "deb https://packages.sury.org/php/ {{ ansible_distribution_release | lower }} main"
     create: True
   
 - name: webservers | nextcloud | prereq | install php
-  package:
+  ansible.builtin.package:
     state: latest
     name: "{{ item.package }}"
     update_cache: True