Improve ansible code so that ansibe-lint shows fewer errors

roles/lmn_vm/defaults/main.yml

@@ -1,2 +1,3 @@
 ---
 vm_support: false
+torrent_srv: "seedbox.{{ domain }}"

roles/lmn_vm/handlers/main.yml

@@ -1,5 +1,5 @@
 - name: Reload libvirtd
-  systemd:
+  ansible.builtin.systemd:
     name: libvirtd.service
   listen: reload libvirtd
 

roles/lmn_vm/tasks/main.yml

@@ -4,32 +4,31 @@
 - name: Allow users to attach to bridge
   ansible.builtin.copy:
     dest: /etc/apt/apt.conf.d/94qemu-bridge-suid
+    mode: '0644'
     content: |
       ## Modify permissions after installation/upgrade
       ## to run qemu-bridge as root
       DPkg::Post-Invoke {"/usr/bin/chmod 4755 /usr/lib/qemu/qemu-bridge-helper || true"; };
 
 
-- name: install libvirt packages
-  apt:
+- name: Install libvirt packages
+  ansible.builtin.apt:
     name:
       - aria2
       - mktorrent
       - libvirt-daemon-system
       - virt-manager
       - dialog # for vm-netboot menu
-    state: latest
-    autoremove: true
 
-    #- name: allow all users to use VMs
-    #  lineinfile:
-    #    dest: /etc/libvirt/libvirtd.conf
-    #    line: 'auth_unix_rw = "none"'
-    #    insertafter: '#auth_unix_rw = "polkit"'
-    #  notify: reload libvirtd
+    # - name: allow all users to use VMs
+    #   lineinfile:
+    #     dest: /etc/libvirt/libvirtd.conf
+    #     line: 'auth_unix_rw = "none"'
+    #     insertafter: '#auth_unix_rw = "polkit"'
+    #   notify: reload libvirtd
 
 - name: Configure pam_mount for VM bind mounts
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mounts for VMs) -->"
     block: |
@@ -49,7 +48,7 @@
     insertafter: "<!-- END ANSIBLE MANAGED BLOCK .* -->"
 
 - name: Configure pam_mount for VM bind mounts
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (bind mount school for VMs) -->"
     block: |
@@ -63,7 +62,7 @@
   when: localhome is defined and localhome
 
 - name: Use umount script for proper cleanup
-  blockinfile:
+  ansible.builtin.blockinfile:
     dest: /etc/security/pam_mount.conf.xml
     marker: "<!-- {mark} ANSIBLE MANAGED BLOCK (umount script needed for bind mounts ordering) -->"
     block: |
@@ -75,16 +74,16 @@
   ansible.builtin.copy:
     src: pam-umount.sh
     dest: /usr/local/sbin/pam-umount.sh
-    mode: "0755"
+    mode: '0755'
 
 - name: Insert domain in default-network
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: /etc/libvirt/qemu/networks/default.xml
     line: '  <domain name="{{ ansible_domain }}" localOnly="no"/>'
     insertafter: '</ip>'
 
 - name: Autostart default network for VMs
-  file:
+  ansible.builtin.file:
     src: /etc/libvirt/qemu/networks/default.xml
     dest: /etc/libvirt/qemu/networks/autostart/default.xml
     state: link
@@ -97,56 +96,57 @@
     create_home: false
 
 - name: Create /etc/lmn directory
-  file:
+  ansible.builtin.file:
     path: /etc/lmn
     state: directory
+    mode: '0755'
 
 - name: Create /lmn directory
-  file:
+  ansible.builtin.file:
     path: /lmn
     state: directory
+    mode: '0755'
 
 - name: Create /lmn/media directory
-  file:
+  ansible.builtin.file:
     path: /lmn/media
     state: directory
     mode: '1777'
 
 - name: Create /var/vm directory
-  file:
+  ansible.builtin.file:
     path: /var/vm
     state: directory
     mode: '1777'
 
 - name: Create vm directory
-  file:
+  ansible.builtin.file:
     path: /lmn/vm
     state: directory
     owner: lmnsynci
     group: lmnsynci
-    mode: 0755
+    mode: '0755'
 
 - name: Create cleanup-vm.conf
   ansible.builtin.copy:
     dest: /etc/tmpfiles.d/clean-vm.conf
+    mode: '0644'
     content: |
       D /var/tmp/vm 1777 root root -
 
 - name: Install squid
-  apt:
+  ansible.builtin.apt:
     name:
       - squid
-    state: latest
-    autoremove: true
 
 - name: Disable squid
-  systemd:
+  ansible.builtin.systemd:
     name: squid
     enabled: false
     state: stopped
 
 - name: Deploy squid user mode configuration
-  template:
+  ansible.builtin.template:
     src: "{{ item }}.j2"
     dest: "/etc/squid/{{ item }}"
     mode: '0644'
@@ -155,16 +155,16 @@
     - squid-usermode-external.conf
 
 - name: Deploy startusersquid script
-  template:
+  ansible.builtin.template:
     src: startusersquid.sh.j2
     dest: /usr/local/bin/startusersquid.sh
     mode: '0755'
 
 - name: Provide usersquid service
-  copy:
+  ansible.builtin.copy:
     src: usersquid.service
     dest: /etc/systemd/user/usersquid.service
-    mode: 0644
+    mode: '0644'
 
 - name: Enable usersquid service
   ansible.builtin.systemd:
@@ -173,7 +173,7 @@
     enabled: true
 
 - name: Deploy sudo configurations
-  copy:
+  ansible.builtin.copy:
     src: "{{ item }}"
     dest: "/etc/sudoers.d/90-{{ item }}"
     owner: root
@@ -184,7 +184,7 @@
     - lmn-vm
 
 - name: Deploy vmimages scripts
-  copy:
+  ansible.builtin.copy:
     src: "{{ item }}"
     dest: /usr/local/bin/
     owner: root
@@ -210,6 +210,7 @@
     dest: /etc/lmn/vm.conf
     owner: root
     group: root
+    mode: '0644'
 
 - name: Deploy aria2 RPC password file
   ansible.builtin.copy:
@@ -226,15 +227,18 @@
     state: directory
     owner: lmnsynci
     group: lmnsynci
+    mode: '0755'
 
 - name: Prepare directory for qemu bridge config
   ansible.builtin.file:
     path: /etc/qemu/
     state: directory
+    mode: '0755'
 
 - name: Deploy bridge.conf needed for qemu session mode
   ansible.builtin.copy:
     dest: /etc/qemu/bridge.conf
+    mode: '0644'
     content: |
       allow virbr0
       allow virbr1
@@ -263,6 +267,7 @@
 - name: Adjust interface permissions for user mode VMs
   ansible.builtin.copy:
     dest: /etc/udev/rules.d/80-macvlan.rules
+    mode: '0644'
     content: |
       {% for interface in (ansible_interfaces | select('search', '^en[pso].+')) %}
       SUBSYSTEMS=="net", KERNELS=="macvtap-{{ interface[3:9] }}", MODE="0666"