add etckeeper (#649)

Reviewed-on: #649
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>

.woodpecker/ansible-lint.yml

@@ -1,7 +1,4 @@
 ---
-kind: pipeline
-type: docker
-name: ansible-lint
 depends_on:
   - gitleaks
 steps:
@@ -9,11 +6,14 @@ steps:
     image: quay.io/ansible/creator-ee
     commands:
       - ansible-lint --version
-      - echo $VAULT-PASS > ./vault-pass.yml # nach des Secret in Großschreibung
+      - echo $${VAULTPASS} > ./vault-pass.yml # nach des Secret in Großschreibung
+      - cat ./vault-pass.yml #debug
       - ansible-galaxy install -r requirements.yml
       - ansible-lint --force-color --format pep8
     when:
       event:
         exclude:
           - tag
-    secret: [vault-pass] #dieses Secret darf verwendet werden
+    secrets:
+      - source: vault-pass # name des Secrets in Woodpecker/GUI
+        target: vaultpass # lower-case Name der variable zur Verwendung in dem CI-File, wird dann so genutzt $${VAULTPASS}

.woodpecker/gitleaks.yml

@@ -1,7 +1,4 @@
 ---
-kind: pipeline
-type: docker
-name: gitleaks
 steps:
   gitleaks:
     image: zricethezav/gitleaks:latest

playbooks/base/system.yml

@@ -3,6 +3,8 @@
   roles:
     - role: mgrote_ntp_chrony_client
       tags: "ntp"
+    - role: mgrote_etckeeper
+      tags: "etckeeper"
     - role: mgrote_postfix
       tags: "postfix"
     - role: mgrote_fail2ban

roles/mgrote_etckeeper/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- name: ensure etckeeper is installed
+  become: true
+  ansible.builtin.package:
+    name:
+      - etckeeper
+      - git
+    state: present
+    install_recommends: false
+
+- name: ensure repository is initialized
+  ansible.builtin.command: etckeeper init
+  args:
+    chdir: /etc/
+    creates: /etc/.etckeeper
+...