majic-ansible-roles Changeset

Changeset - ddfeb485fb84

Parent rev.

Child rev.

[Not reviewed]

0 5 0

Branko Majic (branko) - 9 years ago 2015-09-26 17:10:22
branko@majic.rs

MAR-35: Fixed handling of Ansible-provided facts, making it _much_ simpler along the way as well.

5 files changed with 27 insertions and 27 deletions:

docs/rolereference.rst

roles/ldap_server/defaults/main.yml

roles/mail_server/defaults/main.yml

roles/web_server/defaults/main.yml

roles/xmpp_server/defaults/main.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -470,7 +470,7 @@ Parameters @@
       by dn="cn=admin,BASEDN" write
       by * none
-**ldap_server_domain** (string, optional, ``hostvars[host]['domain']``)
+**ldap_server_domain** (string, optional, ``{{ ansible_domain }}``)
   Domain that should be used for constructing the base DN of default user LDAP
   database. This should be a sub-domain dedicated to organisation. The base DN
   will be constructed by putting all elements of the sub-domain as ``dc``
@@ @@ -486,11 +486,11 @@ Parameters @@
   <http://www.openldap.org/doc/admin24/slapdconf2.html#cn=config>` for value
   description and syntax.
-**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_ldap.pem``)
+**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_ldap.pem``)
   Path to file on Ansible host that contains the X.509 certificate used for TLS
   for LDAP service. The file will be copied to directory ``/etc/ssl/certs/``.
-**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_ldap.key``)
+**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ ansible_fqdn }}_ldap.key``)
   Path to file on Ansible host that contains the private key used for TLS for
   LDAP service. The file will be copied to directory ``/etc/ssl/private/``.
@@ @@ -591,15 +591,15 @@ Parameters @@
   Prosody. Each item is a string with value equal to XMPP user ID
   (i.e. ``john.doe@example.com``).
-**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_xmpp.key``)
+**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ ansible_fqdn }}_xmpp.key``)
   Path to file on Ansible host that contains the private key used for TLS for
   XMPP service. The file will be copied to directory ``/etc/ssl/private/``.
-**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_xmpp.pem``)
+**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_xmpp.pem``)
   Path to file on Ansible host that contains the X.509 certificate used for TLS
   for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``.
-**xmpp_domains** (list, optional, ``hostvars[host]['domain']``)
+**xmpp_domains** (list, optional, ``{{ ansible_domain }}``)
   List of domains that are served by this Prosody instance. Each item is a
   string specifying a domain.
@@ @@ -741,21 +741,21 @@ Parameters @@
 **mail_user_gid** (integer, optional, ``whatever OS picks``)
   GID of the user that owns all the mail files.
-**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_imap.pem``)
+**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_imap.pem``)
   Path to file on Ansible host that contains the X.509 certificate used for TLS
   for IMAP and ManageSieve services. The file will be copied to directory
   ``/etc/ssl/certs/``.
-**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_imap.key``)
+**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ ansible_fqdn }}_imap.key``)
   Path to file on Ansible host that contains the private key used for TLS for
   IMAP and ManageSieve services. The file will be copied to directory
   ``/etc/ssl/private/``.
-**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_smtp.pem``)
+**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_smtp.pem``)
   Path to file on Ansible host that contains the X.509 certificate used for TLS
   for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``.
-**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_smtp.key``)
+**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_smtp.key``)
   Path to file on Ansible host that contains the private key used for TLS for
   SMTP service. The file will be copied to directory ``/etc/ssl/private/``.
@@ @@ -767,7 +767,7 @@ Parameters @@
   List of RBLs to use for detecting servers which send out spam. Each item is a
   string resembling the RBL domain.
-**mail_postmaster** (string, optional, ``postmaster@{{ hostvars[host]['domain']}}``)
+**mail_postmaster** (string, optional, ``postmaster@{{ ansible_domain}}``)
   Mail address to use for the postmaster account in Dovecot.
 **smtp_allow_relay_from** (list, optional, [])
@@ @@ -897,11 +897,11 @@ The role implements the following: @@
 Parameters
 ~~~~~~~~~~
-**https_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_https.key``)
+**https_tls_key** (string, optional, ``{{ tls_private_key_dir }}/{{ ansible_fqdn }}_https.key``)
   Path to file on Ansible host that contains the private key used for TLS for
   HTTPS service. The file will be copied to directory ``/etc/ssl/private/``.
-**https_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_https.pem``)
+**https_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/{{ ansible_fqdn }}_https.pem``)
   Path to file on Ansible host that contains the X.509 certificate used for TLS
   for HTTPS service. The file will be copied to directory ``/etc/ssl/certs/``.

roles/ldap_server/defaults/main.yml

➞

Show inline comments

 ---
 ldap_entries: []
-ldap_server_domain: "{{ hostvars[host]['domain'] }}"
+ldap_server_domain: "{{ ansible_domain }}"
 # Internal value, base DN.
 ldap_server_int_basedn: "{{ ldap_server_domain | regex_replace('\\.', ',dc=') | regex_replace('^', 'dc=') }}"
 ldap_server_organization: "Private"
 ldap_server_log_level: 256
 ldap_server_tls_certificate: "{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_ldap.pem"
 ldap_server_tls_key: "{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_ldap.key"
 ldap_server_tls_certificate: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_ldap.pem"
 ldap_server_tls_key: "{{ tls_private_key_dir }}/{{ ansible_fqdn }}_ldap.key"
 ldap_server_ssf: 128
 ldap_permissions:
   - >

roles/mail_server/defaults/main.yml

➞

Show inline comments

@@ @@ -2,11 +2,11 @@ @@
 mail_ldap_tls_truststore: "/etc/ssl/certs/truststore.pem"
 mail_user: vmail
 imap_tls_certificate: "{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_imap.pem"
 imap_tls_key: "{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_imap.key"
 smtp_tls_certificate: "{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_smtp.pem"
 smtp_tls_key: "{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_smtp.key"
 imap_tls_certificate: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_imap.pem"
 imap_tls_key: "{{ tls_private_key_dir }}/{{ ansible_fqdn }}_imap.key"
 smtp_tls_certificate: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_smtp.pem"
 smtp_tls_key: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_smtp.key"
 imap_folder_separator: "/"
 smtp_rbl: []
-mail_postmaster: "postmaster@{{ hostvars[host]['domain'] }}"
+mail_postmaster: "postmaster@{{ ansible_domain }}"
 smtp_allow_relay_from: []
@@ \ No newline at end of file @@

roles/web_server/defaults/main.yml

➞

Show inline comments

 ---
 https_tls_key: "{{ tls_private_key_dir }}/hostvars[host]['fqdn']_https.key"
 https_tls_certificate: "{{ tls_certificate_dir }}/hostvars[host]['fqdn']_https.pem }}"
 https_tls_key: "{{ tls_private_key_dir }}/{{ ansible_fqdn }}_https.key"
 https_tls_certificate: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_https.pem }}"
 web_default_title: "Welcome"
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."

roles/xmpp_server/defaults/main.yml

➞

Show inline comments

 ---
-xmpp_domains: "{{ hostvars[host]['domain'] }}"
+xmpp_domains: "{{ ansible_domain }}"
 xmpp_ldap_filter: '(mail=$user@$host)'
 xmpp_ldap_scope: subtree
 xmpp_ldap_base: "{{ hostvars[host]['domain'] | regex_replace('\\.', ',dc=') | regex_replace('^', 'dc=') }}"
 xmpp_tls_certificate: "{{ tls_certificate_dir }}/{{ hostvars[host]['fqdn'] }}_xmpp.pem"
 xmpp_tls_key: "{{ tls_private_key_dir }}/{{ hostvars[host]['fqdn'] }}_xmpp.key"
 xmpp_ldap_base: "{{ ansible_domain | regex_replace('\\.', ',dc=') | regex_replace('^', 'dc=') }}"
 xmpp_tls_certificate: "{{ tls_certificate_dir }}/{{ ansible_fqdn }}_xmpp.pem"
 xmpp_tls_key: "{{ tls_private_key_dir }}/{{ ansible_fqdn }}_xmpp.key"

0 comments (0 inline, 0 general)