Browse Source

Don't inject facts as vars

master
Lukas Bestle 1 year ago
parent
commit
38b3239854
Signed by: lukas GPG Key ID: 692037D104550FC9
  1. 1
      ansible.cfg
  2. 12
      roles/dav/tasks/main.yml
  3. 6
      roles/dav/templates/config.j2
  4. 2
      roles/dav/templates/service.ini.j2
  5. 6
      roles/git/tasks/main.yml
  6. 2
      roles/git/templates/app.ini.j2
  7. 4
      roles/git/templates/service.ini.j2
  8. 4
      roles/homebrew/tasks/main.yml
  9. 4
      roles/host-site/tasks/main.yml
  10. 4
      roles/host-site/templates/index.html.j2
  11. 10
      roles/mail-redirect/tasks/main.yml
  12. 16
      roles/mail/tasks/main.yml
  13. 2
      roles/mail/templates/muttrc.j2
  14. 2
      roles/mail/templates/qmail-dated.j2
  15. 26
      roles/terminal/tasks/main.yml
  16. 2
      roles/terminal/templates/gitconfig.j2
  17. 40
      roles/web/tasks/main.yml
  18. 2
      roles/web/templates/deploy.php.j2

1
ansible.cfg

@ -1,4 +1,5 @@
[defaults]
inject_facts_as_vars = false
inventory = hosts
transport = ssh

12
roles/dav/tasks/main.yml

@ -8,7 +8,7 @@
- name: Copy config to home directory
copy:
src: home/
dest: "{{ ansible_env.HOME }}/"
dest: "{{ ansible_facts.env.HOME }}/"
mode: preserve
tags: radicale-update
notify: Restart Radicale
@ -16,13 +16,13 @@
- name: Copy service config
template:
src: service.ini.j2
dest: "{{ ansible_env.HOME }}/etc/services.d/radicale.ini"
dest: "{{ ansible_facts.env.HOME }}/etc/services.d/radicale.ini"
notify: Reread service config
- name: Copy app config
template:
src: config.j2
dest: "{{ ansible_env.HOME }}/radicale/config"
dest: "{{ ansible_facts.env.HOME }}/radicale/config"
tags: radicale-update
notify: Restart Radicale
@ -52,12 +52,12 @@
- name: Initialize storage repository
command:
chdir: "{{ ansible_env.HOME }}/radicale/storage"
chdir: "{{ ansible_facts.env.HOME }}/radicale/storage"
cmd: git init
creates: "{{ ansible_env.HOME }}/radicale/storage/.git"
creates: "{{ ansible_facts.env.HOME }}/radicale/storage/.git"
- name: Set up garbage collection cronjob
cron:
name: "Garbage-collection"
special_time: weekly
job: git --git-dir {{ ansible_env.HOME }}/radicale/storage/.git gc
job: git --git-dir {{ ansible_facts.env.HOME }}/radicale/storage/.git gc

6
roles/dav/templates/config.j2

@ -3,14 +3,14 @@ hosts = 0.0.0.0:8080
[auth]
type = htpasswd
htpasswd_filename = {{ ansible_env.HOME }}/radicale/users
htpasswd_filename = {{ ansible_facts.env.HOME }}/radicale/users
htpasswd_encryption = bcrypt
realm = bstl DAV - Password Required
[rights]
type = from_file
file = {{ ansible_env.HOME }}/radicale/rights
file = {{ ansible_facts.env.HOME }}/radicale/rights
[storage]
filesystem_folder = {{ ansible_env.HOME }}/radicale/storage
filesystem_folder = {{ ansible_facts.env.HOME }}/radicale/storage
hook = git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)

2
roles/dav/templates/service.ini.j2

@ -1,4 +1,4 @@
[program:radicale]
command={{ ansible_env.HOME }}/.local/bin/radicale --config {{ ansible_env.HOME }}/radicale/config
command={{ ansible_facts.env.HOME }}/.local/bin/radicale --config {{ ansible_facts.env.HOME }}/radicale/config
autostart=yes
autorestart=yes

6
roles/git/tasks/main.yml

@ -8,7 +8,7 @@
- name: Copy config to home directory
copy:
src: home/
dest: "{{ ansible_env.HOME }}/"
dest: "{{ ansible_facts.env.HOME }}/"
mode: preserve
tags: gitea-update
notify: Restart Gitea
@ -16,13 +16,13 @@
- name: Copy service config
template:
src: service.ini.j2
dest: "{{ ansible_env.HOME }}/etc/services.d/gitea.ini"
dest: "{{ ansible_facts.env.HOME }}/etc/services.d/gitea.ini"
notify: Reread service config
- name: Copy app config
template:
src: app.ini.j2
dest: "{{ ansible_env.HOME }}/gitea/custom/conf/app.ini"
dest: "{{ ansible_facts.env.HOME }}/gitea/custom/conf/app.ini"
tags: gitea-update
notify: Restart Gitea

2
roles/git/templates/app.ini.j2

@ -3,7 +3,7 @@
; date: 2020-01-19
APP_NAME = codesignd Git
RUN_USER = {{ ansible_user_id }}
RUN_USER = {{ ansible_facts.user_id }}
RUN_MODE = prod
; Server settings

4
roles/git/templates/service.ini.j2

@ -1,5 +1,5 @@
[program:gitea]
command={{ ansible_env.HOME }}/.linuxbrew/bin/gitea web
environment=GITEA_WORK_DIR={{ ansible_env.HOME }}/gitea
command={{ ansible_facts.env.HOME }}/.linuxbrew/bin/gitea web
environment=GITEA_WORK_DIR={{ ansible_facts.env.HOME }}/gitea
autostart=yes
autorestart=yes

4
roles/homebrew/tasks/main.yml

@ -3,12 +3,12 @@
git:
repo: "https://github.com/Homebrew/brew.git"
version: master
dest: "{{ ansible_env.HOME }}/.linuxbrew"
dest: "{{ ansible_facts.env.HOME }}/.linuxbrew"
notify: Opt out from Homebrew analytics
- name: Install Homebrew formulae
homebrew:
name: "{{ homebrew_formulae }}"
state: latest
path: "{{ ansible_env.HOME}}/.linuxbrew/bin"
path: "{{ ansible_facts.env.HOME}}/.linuxbrew/bin"
update_homebrew: yes

4
roles/host-site/tasks/main.yml

@ -3,9 +3,9 @@
import_role:
name: snapstromegon.uberspace_web_domain
vars:
domain: kodos-{{ ansible_user_id }}.codesignd.net
domain: kodos-{{ ansible_facts.user_id }}.codesignd.net
- name: Set up host site
template:
src: index.html.j2
dest: /var/www/virtual/{{ ansible_user_id }}/html/index.html
dest: /var/www/virtual/{{ ansible_facts.user_id }}/html/index.html

4
roles/host-site/templates/index.html.j2

@ -4,7 +4,7 @@
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>kodos-{{ ansible_user_id }}.codesignd.net</title>
<title>kodos-{{ ansible_facts.user_id }}.codesignd.net</title>
<meta name="robots" content="noindex, nofollow">
<style>
@ -116,7 +116,7 @@
<body>
<main>
<svg viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><g fill="none"><path class="cog" d="M475.28 853.557L408.45 999.43a503.966 503.966 0 0 1-78.883-21.084l15.057-159.725a354.034 354.034 0 0 1-42.828-24.777l-130.73 92.853a510.782 510.782 0 0 1-57.761-57.762l92.853-130.729a354.034 354.034 0 0 1-24.777-42.828L21.655 670.434A503.967 503.967 0 0 1 .57 591.55l145.872-66.831a359.603 359.603 0 0 1-.85-24.72c0-8.31.287-16.553.85-24.72L.57 408.45a503.966 503.966 0 0 1 21.084-78.883l159.725 15.057a354.034 354.034 0 0 1 24.777-42.828l-92.853-130.73a510.782 510.782 0 0 1 57.762-57.761l130.729 92.853a354.034 354.034 0 0 1 42.828-24.777L329.566 21.655A503.967 503.967 0 0 1 408.45.57l66.831 145.872a359.404 359.404 0 0 1 49.44 0L591.55.57a503.966 503.966 0 0 1 78.883 21.084L655.377 181.38a354.034 354.034 0 0 1 42.828 24.777l130.73-92.853a510.782 510.782 0 0 1 57.761 57.762l-92.853 130.729a354.034 354.034 0 0 1 24.777 42.828l159.725-15.057a503.967 503.967 0 0 1 21.084 78.883L853.557 475.28a359.404 359.404 0 0 1 0 49.44l145.873 66.83a503.966 503.966 0 0 1-21.084 78.883L818.62 655.377a354.034 354.034 0 0 1-24.777 42.828l92.853 130.73a510.782 510.782 0 0 1-57.762 57.761l-130.729-92.853a354.034 354.034 0 0 1-42.828 24.777l15.057 159.725a503.967 503.967 0 0 1-78.883 21.084L524.72 853.557a359.404 359.404 0 0 1-49.44 0zM787.356 500c0-158.703-128.653-287.356-287.356-287.356S212.644 341.297 212.644 500 341.297 787.356 500 787.356 787.356 658.703 787.356 500z" fill="#F4B971"/><path stroke="#0BB888" stroke-width="57.471" d="M500 346.743l132.724 76.629v153.256L500 653.257l-132.724-76.629V423.372z"/><circle stroke="#ED8F1B" stroke-width="118.774" cx="500.001" cy="500" r="318.008"/></g></svg>
<h1><span>kodos-{{ ansible_user_id }}</span>.codesignd.net</h1>
<h1><span>kodos-{{ ansible_facts.user_id }}</span>.codesignd.net</h1>
</main>
<footer>

10
roles/mail-redirect/tasks/main.yml

@ -2,14 +2,14 @@
- name: Set up email redirect
copy:
content: "{{ mail_redirect_to }}"
dest: "{{ ansible_env.HOME }}/.qmail"
dest: "{{ ansible_facts.env.HOME }}/.qmail"
- name: Delete catch-all address and local Maildirs
file:
path: "{{ item }}"
state: absent
loop:
- "{{ ansible_env.HOME }}/.spamfolder"
- "{{ ansible_env.HOME }}/.qmail-default"
- "{{ ansible_env.HOME }}/Maildir"
- "{{ ansible_env.HOME }}/users"
- "{{ ansible_facts.env.HOME }}/.spamfolder"
- "{{ ansible_facts.env.HOME }}/.qmail-default"
- "{{ ansible_facts.env.HOME }}/Maildir"
- "{{ ansible_facts.env.HOME }}/users"

16
roles/mail/tasks/main.yml

@ -7,11 +7,11 @@
- name: Add configured domains to Uberspace config
shell: "uberspace mail domain add $(idn {{ item }})"
when: item not in uberspace_mail_domain_result.stdout_lines
loop: "{{ mail_domains.get(ansible_user_id, []) }}"
loop: "{{ mail_domains.get(ansible_facts.user_id, []) }}"
- name: Delete system Maildir
file:
path: "{{ ansible_env.HOME }}/Maildir"
path: "{{ ansible_facts.env.HOME }}/Maildir"
state: absent
- name: Set up local mail user
@ -19,7 +19,7 @@
name: snapstromegon.uberspace_mail_user
vars:
user: lukas
password: "{{ mail_passwords[ansible_user_id] }}"
password: "{{ mail_passwords[ansible_facts.user_id] }}"
- name: Enable catchall mode
import_role:
@ -30,11 +30,11 @@
- name: Create qdated key
command:
cmd: qdated-makekey
creates: "{{ ansible_env.HOME }}/.qdated-key"
creates: "{{ ansible_facts.env.HOME }}/.qdated-key"
- name: Read qdated key
slurp:
src: "{{ ansible_env.HOME }}/.qdated-key"
src: "{{ ansible_facts.env.HOME }}/.qdated-key"
register: qdated_key
no_log: yes
@ -46,14 +46,14 @@
- name: Set up .qmail-dated-default file
template:
src: qmail-dated.j2
dest: "{{ ansible_env.HOME }}/.qmail-dated-default"
dest: "{{ ansible_facts.env.HOME }}/.qmail-dated-default"
- name: Create mutt config directory
file:
path: "{{ ansible_env.HOME }}/.mutt"
path: "{{ ansible_facts.env.HOME }}/.mutt"
state: directory
- name: Set up mutt config
template:
src: muttrc.j2
dest: "{{ ansible_env.HOME }}/.mutt/muttrc"
dest: "{{ ansible_facts.env.HOME }}/.mutt/muttrc"

2
roles/mail/templates/muttrc.j2

@ -16,7 +16,7 @@ macro index c "<change-folder>?<toggle-mailboxes>" "open a different folder"
macro pager c "<change-folder>?<toggle-mailboxes>" "open a different folder"
# Sender
set from="Lukas Bestle <{{ mail_default_address[ansible_user_id] }}>"
set from="Lukas Bestle <{{ mail_default_address[ansible_facts.user_id] }}>"
# Sorting
set sort=threads

2
roles/mail/templates/qmail-dated.j2

@ -1,3 +1,3 @@
# Email address is valid for 7 days
|~/.linuxbrew/bin/qdated-check 604800
{{ ansible_user_id }}-lukas
{{ ansible_facts.user_id }}-lukas

26
roles/terminal/tasks/main.yml

@ -1,13 +1,13 @@
---
- name: Set authorized SSH keys
authorized_key:
user: "{{ ansible_user_id }}"
user: "{{ ansible_facts.user_id }}"
state: present
key: "{{ item }}"
with_file: authorized_keys
- name: Get current shell
shell: "getent passwd {{ ansible_user_id }} | cut -d: -f7"
shell: "getent passwd {{ ansible_facts.user_id }} | cut -d: -f7"
register: current_shell
changed_when: no
@ -18,37 +18,37 @@
- name: Copy dotfiles to home directory
copy:
src: dotfiles/
dest: "{{ ansible_env.HOME }}/"
dest: "{{ ansible_facts.env.HOME }}/"
mode: preserve
- name: Copy Git config to home directory
template:
src: gitconfig.j2
dest: "{{ ansible_env.HOME }}/.config/git/config"
dest: "{{ ansible_facts.env.HOME }}/.config/git/config"
- name: Remove unneeded files
file:
path: "{{ item }}"
state: absent
loop:
- "{{ ansible_env.HOME }}/.bash_history"
- "{{ ansible_env.HOME }}/.bash_logout"
- "{{ ansible_env.HOME }}/.bash_profile"
- "{{ ansible_env.HOME }}/.bashrc"
- "{{ ansible_env.HOME }}/.emacs"
- "{{ ansible_env.HOME }}/.zcompdump"
- "{{ ansible_env.HOME }}/.zshrc"
- "{{ ansible_facts.env.HOME }}/.bash_history"
- "{{ ansible_facts.env.HOME }}/.bash_logout"
- "{{ ansible_facts.env.HOME }}/.bash_profile"
- "{{ ansible_facts.env.HOME }}/.bashrc"
- "{{ ansible_facts.env.HOME }}/.emacs"
- "{{ ansible_facts.env.HOME }}/.zcompdump"
- "{{ ansible_facts.env.HOME }}/.zshrc"
- name: Download and update iTerm2 shell integration
get_url:
url: https://iterm2.com/shell_integration/fish
dest: "{{ ansible_env.HOME }}/.config/fish/conf.d/iterm2_integration.fish"
dest: "{{ ansible_facts.env.HOME }}/.config/fish/conf.d/iterm2_integration.fish"
force: yes
- name: Download and update Oh My Fish! packages
git:
repo: "{{ item.value }}"
dest: "{{ ansible_env.HOME }}/.config/fish/pkgs/{{ item.key }}"
dest: "{{ ansible_facts.env.HOME }}/.config/fish/pkgs/{{ item.key }}"
loop: "{{ omf_pkgs | dict2items }}"
notify: Collect fish functions from packages

2
roles/terminal/templates/gitconfig.j2

@ -1,6 +1,6 @@
; user settings
[user]
name = kodos-{{ ansible_user_id }}.codesignd.net
name = kodos-{{ ansible_facts.user_id }}.codesignd.net
email = hostmaster@codesignd.net
; core settings

40
roles/web/tasks/main.yml

@ -2,29 +2,29 @@
- name: Copy config to home directory
copy:
src: home/
dest: "{{ ansible_env.HOME }}/"
dest: "{{ ansible_facts.env.HOME }}/"
mode: preserve
- name: Create link at ~/web
file:
src: /var/www/virtual/{{ ansible_user_id }}
dest: "{{ ansible_env.HOME }}/web"
src: /var/www/virtual/{{ ansible_facts.user_id }}
dest: "{{ ansible_facts.env.HOME }}/web"
state: link
- name: Initialize ~/web/sites
file:
path: /var/www/virtual/{{ ansible_user_id }}/sites
path: /var/www/virtual/{{ ansible_facts.user_id }}/sites
state: directory
- name: Download and update projectr
git:
repo: https://github.com/lukasbestle/projectr.git
dest: "{{ ansible_env.HOME }}/.config/fish/pkgs/projectr"
dest: "{{ ansible_facts.env.HOME }}/.config/fish/pkgs/projectr"
- name: Set up deploy script
template:
src: deploy.php.j2
dest: /var/www/virtual/{{ ansible_user_id }}/html/deploy.php
dest: /var/www/virtual/{{ ansible_facts.user_id }}/html/deploy.php
- name: Read existing Uberspace domains
command: uberspace web domain list
@ -34,15 +34,15 @@
- name: Add configured domains to Uberspace config
shell: "uberspace web domain add $(idn {{ item.key }})"
when: item.key not in uberspace_web_domain_result.stdout_lines
loop: "{{ web_links.get(ansible_user_id, {}) | dict2items }}"
loop: "{{ web_links.get(ansible_facts.user_id, {}) | dict2items }}"
- name: Set up sites using projectr
command:
argv:
- site_add
- "{{ item.key }}"
creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}
loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}
loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
- name: Set up site origins using projectr (sites with origin)
command:
@ -50,8 +50,8 @@
- site_origin
- "{{ item.key }}"
- "{{ item.value }}"
creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/.origin
loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/.origin
loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
when: item.value != None
- name: Set up site origins using projectr (sites without origin)
@ -59,8 +59,8 @@
argv:
- site_origin
- "{{ item.key }}"
removes: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/.origin
loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
removes: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/.origin
loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
when: item.value == None
- name: Deploy sites using projectr (sites with origin)
@ -68,8 +68,8 @@
argv:
- site_deploy
- "{{ item.key }}"
creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/current
loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/current
loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
when: item.value != None
- name: Link sites to domains
@ -79,19 +79,19 @@
- "{{ item.value.site }}"
- "{{ item.key }}"
- "{{ item.value.get('path', '') }}"
creates: /var/www/virtual/{{ ansible_user_id }}/{{ item.key }}
loop: "{{ web_links.get(ansible_user_id, {}) | dict2items }}"
creates: /var/www/virtual/{{ ansible_facts.user_id }}/{{ item.key }}
loop: "{{ web_links.get(ansible_facts.user_id, {}) | dict2items }}"
- name: Ensure that qdated directories for all Mail Uberspaces exist
file:
path: "{{ ansible_env.HOME }}/.config/qdated/{{ hostvars[item].ansible_user_id }}"
path: "{{ ansible_facts.env.HOME }}/.config/qdated/{{ hostvars[item].ansible_facts.user_id }}"
state: directory
loop: "{{ groups.mail }}"
- name: Copy qdated keys from all Mail Uberspaces
copy:
content: "{{ hostvars[item].qdated_key }}"
dest: "{{ ansible_env.HOME }}/.config/qdated/{{ hostvars[item].ansible_user_id }}/.qdated-key"
dest: "{{ ansible_facts.env.HOME }}/.config/qdated/{{ hostvars[item].ansible_facts.user_id }}/.qdated-key"
loop: "{{ groups.mail }}"
- name: Set up qdated address generation cronjob
@ -99,7 +99,7 @@
name: "qdated generation"
hour: "2"
minute: "3"
job: "{{ ansible_env.HOME }}/bin/qdated-generate"
job: "{{ ansible_facts.env.HOME }}/bin/qdated-generate"
- name: Check if the access log is enabled
command: uberspace web log access status

2
roles/web/templates/deploy.php.j2

@ -21,7 +21,7 @@ define('SECRET', '{{ projectr_deploy_secret }}');
// Path where you installed the scripts from the "bin" directory of this repository
// This is required, as PHP doesn't automatically use the environment and therefore your $PATH from your shell
define('TOOLKIT_PATH', '/home/{{ ansible_user_id }}/.config/fish/pkgs/projectr/bin');
define('TOOLKIT_PATH', '/home/{{ ansible_facts.user_id }}/.config/fish/pkgs/projectr/bin');
// 2. Setup
// ====================

Loading…
Cancel
Save