Don't inject facts as vars

5 years ago · 38b3239854
parent bce3dc670b
commit 38b3239854
18 changed files with 73 additions and 72 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@ -1,4 +1,5 @@
 [defaults]
+inject_facts_as_vars = false
 inventory = hosts
 transport = ssh

--- a/roles/dav/tasks/main.yml
+++ b/roles/dav/tasks/main.yml
@ -8,7 +8,7 @@
 - name: Copy config to home directory
  copy:
    src: home/
-    dest: "{{ ansible_env.HOME }}/"
+    dest: "{{ ansible_facts.env.HOME }}/"
    mode: preserve
  tags: radicale-update
  notify: Restart Radicale
@ -16,13 +16,13 @@
 - name: Copy service config
  template:
    src: service.ini.j2
-    dest: "{{ ansible_env.HOME }}/etc/services.d/radicale.ini"
+    dest: "{{ ansible_facts.env.HOME }}/etc/services.d/radicale.ini"
  notify: Reread service config

 - name: Copy app config
  template:
    src: config.j2
-    dest: "{{ ansible_env.HOME }}/radicale/config"
+    dest: "{{ ansible_facts.env.HOME }}/radicale/config"
  tags: radicale-update
  notify: Restart Radicale

@ -52,12 +52,12 @@

 - name: Initialize storage repository
  command:
-    chdir: "{{ ansible_env.HOME }}/radicale/storage"
+    chdir: "{{ ansible_facts.env.HOME }}/radicale/storage"
    cmd: git init
-    creates: "{{ ansible_env.HOME }}/radicale/storage/.git"
+    creates: "{{ ansible_facts.env.HOME }}/radicale/storage/.git"

 - name: Set up garbage collection cronjob
  cron:
    name: "Garbage-collection"
    special_time: weekly
-    job: git --git-dir {{ ansible_env.HOME }}/radicale/storage/.git gc
+    job: git --git-dir {{ ansible_facts.env.HOME }}/radicale/storage/.git gc
--- a/roles/dav/templates/config.j2
+++ b/roles/dav/templates/config.j2
@ -3,14 +3,14 @@ hosts = 0.0.0.0:8080

 [auth]
 type = htpasswd
-htpasswd_filename = {{ ansible_env.HOME }}/radicale/users
+htpasswd_filename = {{ ansible_facts.env.HOME }}/radicale/users
 htpasswd_encryption = bcrypt
 realm = bstl DAV - Password Required

 [rights]
 type = from_file
-file = {{ ansible_env.HOME }}/radicale/rights
+file = {{ ansible_facts.env.HOME }}/radicale/rights

 [storage]
-filesystem_folder = {{ ansible_env.HOME }}/radicale/storage
+filesystem_folder = {{ ansible_facts.env.HOME }}/radicale/storage
 hook = git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
--- a/roles/dav/templates/service.ini.j2
+++ b/roles/dav/templates/service.ini.j2
@ -1,4 +1,4 @@
 [program:radicale]
-command={{ ansible_env.HOME }}/.local/bin/radicale --config {{ ansible_env.HOME }}/radicale/config
+command={{ ansible_facts.env.HOME }}/.local/bin/radicale --config {{ ansible_facts.env.HOME }}/radicale/config
 autostart=yes
 autorestart=yes
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@ -8,7 +8,7 @@
 - name: Copy config to home directory
  copy:
    src: home/
-    dest: "{{ ansible_env.HOME }}/"
+    dest: "{{ ansible_facts.env.HOME }}/"
    mode: preserve
  tags: gitea-update
  notify: Restart Gitea
@ -16,13 +16,13 @@
 - name: Copy service config
  template:
    src: service.ini.j2
-    dest: "{{ ansible_env.HOME }}/etc/services.d/gitea.ini"
+    dest: "{{ ansible_facts.env.HOME }}/etc/services.d/gitea.ini"
  notify: Reread service config

 - name: Copy app config
  template:
    src: app.ini.j2
-    dest: "{{ ansible_env.HOME }}/gitea/custom/conf/app.ini"
+    dest: "{{ ansible_facts.env.HOME }}/gitea/custom/conf/app.ini"
  tags: gitea-update
  notify: Restart Gitea

--- a/roles/git/templates/app.ini.j2
+++ b/roles/git/templates/app.ini.j2
@ -3,7 +3,7 @@
 ;  date:   2020-01-19

 APP_NAME = codesignd Git
-RUN_USER = {{ ansible_user_id }}
+RUN_USER = {{ ansible_facts.user_id }}
 RUN_MODE = prod

 ; Server settings
--- a/roles/git/templates/service.ini.j2
+++ b/roles/git/templates/service.ini.j2
@ -1,5 +1,5 @@
 [program:gitea]
-command={{ ansible_env.HOME }}/.linuxbrew/bin/gitea web
-environment=GITEA_WORK_DIR={{ ansible_env.HOME }}/gitea
+command={{ ansible_facts.env.HOME }}/.linuxbrew/bin/gitea web
+environment=GITEA_WORK_DIR={{ ansible_facts.env.HOME }}/gitea
 autostart=yes
 autorestart=yes
--- a/roles/homebrew/tasks/main.yml
+++ b/roles/homebrew/tasks/main.yml
@ -3,12 +3,12 @@
  git:
    repo: "https://github.com/Homebrew/brew.git"
    version: master
-    dest: "{{ ansible_env.HOME }}/.linuxbrew"
+    dest: "{{ ansible_facts.env.HOME }}/.linuxbrew"
  notify: Opt out from Homebrew analytics

 - name: Install Homebrew formulae
  homebrew:
    name: "{{ homebrew_formulae }}"
    state: latest
-    path: "{{ ansible_env.HOME}}/.linuxbrew/bin"
+    path: "{{ ansible_facts.env.HOME}}/.linuxbrew/bin"
    update_homebrew: yes
--- a/roles/host-site/tasks/main.yml
+++ b/roles/host-site/tasks/main.yml
@ -3,9 +3,9 @@
  import_role:
    name: snapstromegon.uberspace_web_domain
  vars:
-    domain: kodos-{{ ansible_user_id }}.codesignd.net
+    domain: kodos-{{ ansible_facts.user_id }}.codesignd.net

 - name: Set up host site
  template:
    src: index.html.j2
-    dest: /var/www/virtual/{{ ansible_user_id }}/html/index.html
+    dest: /var/www/virtual/{{ ansible_facts.user_id }}/html/index.html
--- a/roles/host-site/templates/index.html.j2
+++ b/roles/host-site/templates/index.html.j2
@ -4,7 +4,7 @@
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">

-    <title>kodos-{{ ansible_user_id }}.codesignd.net</title>
+    <title>kodos-{{ ansible_facts.user_id }}.codesignd.net</title>
    <meta name="robots" content="noindex, nofollow">

    <style>
@ -116,7 +116,7 @@
  <body>
    <main>
      <svg viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><g fill="none"><path class="cog" d="M475.28 853.557L408.45 999.43a503.966 503.966 0 0 1-78.883-21.084l15.057-159.725a354.034 354.034 0 0 1-42.828-24.777l-130.73 92.853a510.782 510.782 0 0 1-57.761-57.762l92.853-130.729a354.034 354.034 0 0 1-24.777-42.828L21.655 670.434A503.967 503.967 0 0 1 .57 591.55l145.872-66.831a359.603 359.603 0 0 1-.85-24.72c0-8.31.287-16.553.85-24.72L.57 408.45a503.966 503.966 0 0 1 21.084-78.883l159.725 15.057a354.034 354.034 0 0 1 24.777-42.828l-92.853-130.73a510.782 510.782 0 0 1 57.762-57.761l130.729 92.853a354.034 354.034 0 0 1 42.828-24.777L329.566 21.655A503.967 503.967 0 0 1 408.45.57l66.831 145.872a359.404 359.404 0 0 1 49.44 0L591.55.57a503.966 503.966 0 0 1 78.883 21.084L655.377 181.38a354.034 354.034 0 0 1 42.828 24.777l130.73-92.853a510.782 510.782 0 0 1 57.761 57.762l-92.853 130.729a354.034 354.034 0 0 1 24.777 42.828l159.725-15.057a503.967 503.967 0 0 1 21.084 78.883L853.557 475.28a359.404 359.404 0 0 1 0 49.44l145.873 66.83a503.966 503.966 0 0 1-21.084 78.883L818.62 655.377a354.034 354.034 0 0 1-24.777 42.828l92.853 130.73a510.782 510.782 0 0 1-57.762 57.761l-130.729-92.853a354.034 354.034 0 0 1-42.828 24.777l15.057 159.725a503.967 503.967 0 0 1-78.883 21.084L524.72 853.557a359.404 359.404 0 0 1-49.44 0zM787.356 500c0-158.703-128.653-287.356-287.356-287.356S212.644 341.297 212.644 500 341.297 787.356 500 787.356 787.356 658.703 787.356 500z" fill="#F4B971"/><path stroke="#0BB888" stroke-width="57.471" d="M500 346.743l132.724 76.629v153.256L500 653.257l-132.724-76.629V423.372z"/><circle stroke="#ED8F1B" stroke-width="118.774" cx="500.001" cy="500" r="318.008"/></g></svg>
-      <h1><span>kodos-{{ ansible_user_id }}</span>.codesignd.net</h1>
+      <h1><span>kodos-{{ ansible_facts.user_id }}</span>.codesignd.net</h1>
    </main>

    <footer>
--- a/roles/mail-redirect/tasks/main.yml
+++ b/roles/mail-redirect/tasks/main.yml
@ -2,14 +2,14 @@
 - name: Set up email redirect
  copy:
    content: "{{ mail_redirect_to }}"
-    dest: "{{ ansible_env.HOME }}/.qmail"
+    dest: "{{ ansible_facts.env.HOME }}/.qmail"

 - name: Delete catch-all address and local Maildirs
  file:
    path: "{{ item }}"
    state: absent
  loop:
-    - "{{ ansible_env.HOME }}/.spamfolder"
-    - "{{ ansible_env.HOME }}/.qmail-default"
-    - "{{ ansible_env.HOME }}/Maildir"
-    - "{{ ansible_env.HOME }}/users"
+    - "{{ ansible_facts.env.HOME }}/.spamfolder"
+    - "{{ ansible_facts.env.HOME }}/.qmail-default"
+    - "{{ ansible_facts.env.HOME }}/Maildir"
+    - "{{ ansible_facts.env.HOME }}/users"
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@ -7,11 +7,11 @@
 - name: Add configured domains to Uberspace config
  shell: "uberspace mail domain add $(idn {{ item }})"
  when: item not in uberspace_mail_domain_result.stdout_lines
-  loop: "{{ mail_domains.get(ansible_user_id, []) }}"
+  loop: "{{ mail_domains.get(ansible_facts.user_id, []) }}"

 - name: Delete system Maildir
  file:
-    path: "{{ ansible_env.HOME }}/Maildir"
+    path: "{{ ansible_facts.env.HOME }}/Maildir"
    state: absent

 - name: Set up local mail user
@ -19,7 +19,7 @@
    name: snapstromegon.uberspace_mail_user
  vars:
    user: lukas
-    password: "{{ mail_passwords[ansible_user_id] }}"
+    password: "{{ mail_passwords[ansible_facts.user_id] }}"

 - name: Enable catchall mode
  import_role:
@ -30,11 +30,11 @@
 - name: Create qdated key
  command:
    cmd: qdated-makekey
-    creates: "{{ ansible_env.HOME }}/.qdated-key"
+    creates: "{{ ansible_facts.env.HOME }}/.qdated-key"

 - name: Read qdated key
  slurp:
-    src: "{{ ansible_env.HOME }}/.qdated-key"
+    src: "{{ ansible_facts.env.HOME }}/.qdated-key"
  register: qdated_key
  no_log: yes

@ -46,14 +46,14 @@
 - name: Set up .qmail-dated-default file
  template:
    src: qmail-dated.j2
-    dest: "{{ ansible_env.HOME }}/.qmail-dated-default"
+    dest: "{{ ansible_facts.env.HOME }}/.qmail-dated-default"

 - name: Create mutt config directory
  file:
-    path: "{{ ansible_env.HOME }}/.mutt"
+    path: "{{ ansible_facts.env.HOME }}/.mutt"
    state: directory

 - name: Set up mutt config
  template:
    src: muttrc.j2
-    dest: "{{ ansible_env.HOME }}/.mutt/muttrc"
+    dest: "{{ ansible_facts.env.HOME }}/.mutt/muttrc"
--- a/roles/mail/templates/muttrc.j2
+++ b/roles/mail/templates/muttrc.j2
@ -16,7 +16,7 @@ macro index c "<change-folder>?<toggle-mailboxes>" "open a different folder"
 macro pager c "<change-folder>?<toggle-mailboxes>" "open a different folder"

 # Sender
-set from="Lukas Bestle <{{ mail_default_address[ansible_user_id] }}>"
+set from="Lukas Bestle <{{ mail_default_address[ansible_facts.user_id] }}>"

 # Sorting
 set sort=threads
--- a/roles/mail/templates/qmail-dated.j2
+++ b/roles/mail/templates/qmail-dated.j2
@ -1,3 +1,3 @@
 # Email address is valid for 7 days
 |~/.linuxbrew/bin/qdated-check 604800
-{{ ansible_user_id }}-lukas
+{{ ansible_facts.user_id }}-lukas
--- a/roles/terminal/tasks/main.yml
+++ b/roles/terminal/tasks/main.yml
@ -1,13 +1,13 @@
 ---
 - name: Set authorized SSH keys
  authorized_key:
-    user: "{{ ansible_user_id }}"
+    user: "{{ ansible_facts.user_id }}"
    state: present
    key: "{{ item }}"
  with_file: authorized_keys

 - name: Get current shell
-  shell: "getent passwd {{ ansible_user_id }} | cut -d: -f7"
+  shell: "getent passwd {{ ansible_facts.user_id }} | cut -d: -f7"
  register: current_shell
  changed_when: no

@ -18,37 +18,37 @@
 - name: Copy dotfiles to home directory
  copy:
    src: dotfiles/
-    dest: "{{ ansible_env.HOME }}/"
+    dest: "{{ ansible_facts.env.HOME }}/"
    mode: preserve

 - name: Copy Git config to home directory
  template:
    src: gitconfig.j2
-    dest: "{{ ansible_env.HOME }}/.config/git/config"
+    dest: "{{ ansible_facts.env.HOME }}/.config/git/config"

 - name: Remove unneeded files
  file:
    path: "{{ item }}"
    state: absent
  loop:
-    - "{{ ansible_env.HOME }}/.bash_history"
-    - "{{ ansible_env.HOME }}/.bash_logout"
-    - "{{ ansible_env.HOME }}/.bash_profile"
-    - "{{ ansible_env.HOME }}/.bashrc"
-    - "{{ ansible_env.HOME }}/.emacs"
-    - "{{ ansible_env.HOME }}/.zcompdump"
-    - "{{ ansible_env.HOME }}/.zshrc"
+    - "{{ ansible_facts.env.HOME }}/.bash_history"
+    - "{{ ansible_facts.env.HOME }}/.bash_logout"
+    - "{{ ansible_facts.env.HOME }}/.bash_profile"
+    - "{{ ansible_facts.env.HOME }}/.bashrc"
+    - "{{ ansible_facts.env.HOME }}/.emacs"
+    - "{{ ansible_facts.env.HOME }}/.zcompdump"
+    - "{{ ansible_facts.env.HOME }}/.zshrc"

 - name: Download and update iTerm2 shell integration
  get_url:
    url: https://iterm2.com/shell_integration/fish
-    dest: "{{ ansible_env.HOME }}/.config/fish/conf.d/iterm2_integration.fish"
+    dest: "{{ ansible_facts.env.HOME }}/.config/fish/conf.d/iterm2_integration.fish"
    force: yes

 - name: Download and update Oh My Fish! packages
  git:
    repo: "{{ item.value }}"
-    dest: "{{ ansible_env.HOME }}/.config/fish/pkgs/{{ item.key }}"
+    dest: "{{ ansible_facts.env.HOME }}/.config/fish/pkgs/{{ item.key }}"
  loop: "{{ omf_pkgs | dict2items }}"
  notify: Collect fish functions from packages

--- a/roles/terminal/templates/gitconfig.j2
+++ b/roles/terminal/templates/gitconfig.j2
@ -1,6 +1,6 @@
 ; user settings
 [user]
-	name = kodos-{{ ansible_user_id }}.codesignd.net
+	name = kodos-{{ ansible_facts.user_id }}.codesignd.net
 	email = hostmaster@codesignd.net

 ; core settings
--- a/roles/web/tasks/main.yml
+++ b/roles/web/tasks/main.yml
@ -2,29 +2,29 @@
 - name: Copy config to home directory
  copy:
    src: home/
-    dest: "{{ ansible_env.HOME }}/"
+    dest: "{{ ansible_facts.env.HOME }}/"
    mode: preserve

 - name: Create link at ~/web
  file:
-    src: /var/www/virtual/{{ ansible_user_id }}
-    dest: "{{ ansible_env.HOME }}/web"
+    src: /var/www/virtual/{{ ansible_facts.user_id }}
+    dest: "{{ ansible_facts.env.HOME }}/web"
    state: link

 - name: Initialize ~/web/sites
  file:
-    path: /var/www/virtual/{{ ansible_user_id }}/sites
+    path: /var/www/virtual/{{ ansible_facts.user_id }}/sites
    state: directory

 - name: Download and update projectr
  git:
    repo: https://github.com/lukasbestle/projectr.git
-    dest: "{{ ansible_env.HOME }}/.config/fish/pkgs/projectr"
+    dest: "{{ ansible_facts.env.HOME }}/.config/fish/pkgs/projectr"

 - name: Set up deploy script
  template:
    src: deploy.php.j2
-    dest: /var/www/virtual/{{ ansible_user_id }}/html/deploy.php
+    dest: /var/www/virtual/{{ ansible_facts.user_id }}/html/deploy.php

 - name: Read existing Uberspace domains
  command: uberspace web domain list
@ -34,15 +34,15 @@
 - name: Add configured domains to Uberspace config
  shell: "uberspace web domain add $(idn {{ item.key }})"
  when: item.key not in uberspace_web_domain_result.stdout_lines
-  loop: "{{ web_links.get(ansible_user_id, {}) | dict2items }}"
+  loop: "{{ web_links.get(ansible_facts.user_id, {}) | dict2items }}"

 - name: Set up sites using projectr
  command:
    argv:
      - site_add
      - "{{ item.key }}"
-    creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}
-  loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
+    creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}
+  loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"

 - name: Set up site origins using projectr (sites with origin)
  command:
@ -50,8 +50,8 @@
      - site_origin
      - "{{ item.key }}"
      - "{{ item.value }}"
-    creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/.origin
-  loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
+    creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/.origin
+  loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
  when: item.value != None

 - name: Set up site origins using projectr (sites without origin)
@ -59,8 +59,8 @@
    argv:
      - site_origin
      - "{{ item.key }}"
-    removes: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/.origin
-  loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
+    removes: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/.origin
+  loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
  when: item.value == None

 - name: Deploy sites using projectr (sites with origin)
@ -68,8 +68,8 @@
    argv:
      - site_deploy
      - "{{ item.key }}"
-    creates: /var/www/virtual/{{ ansible_user_id }}/sites/{{ item.key }}/current
-  loop: "{{ web_sites.get(ansible_user_id, {}) | dict2items }}"
+    creates: /var/www/virtual/{{ ansible_facts.user_id }}/sites/{{ item.key }}/current
+  loop: "{{ web_sites.get(ansible_facts.user_id, {}) | dict2items }}"
  when: item.value != None

 - name: Link sites to domains
@ -79,19 +79,19 @@
      - "{{ item.value.site }}"
      - "{{ item.key }}"
      - "{{ item.value.get('path', '') }}"
-    creates: /var/www/virtual/{{ ansible_user_id }}/{{ item.key }}
-  loop: "{{ web_links.get(ansible_user_id, {}) | dict2items }}"
+    creates: /var/www/virtual/{{ ansible_facts.user_id }}/{{ item.key }}
+  loop: "{{ web_links.get(ansible_facts.user_id, {}) | dict2items }}"

 - name: Ensure that qdated directories for all Mail Uberspaces exist
  file:
-    path: "{{ ansible_env.HOME }}/.config/qdated/{{ hostvars[item].ansible_user_id }}"
+    path: "{{ ansible_facts.env.HOME }}/.config/qdated/{{ hostvars[item].ansible_facts.user_id }}"
    state: directory
  loop: "{{ groups.mail }}"

 - name: Copy qdated keys from all Mail Uberspaces
  copy:
    content: "{{ hostvars[item].qdated_key }}"
-    dest: "{{ ansible_env.HOME }}/.config/qdated/{{ hostvars[item].ansible_user_id }}/.qdated-key"
+    dest: "{{ ansible_facts.env.HOME }}/.config/qdated/{{ hostvars[item].ansible_facts.user_id }}/.qdated-key"
  loop: "{{ groups.mail }}"

 - name: Set up qdated address generation cronjob
@ -99,7 +99,7 @@
    name: "qdated generation"
    hour: "2"
    minute: "3"
-    job: "{{ ansible_env.HOME }}/bin/qdated-generate"
+    job: "{{ ansible_facts.env.HOME }}/bin/qdated-generate"

 - name: Check if the access log is enabled
  command: uberspace web log access status
--- a/roles/web/templates/deploy.php.j2
+++ b/roles/web/templates/deploy.php.j2
@ -21,7 +21,7 @@ define('SECRET', '{{ projectr_deploy_secret }}');

 // Path where you installed the scripts from the "bin" directory of this repository
 // This is required, as PHP doesn't automatically use the environment and therefore your $PATH from your shell
-define('TOOLKIT_PATH', '/home/{{ ansible_user_id }}/.config/fish/pkgs/projectr/bin');
+define('TOOLKIT_PATH', '/home/{{ ansible_facts.user_id }}/.config/fish/pkgs/projectr/bin');

 // 2. Setup
 // ====================