refactor!: switch hosts variables to a flat layout

2024-01-21 00:00:00 +00:00 · 2024-01-21 00:00:00 +00:00 · 779f2766f2
commit 779f2766f2
parent f669dea62a
33 changed files with 270 additions and 322 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/defaults/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/defaults/main.yml
@ -1,20 +1,14 @@
 ---
-common:
-  apt:
-    source_components: ['contrib', 'non-free', 'non-free-firmware']
-    packages: []
-    deb822_format: false
-  git:
-    enable: false
-    username: ""
-    email: ""
-    force_sign: false
-    signing_key: ""
-  github_token: "{{ custom_github_token | default('') }}"
-  install_fonts: false
-  sysctl: {}
-  user_account: "{{ custom_base_user_account | default('root') }}"
-  configure_resolv_conf: false
-
-custom_common: {}
-recursive_combine: true
+common_apt_packages: []
+common_apt_source_components: ["contrib", "non-free", "non-free-firmware"]
+common_apt_use_deb822_format: false
+common_configure_resolve_conf: false
+common_git_email: ""
+common_git_enabled: false
+common_git_force_sign: false
+common_git_signing_key: ""
+common_git_username: ""
+common_github_token: "{{ custom_github_token | default('') }}"
+common_install_fonts: false
+common_sysctl_configuration: {}
+common_user_account: "{{ custom_base_user_account }}"
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml
@ -2,16 +2,16 @@
 - name: '[home] get user account information'
  ansible.builtin.getent:
    database: passwd
-    key: "{{ common.user_account }}"
+    key: "{{ common_user_account }}"
    split: ":"
  changed_when: false
-  when: ansible_facts['getent_passwd'] is undefined or common.user_account not in ansible_facts['getent_passwd']
+  when: ansible_facts['getent_passwd'] is undefined or common_user_account not in ansible_facts['getent_passwd']

 - name: '[home] create common directories'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  ansible.builtin.file:
-    path: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item }}"
+    path: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/{{ item }}"
    state: directory
    mode: '0750'
  loop:
@ -22,19 +22,19 @@

 - name: '[home] setup home files'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  block:
    - name: '[home] git configuration'
      ansible.builtin.template:
        src: ../templates/home/.gitconfig.j2
-        dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.gitconfig"
+        dest: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/.gitconfig"
        mode: '0640'
-      when: common.git.enable is truthy
+      when: common_git_enabled is truthy

    - name: '[home] basic files'
      ansible.builtin.copy:
        src: "../templates/home/{{ item.name }}"
-        dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item.name }}"
+        dest: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/{{ item.name }}"
        mode: "{{ item.mode | default('0640') }}"
      loop:
        - { name: ".lessfilter", mode: '0750' }
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml
@ -1,9 +1,4 @@
 ---
- name: '[setup] merge with custom vars'
-  ansible.builtin.set_fact:
-    common: "{{ common | combine(custom_common, recursive=recursive_combine) }}"
-  changed_when: false
-
 - name: '[system] setup DNS server'
  block:
    - name: disable resolv.conf updates from dhclient
@ -25,7 +20,7 @@
        owner: root
        group: root
  become: true
-  when: common.configure_resolv_conf is truthy
+  when: common_configure_resolve_conf is truthy

 - name: '[system] re-allow DHCP client to setup DNS resolvers'
  become: true
@ -33,7 +28,7 @@
    path: /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate
    state: absent
  failed_when: false
-  when : common.configure_resolv_conf is falsy
+  when : common_configure_resolve_conf is falsy

 - name: '[apt] verify components of default sources'
  become: true
@ -43,15 +38,15 @@
        path: '/etc/apt/sources.list'
        regexp: '^(deb((?!{{ item }}).)+)$'
        replace: '\1 {{ item }}'
-      when: not common.apt.deb822_format | bool
-      loop: '{{ common.apt.source_components }}'
+      loop: '{{ common_apt_source_components }}'
+      when: common_apt_use_deb822_format is falsy
    - name: '[apt] default deb822 debian.sources'
      ansible.builtin.replace:
        path: '/etc/apt/sources.list.d/debian.sources'
        regexp: '^(Components: ((?!{{ item }}).)+)$'
        replace: '\1 {{ item }}'
-      loop: '{{ common.apt.source_components }}'
-      when: common.apt.deb822_format | bool
+      loop: '{{ common_apt_source_components }}'
+      when: common_apt_use_deb822_format is truthy

 - name: '[apt] install dependencies and tools'
  become: true
@ -98,7 +93,7 @@
    asset_type: "{{ item.asset_type }}"
    cmds: "{{ item.cmds | default([]) }}"
    creates: "{{ item.creates | default('') }}"
-    github_token: "{{ common.github_token }}"
+    github_token: "{{ common_github_token }}"
    repository: "{{ item.repository }}"
    version: "{{ item.version | default('') }}"
  loop:
@ -144,9 +139,9 @@
    src: ../templates/system/sysctld.local.conf.j2
    dest: /etc/sysctl.d/local.conf
    mode: '0644'
-  when: common.sysctl is truthy
+  when: common_sysctl_configuration is truthy
  vars:
-    sysctl_values: "{{ common.sysctl }}"
+    sysctl_values: "{{ common_sysctl_configuration }}"
  notify:
    - 'common : [system] reload sysctl configuration'

@ -156,8 +151,7 @@
    update_cache: true
    force_apt_get: true
    cache_valid_time: 3600
-    pkg:
-      "{{ common.apt.packages }}"
+    pkg: "{{ common_apt_packages }}"

 - include_tasks: home_setup.yml

--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml
@ -2,10 +2,10 @@
 - name: '[home] get user account information'
  ansible.builtin.getent:
    database: passwd
-    key: "{{ common.user_account }}"
+    key: "{{ common_user_account }}"
    split: ":"
  changed_when: false
-  when: ansible_facts['getent_passwd'] is undefined or common.user_account not in ansible_facts['getent_passwd']
+  when: ansible_facts['getent_passwd'] is undefined or common_user_account not in ansible_facts['getent_passwd']

 - name: '[shell] install ZSH and dependencies'
  become: true
@ -20,7 +20,7 @@

 - name: '[shell] install custom fonts'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  block:
    - name: '[fonts] add fonts tooling'
      become_user: root
@ -34,18 +34,18 @@
    - name: '[fonts] adding fonts'
      ansible.builtin.copy:
        src: ../assets/fonts/
-        dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.local/share/fonts"
+        dest: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/.local/share/fonts"
        mode: '0640'

    - name: '[fonts] refresh fonts cache'
      ansible.builtin.command:
        cmd: fc-cache
      changed_when: false
-  when: common.install_fonts is truthy
+  when: common_install_fonts is truthy

 - name: '[shell] install Oh-My-ZSH'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  block:
    - name: '[omz] get install script'
      ansible.builtin.get_url:
@ -56,22 +56,22 @@
    - name: '[omz] install OMZ'
      ansible.builtin.command:
        cmd: sh /tmp/zsh-install.sh --unattended
-        creates: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.oh-my-zsh"
+        creates: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/.oh-my-zsh"

 - name: '[shell] install powerlevel10k customization for OMZ'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  ansible.builtin.git:
    repo: https://github.com/romkatv/powerlevel10k.git
-    dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.oh-my-zsh/custom/themes/powerlevel10k"
+    dest: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/.oh-my-zsh/custom/themes/powerlevel10k"
    depth: 1

 - name: '[home] copy zsh files'
  become: true
-  become_user: "{{ common.user_account }}"
+  become_user: "{{ common_user_account }}"
  ansible.builtin.copy:
    src: "../templates/home/{{ item }}"
-    dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item }}"
+    dest: "{{ ansible_facts['getent_passwd'][common_user_account][4] }}/{{ item }}"
    mode: '0640'
  loop:
    - .p10k.zsh
@ -84,6 +84,6 @@
 - name: '[shell] update user shell to ZSH'
  become: true
  ansible.builtin.user:
-    name: "{{ common.user_account }}"
+    name: "{{ common_user_account }}"
    shell: "/usr/bin/zsh"
    state: present
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/templates/home/.gitconfig.j2
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/templates/home/.gitconfig.j2
@ -1,22 +1,22 @@
 [user]
-    name = {{ common.git.username }}
-    email = {{ common.git.email }}
-{% if common.git.force_sign and common.git.signing_key %}
-    signingkey = {{ common.git.signing_key }}
-{% endif %}
+    name = {{ common_git_username }}
+    email = {{ common_git_email }}
+    {%- if common_git_force_sign and common_git_signing_key +%}
+    signingkey = {{ common_git_signing_key }}
+    {%- endif +%}
 [commit]
-{% if common.git.force_sign %}
+    {% if common_git_force_sign -%}
    gpgsign = true
-{% else %}
+    {%- else -%}
    gpgsign = false
-{% endif %}
+    {%- endif +%}
 [tag]
-{% if common.git.force_sign %}
+    {% if common_git_force_sign -%}
    gpgsign = true
-{% else %}
+    {%- else -%}
    gpgsign = false
-{% endif -%}
-{% raw %}
+    {%- endif +%}
+{%- raw %}
 [alias]
    br = "branch"
    ci = "commit"
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/templates/system/resolv.conf.j2
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/templates/system/resolv.conf.j2
@ -1,10 +1,12 @@
-{% if dns[dns.type].dns4 is defined and dns[dns.type].dns4 | length > 0 -%}
-{% for server in dns[dns.type].dns4 -%}
+{% set dns4_servers = hostvars[inventory_hostname]["global_dns_{}_dns4".format(global_dns_type)] | default([]) %}
+{% set dns6_servers = hostvars[inventory_hostname]["global_dns_{}_dns6".format(global_dns_type)] | default([]) %}
+{% if dns4_servers is defined and dns4_servers | length > 0 -%}
+{% for server in dns4_servers -%}
 nameserver {{ server }}
 {% endfor %}
 {% endif %}
-{% if ip_dualstack | default(false) and dns[dns.type].dns6 is defined and dns[dns.type].dns6 | length > 0 -%}
-{% for server in dns[dns.type].dns6 -%}
+{% if global_ip_dualstack | default(false) and dns6_servers is defined and dns6_servers | length > 0 -%}
+{% for server in dns6_servers -%}
 nameserver {{ server }}
 {% endfor %}
 {% endif %}
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/templates/system/sysctld.local.conf.j2
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/templates/system/sysctld.local.conf.j2
@ -1,3 +1,3 @@
-{% for item in sysctl_values.keys() -%}
-    {{ item }} = {{ sysctl_values[item] }}
+{% for item in common_sysctl_configuration.keys() -%}
+    {{ item }} = {{ common_sysctl_configuration[item] }}
 {% endfor %}