refactor!: switch hosts variables to a flat layout

collections/ansible_collections/nullified/infrastructure/roles/workstation/defaults/main.yml

@@ -1,7 +1,3 @@
 ---
-workstation:
-  github_token: "{{ custom_github_token | default('') }}"
-  user_account: "{{ custom_base_user_account | default('root') }}"
-
-custom_workstation: {}
-recursive_combine: true
+workstation_user_account: "{{ custom_base_user_account }}"
+workstation_github_token: "{{ custom_github_token | default('') }}"

collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml

@@ -1,24 +1,19 @@
 ---
-- name: '[setup] merge with custom vars'
-  ansible.builtin.set_fact:
-    workstation: "{{ workstation | combine(custom_workstation, recursive=recursive_combine) }}"
-  changed_when: false
-
 - name: '[home] get user account information'
   ansible.builtin.getent:
     database: passwd
-    key: "{{ workstation.user_account }}"
+    key: "{{ workstation_user_account }}"
     split: ":"
   changed_when: false
-  when: ansible_facts['getent_passwd'] is undefined or workstation.user_account not in ansible_facts['getent_passwd']
+  when: ansible_facts['getent_passwd'] is undefined or workstation_user_account not in ansible_facts['getent_passwd']
 
 - name: '[setup] ensure expected home directories exist'
   become: true
   ansible.builtin.file:
-    path: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/{{ item }}"
+    path: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/{{ item }}"
     state: directory
-    owner: "{{ workstation.user_account }}"
-    group: "{{ workstation.user_account }}"
+    owner: "{{ workstation_user_account }}"
+    group: "{{ workstation_user_account }}"
     mode: '0750'
   loop:
     - .local/bin
@@ -78,14 +73,14 @@
 - name: '[setup] add user to sudo group'
   become: true
   ansible.builtin.user:
-    name: "{{ workstation.user_account }}"
+    name: "{{ workstation_user_account }}"
     groups:
       - sudo
     append: true
 
 - name: '[setup] setup Flatpak'
   become: true
-  become_user: "{{ workstation.user_account }}"
+  become_user: "{{ workstation_user_account }}"
   block:
     - name: '[flatpak] add flatpak repos'
       ansible.builtin.command:
@@ -104,7 +99,7 @@
 - name: '[github] install tools'
   become: true
   nullified.infrastructure.github_artifact:
-    github_token: '{{ workstation.github_token }}'
+    github_token: '{{ workstation_github_token }}'
     asset_name: "{{ item.asset_name | default('') }}"
     asset_type: "{{ item.asset_type }}"
     cmds: "{{ item.cmds | default([]) }}"
@@ -142,8 +137,8 @@
   ansible.builtin.file:
     path: "{{ item.path }}"
     mode: "{{ item.mode | default('0750') }}"
-    owner: "{{ item.owner | default(workstation.user_account) }}"
-    group: "{{ item.group | default(workstation.user_account) }}"
+    owner: "{{ item.owner | default(workstation_user_account) }}"
+    group: "{{ item.group | default(workstation_user_account) }}"
     state: directory
   loop:
     - { path: '/opt/git/foss' }
@@ -153,22 +148,22 @@
 
 - name: '[emacs] fetch emacs configuration files'
   become: true
-  become_user: "{{ workstation.user_account }}"
+  become_user: "{{ workstation_user_account }}"
   ansible.builtin.git:
     repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git"
-    dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.emacs.d"
+    dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.emacs.d"
     force: false
 
 - name: '[config] set tools configuration'
   become: true
-  become_user: "{{ workstation.user_account }}"
+  become_user: "{{ workstation_user_account }}"
   ansible.builtin.copy:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: "{{ item.mode | default('0640') }}"
   loop:
-    - { src: "../templates/.config/terminator", dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config" }
-    - { src: "../templates/.config/vlc", dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config" }
+    - { src: "../templates/.config/terminator", dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.config" }
+    - { src: "../templates/.config/vlc", dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.config" }
 
 - name: '[authenticator] find if binary is already installed'
   ansible.builtin.file:
@@ -184,8 +179,8 @@
     - name: '[yubico] prepare target directory'
       ansible.builtin.file:
         path: "{{ item }}"
-        owner: "{{ workstation.user_account }}"
-        group: "{{ workstation.user_account }}"
+        owner: "{{ workstation_user_account }}"
+        group: "{{ workstation_user_account }}"
         mode: '0750'
         state: directory
       loop:
@@ -197,8 +192,8 @@
         src: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz
         remote_src: true
         dest: /tmp/yubico-unarchive
-        owner: "{{ workstation.user_account }}"
-        group: "{{ workstation.user_account }}"
+        owner: "{{ workstation_user_account }}"
+        group: "{{ workstation_user_account }}"
 
     - name: '[yubico] find extracted directory'
       ansible.builtin.command:
@@ -211,8 +206,8 @@
         remote_src: true
         src: "{{ yubico_extract_path.stdout }}/"
         dest: /opt/yubico-authenticator
-        owner: "{{ workstation.user_account }}"
-        group: "{{ workstation.user_account }}"
+        owner: "{{ workstation_user_account }}"
+        group: "{{ workstation_user_account }}"
 
     - name: '[yubico] cleanup'
       ansible.builtin.file:
@@ -222,24 +217,24 @@
     - name: '[yubico] create shell wrapper'
       ansible.builtin.template:
         src: ../templates/bin_wrapper.sh.j2
-        dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/bin/authenticator"
+        dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.local/bin/authenticator"
         mode: '0750'
-        owner: "{{ workstation.user_account }}"
-        group: "{{ workstation.user_account }}"
+        owner: "{{ workstation_user_account }}"
+        group: "{{ workstation_user_account }}"
       vars:
         application: "/opt/yubico-authenticator/authenticator"
 
     - name: '[yubico] create desktop entry'
       ansible.builtin.template:
         src: ../templates/desktop_app.j2
-        dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/share/applications/authenticator.desktop"
+        dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.local/share/applications/authenticator.desktop"
         mode: '0600'
-        owner: "{{ workstation.user_account }}"
-        group: "{{ workstation.user_account }}"
+        owner: "{{ workstation_user_account }}"
+        group: "{{ workstation_user_account }}"
       vars:
         application:
           nodisplay: false
-          exec_cmd: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/bin/authenticator"
+          exec_cmd: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.local/bin/authenticator"
           name: "Authenticator"
 
 - include_tasks: window_manager.yml

collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml

@@ -2,10 +2,10 @@
 - name: '[home] get user account information'
   ansible.builtin.getent:
     database: passwd
-    key: "{{ workstation.user_account }}"
+    key: "{{ workstation_user_account }}"
     split: ":"
   changed_when: false
-  when: ansible_facts['getent_passwd'] is undefined or workstation.user_account not in ansible_facts['getent_passwd']
+  when: ansible_facts['getent_passwd'] is undefined or workstation_user_account not in ansible_facts['getent_passwd']
 
 - name: '[awesomewm] install dependencies'
   become: true
@@ -61,7 +61,7 @@
   block:
     - name: '[lua-lgi] fetch source'
       become: true
-      become_user: "{{ workstation.user_account }}"
+      become_user: "{{ workstation_user_account }}"
       ansible.builtin.git:
         repo: https://github.com/lgi-devs/lgi.git
         dest: /opt/git/foss/lua-lgi
@@ -96,7 +96,7 @@
   block:
     - name: '[awesomewm] fetch source'
       become: true
-      become_user: "{{ workstation.user_account }}"
+      become_user: "{{ workstation_user_account }}"
       ansible.builtin.git:
         repo: https://github.com/awesomeWM/awesome.git
         dest: /opt/git/foss/awesomeWM
@@ -108,7 +108,7 @@
 
     - name: '[awesomewm] building project'
       become: true
-      become_user: "{{ workstation.user_account }}"
+      become_user: "{{ workstation_user_account }}"
       ansible.builtin.command:
         chdir: /opt/git/foss/awesomeWM
         cmd: 'make'
@@ -125,19 +125,19 @@
 
 - name: '[awesomewm] setup configuration'
   become: true
-  become_user: "{{ workstation.user_account }}"
+  become_user: "{{ workstation_user_account }}"
   block:
     - name: '[awesomewm] fetch copycats base'
       ansible.builtin.git:
         repo: https://github.com/lcpz/awesome-copycats.git
-        dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config/awesome"
+        dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.config/awesome"
         depth: 1
         recursive: true
         force: false
     - name: '[awesomewm] copy customization'
       ansible.builtin.copy:
         src: ../templates/.config/awesome/
-        dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config/awesome"
+        dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.config/awesome"
         mode: '0640'
 
 - name: '[home] copy X related configuration'
@@ -151,4 +151,4 @@
     - name: '[x11] user .xsession'
       ansible.builtin.copy:
         src: ../templates/.xsession
-        dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.xsession"
+        dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.xsession"