From ccf581edaa12bb8519679d2d3d4f9a37bbbbfed7 Mon Sep 17 00:00:00 2001 From: Jannik Beyerstedt Date: Sat, 20 Dec 2025 21:01:23 +0100 Subject: [PATCH] [TIDY] Move to ansible_facts dict instead of injected variables --- defaults/main.yml | 2 +- tasks/distribute.yml | 2 +- tasks/main.yml | 16 ++++++++-------- templates/tinc-down.j2 | 6 +++--- templates/tinc-up.j2 | 6 +++--- templates/tinc.conf.j2 | 8 ++++---- 6 files changed, 20 insertions(+), 20 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e2c75df..843f490 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,7 +1,7 @@ --- # defaults file for tinc tinc_base_dir: /etc/tinc -tinc_tmp_pubkey: "tmp/rsa_key-{{ ansible_hostname | replace('-', '_') }}.pub" +tinc_tmp_pubkey: "tmp/rsa_key-{{ ansible_facts['hostname'] | replace('-', '_') }}.pub" # ID of the vpn to create tinc_vpn_id: vpn0 diff --git a/tasks/distribute.yml b/tasks/distribute.yml index 0386f48..d680edb 100644 --- a/tasks/distribute.yml +++ b/tasks/distribute.yml @@ -2,7 +2,7 @@ # Tinc VPN Hostfile Distribution - name: Distribute - Set different base dir for macOS - when: (override_os_family is defined) | ternary(override_os_family,ansible_os_family) == "Darwin" + when: (override_os_family is defined) | ternary(override_os_family,ansible_facts['os_family']) == "Darwin" ansible.builtin.set_fact: tinc_base_dir: /usr/local/etc/tinc diff --git a/tasks/main.yml b/tasks/main.yml index 441b4fa..3913c66 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,15 +2,15 @@ # Tinc VPN Setup and Configuration - name: Main - Set different base dir for macOS - when: (override_os_family is defined) | ternary(override_os_family, ansible_os_family) == "Darwin" + when: (override_os_family is defined) | ternary(override_os_family, ansible_facts['os_family']) == "Darwin" ansible.builtin.set_fact: tinc_base_dir: /usr/local/etc/tinc - name: Main - Install tinc ansible.builtin.include_tasks: "{{ item }}" with_first_found: - - "setup-{{ ansible_distribution }}.yml" - - "setup-{{ (override_os_family is defined) | ternary(override_os_family, ansible_os_family) }}.yml" + - "setup-{{ ansible_facts['distribution'] }}.yml" + - "setup-{{ (override_os_family is defined) | ternary(override_os_family, ansible_facts['os_family']) }}.yml" - name: Main - Create tinc directories become: true @@ -38,14 +38,14 @@ become: true ansible.builtin.fetch: src: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/rsa_key.pub" - dest: "{{ role_path }}/templates/tmp/rsa_key-{{ ansible_hostname | replace('-', '_') }}.pub" + dest: "{{ role_path }}/templates/tmp/rsa_key-{{ ansible_facts['hostname'] | replace('-', '_') }}.pub" flat: true - name: Main - Create own hostfile become: true ansible.builtin.template: src: "{{ role_path }}/templates/hostfile.j2" - dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_hostname | replace('-', '_') }}" + dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_facts['hostname'] | replace('-', '_') }}" - name: Main - Create tinc-up script become: true @@ -64,12 +64,12 @@ - name: Main - Fetch all hostfiles become: true ansible.builtin.fetch: - src: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_hostname | replace('-', '_') }}" - dest: "{{ role_path }}/files/tmp/{{ ansible_hostname | replace('-', '_') }}" + src: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_facts['hostname'] | replace('-', '_') }}" + dest: "{{ role_path }}/files/tmp/{{ ansible_facts['hostname'] | replace('-', '_') }}" flat: true - name: "Main - Enable {{ tinc_vpn_id }}" - when: ansible_os_family != 'Darwin' + when: ansible_facts['os_family'] != 'Darwin' become: true block: - name: "Main - Enable {{ tinc_vpn_id }} in tinc config" diff --git a/templates/tinc-down.j2 b/templates/tinc-down.j2 index 5693ccb..36a814b 100644 --- a/templates/tinc-down.j2 +++ b/templates/tinc-down.j2 @@ -1,14 +1,14 @@ #!/bin/sh -{% if ansible_hostname == 'hetzner-01' %} +{% if ansible_facts['hostname'] == 'hetzner-01' %} /sbin/ifconfig $INTERFACE down /usr/sbin/ip rule del to {{ tinc_remote_nets[0].net_cidr }} table 5 -{% elif ansible_hostname == 'RaspiBeyerstedt' %} +{% elif ansible_facts['hostname'] == 'RaspiBeyerstedt' %} /sbin/ifconfig $INTERFACE down /bin/ip route del {{ tinc_remote_nets[0].net_cidr }} dev eth0 -{% elif ansible_os_family == 'Darwin' %} +{% elif ansible_facts['os_family'] == 'Darwin' %} /sbin/ifconfig $INTERFACE down /sbin/route -n delete -net {{ tinc_remote_nets[0].net_cidr }} {{ tinc_remote_nets[0].gateway }} diff --git a/templates/tinc-up.j2 b/templates/tinc-up.j2 index 0881c25..26a285f 100644 --- a/templates/tinc-up.j2 +++ b/templates/tinc-up.j2 @@ -1,12 +1,12 @@ #!/bin/sh -{% if ansible_hostname == 'hetzner-01' %} +{% if ansible_facts['hostname'] == 'hetzner-01' %} /sbin/ifconfig $INTERFACE {{ tinc_client_ip | ipaddr('address') }} netmask 255.255.255.0 /usr/sbin/ip rule add to {{ tinc_remote_nets[0].net_cidr }} table 5 /usr/sbin/ip route add {{ tinc_remote_nets[0].net_cidr }} via {{ tinc_remote_nets[0].gateway }} dev {{ tinc_vpn_id }} table 5 -{% elif ansible_hostname == 'RaspiBeyerstedt' %} +{% elif ansible_facts['hostname'] == 'RaspiBeyerstedt' %} /sbin/ifconfig $INTERFACE {{ tinc_client_ip | ipaddr('address') }} netmask 255.255.255.0 /bin/bash -c "echo 1 > /proc/sys/net/ipv4/ip_forward" @@ -14,7 +14,7 @@ iptables -t nat -A POSTROUTING -o eth0 -s {{ tinc_vpn_net }} -j MASQUERADE -{% elif ansible_os_family == 'Darwin' %} +{% elif ansible_facts['os_family'] == 'Darwin' %} # only a single endpoint works, because tun interface is p2p /sbin/ifconfig $INTERFACE inet {{ tinc_client_ip | ipaddr('address') }} {{ tinc_remote_nets[0].gateway }} up netmask 255.255.255.0 diff --git a/templates/tinc.conf.j2 b/templates/tinc.conf.j2 index 0e37528..90a9500 100644 --- a/templates/tinc.conf.j2 +++ b/templates/tinc.conf.j2 @@ -1,10 +1,10 @@ -Name = {{ ansible_hostname | replace('-', '_') }} -{% if (override_os_family is defined) | ternary(override_os_family,ansible_os_family) != 'Darwin' %} +Name = {{ ansible_facts['hostname'] | replace('-', '_') }} +{% if (override_os_family is defined) | ternary(override_os_family,ansible_facts['os_family']) != 'Darwin' %} Device = /dev/net/tun -{% elif ternary(override_os_family,ansible_os_family) == 'Darwin' %} +{% elif ternary(override_os_family,ansible_facts['os_family']) == 'Darwin' %} DeviceType = utun {% endif %} -{% if ansible_hostname | replace('-', '_') != tinc_central_host %} +{% if ansible_facts['hostname'] | replace('-', '_') != tinc_central_host %} ConnectTo = {{ tinc_central_host }} {% endif %} AddressFamily = any