inventory, roles, config, docs: update all files to refactor the ansible variables structure

2026-04-01 21:30:56 +09:00
parent d1e0eb30c0
commit 84d961c7e3
62 changed files with 321 additions and 254 deletions
--- a/ansible/roles/app/tasks/services/set_gitea.yaml
+++ b/ansible/roles/app/tasks/services/set_gitea.yaml
@@ -20,7 +20,7 @@
  ansible.builtin.copy:
    content: |
      {{ hostvars['console']['ca']['root']['crt'] }}
-    dest: "{{ node['home_path'] }}/containers/gitea/ssl/ilnmors_root_ca.crt"
+    dest: "{{ node['home_path'] }}/containers/gitea/ssl/{{ root_cert_filename }}"
    owner: "{{ gitea_subuid }}"
    group: "svadmins"
    mode: "0440"
--- a/ansible/roles/app/tasks/services/set_immich.yaml
+++ b/ansible/roles/app/tasks/services/set_immich.yaml
@@ -70,7 +70,7 @@
  ansible.builtin.copy:
    content: |
      {{ hostvars['console']['ca']['root']['crt'] }}
-    dest: "{{ node['home_path'] }}/containers/immich/ssl/ilnmors_root_ca.crt"
+    dest: "{{ node['home_path'] }}/containers/immich/ssl/{{ root_cert_filename }}"
    owner: "{{ ansible_user }}"
    group: "svadmins"
    mode: "0440"
--- a/ansible/roles/app/tasks/services/set_paperless.yaml
+++ b/ansible/roles/app/tasks/services/set_paperless.yaml
@@ -69,7 +69,7 @@
  ansible.builtin.copy:
    content: |
      {{ hostvars['console']['ca']['root']['crt'] }}
-    dest: "{{ node['home_path'] }}/containers/paperless/ssl/ilnmors_root_ca.crt"
+    dest: "{{ node['home_path'] }}/containers/paperless/ssl/{{ root_cert_filename }}"
    owner: "{{ paperless_subuid }}"
    group: "svadmins"
    mode: "0440"
@@ -101,7 +101,7 @@
                "client_id": "paperless",
                "secret": "{{ hostvars['console']['paperless']['oidc']['secret'] }}",
                "settings": {
-                  "server_url": "https://authelia.ilnmors.com/.well-known/openid-configuration",
+                  "server_url": "https://{{ services['authelia']['domain'] }}.{{ domain['public'] }}/.well-known/openid-configuration",
                  "token_auth_method": "client_secret_post"
                }
              }
--- a/ansible/roles/app/tasks/services/set_vaultwarden.yaml
+++ b/ansible/roles/app/tasks/services/set_vaultwarden.yaml
@@ -15,7 +15,7 @@
  ansible.builtin.copy:
    content: |
      {{ hostvars['console']['ca']['root']['crt'] }}
-    dest: "{{ node['home_path'] }}/containers/vaultwarden/ssl/ilnmors_root_ca.crt"
+    dest: "{{ node['home_path'] }}/containers/vaultwarden/ssl/{{ root_cert_filename }}"
    owner: "{{ ansible_user }}"
    group: "svadmins"
    mode: "0440"
@@ -34,7 +34,8 @@
      value: "{{ hostvars['console']['vaultwarden']['admin']['hash'] }}"
    - name: "VW_DATABASE_URL"
      value: "postgresql://vaultwarden:{{ hostvars['console']['postgresql']['password']['vaultwarden'] | urlencode | replace('/', '%2F') }}\
-        @{{ infra_uri['postgresql']['domain'] }}/vaultwarden_db?sslmode=verify-full&sslrootcert=/etc/ssl/vaultwarden/ilnmors_root_ca.crt"
+        @{{ services['postgresql']['domain'] }}.{{ domain['internal'] }}/vaultwarden_db?sslmode=verify-full&\
+        sslrootcert=/etc/ssl/vaultwarden/{{ root_cert_filename }}"
  notify: "notification_restart_vaultwarden"
  no_log: true

--- a/ansible/roles/app/tasks/services/set_vikunja.yaml
+++ b/ansible/roles/app/tasks/services/set_vikunja.yaml
@@ -20,7 +20,7 @@
  ansible.builtin.copy:
    content: |
      {{ hostvars['console']['ca']['root']['crt'] }}
-    dest: "{{ node['home_path'] }}/containers/vikunja/ssl/ilnmors_root_ca.crt"
+    dest: "{{ node['home_path'] }}/containers/vikunja/ssl/{{ root_cert_filename }}"
    owner: "{{ vikunja_subuid }}"
    group: "svadmins"
    mode: "0440"