inventory, roles, config, docs: update all files to refactor the ansible variables structure

config/services/containers/infra/grafana/etc/grafana.ini.j2

@@ -7,19 +7,19 @@ provisioning = /etc/grafana/provisioning
 
 [server]
 protocol = http
-http_port = 3000
-domain = grafana.ilnmors.internal
-root_url = http://grafana.ilnmors.internal/
+http_port = {{ services['grafana']['ports']['http'] }}
+domain = {{ services['grafana']['domain'] }}.{{ domain['internal'] }}
+root_url = http://{{ services['grafana']['domain'] }}.{{ domain['internal'] }}/
 router_logging = false
 
 [database]
 type = postgres
-host = {{ infra_uri['postgresql']['domain'] }}:{{ infra_uri['postgresql']['ports']['tcp'] }}
+host = {{ services['postgresql']['domain'] }}.{{ domain['internal'] }}:{{ services['postgresql']['ports']['tcp'] }}
 name = grafana_db
 user = grafana
 password = $__file{/run/secrets/GF_DB_PASSWORD}
 ssl_mode = verify-full
-ca_cert_path = /etc/ssl/grafana/ilnmors_root_ca.crt
+ca_cert_path = /etc/ssl/grafana/{{ root_cert_filename }}
 
 [auth.ldap]
 enabled = true

config/services/containers/infra/grafana/etc/ldap.toml.j2

@@ -1,7 +1,7 @@
 # https://github.com/lldap/lldap/blob/main/example_configs/grafana_ldap_config.toml
 [[servers]]
-host = "{{ infra_uri['ldap']['domain'] }}"
-port = {{ infra_uri['ldap']['ports']['ldaps'] }}
+host = "{{ services['ldap']['domain'] }}.{{ domain['internal'] }}"
+port = {{ services['ldap']['ports']['ldaps'] }}
 # Activate STARTTLS or LDAPS
 use_ssl = true
 # true = STARTTLS, false = LDAPS
@@ -9,16 +9,16 @@ start_tls = false
 tls_ciphers = []
 min_tls_version = ""
 ssl_skip_verify = false
-root_ca_cert = "/etc/ssl/grafana/ilnmors_root_ca.crt"
+root_ca_cert = "/etc/ssl/grafana/{{ root_cert_filename }}"
 # mTLS option, it is not needed
 # client_cert = "/path/to/client.crt"
 # client_key = "/path/to/client.key"
 
-bind_dn = "uid=grafana,ou=people,dc=ilnmors,dc=internal"
+bind_dn = "uid=grafana,ou=people,{{ domain['dc'] }}"
 bind_password = "$__file{/run/secrets/LDAP_BIND_PASSWORD}"
 
 search_filter = "(|(uid=%s)(mail=%s))"
-search_base_dns = ["dc=ilnmors,dc=internal"]
+search_base_dns = ["{{ domain['dc'] }}"]
 
 [servers.attributes]
 member_of = "memberOf"
@@ -28,20 +28,20 @@ surname = "sn"
 username = "uid"
 
 group_search_filter = "(&(objectClass=groupOfUniqueNames)(uniqueMember=%s))"
-group_search_base_dns = ["ou=groups,dc=ilnmors,dc=internal"]
+group_search_base_dns = ["ou=groups,{{ domain['dc'] }}"]
 group_search_filter_user_attribute = "uid"
 
 [[servers.group_mappings]]
-group_dn = "cn=lldap_admin,ou=groups,dc=ilnmors,dc=internal"
+group_dn = "cn=lldap_admin,ou=groups,{{ domain['dc'] }}"
 org_role = "Admin"
 grafana_admin = true
 
 [[servers.group_mappings]]
-group_dn = "cn=admins,ou=groups,dc=ilnmors,dc=internal"
+group_dn = "cn=admins,ou=groups,{{ domain['dc'] }}"
 org_role = "Editor"
 grafana_admin = false
 
 [[servers.group_mappings]]
-group_dn = "cn=users,ou=groups,dc=ilnmors,dc=internal"
+group_dn = "cn=users,ou=groups,{{ domain['dc'] }}"
 org_role = "Viewer"
 grafana_admin = false

config/services/containers/infra/grafana/etc/provisioning/datasources/datasources.yaml.j2

@@ -4,7 +4,7 @@ apiVersion: 1
 datasources:
   - name: Prometheus
     type: prometheus
-    url: https://prometheus.ilnmors.internal:9090
+    url: https://{{ services['prometheus']['domain'] }}.{{ domain['internal'] }}:{{ services['prometheus']['ports']['https'] }}
     access: proxy
     isDefault: true
     jsonData:
@@ -12,11 +12,11 @@ datasources:
       tlsAuthWithCACert: true
       httpMethod: POST
     secureJsonData:
-      tlsCACert: "$__file{/etc/ssl/grafana/ilnmors_root_ca.crt}"
+      tlsCACert: "$__file{/etc/ssl/grafana/{{ root_cert_filename }}}"
 
   - name: Loki
     type: loki
-    url: https://loki.ilnmors.internal:3100
+    url: https://{{ services['loki']['domain'] }}.{{ domain['internal'] }}:{{ services['loki']['ports']['https'] }}
     access: proxy
     jsonData:
       tlsAuth: false
@@ -25,5 +25,5 @@ datasources:
       httpHeaderName1: "X-Scope-OrgID"
       maxLines: 1000
     secureJsonData:
-      tlsCACert: "$__file{/etc/ssl/grafana/ilnmors_root_ca.crt}"
-      httpHeaderValue1: "ilnmors.internal"
+      tlsCACert: "$__file{/etc/ssl/grafana/{{ root_cert_filename }}}"
+      httpHeaderValue1: "{{ domain['internal'] }} "