Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository

roles/srv-web-6-6-tls-core/tasks/flavors/dedicated.yml

@@ -1,7 +1,7 @@
 - name: "Check if certificate already exists for {{ domain }}"
   cert_check_exists:
     domain: "{{ domain }}"
-    cert_base_path: "{{ letsencrypt_live_path }}"
+    cert_base_path: "{{ LETSENCRYPT_LIVE_PATH }}"
   register: cert_check
 
 - name: "receive certificate for {{ domain }}"
@@ -10,21 +10,21 @@
     --agree-tos 
     --email {{ users.administrator.email }}
     --non-interactive 
-    {% if certbot_acme_challenge_method != "webroot" %}
-    --dns-{{ certbot_acme_challenge_method }}
-    --dns-{{ certbot_acme_challenge_method }}-credentials {{ certbot_credentials_file }}
-    --dns-{{ certbot_acme_challenge_method }}-propagation-seconds {{ certbot_dns_propagation_wait_seconds }}
+    {% if CERTBOT_ACME_CHALLENGE_METHOD != "webroot" %}
+    --dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}
+    --dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}-credentials {{ CERTBOT_CREDENTIALS_FILE }}
+    --dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}-propagation-seconds {{ CERTBOT_DNS_PROPAGATION_WAIT_SECONDS }}
     {% else %}
     --webroot 
-    -w {{ letsencrypt_webroot_path }}
+    -w {{ LETSENCRYPT_WEBROOT_PATH }}
     {% endif %}
     {% if wildcard_domain is defined and ( wildcard_domain | bool ) %}
-    -d {{ primary_domain }} 
-    -d *.{{ primary_domain }}
+    -d {{ PRIMARY_DOMAIN }} 
+    -d *.{{ PRIMARY_DOMAIN }}
     {% else %}
     -d {{ domain }}
     {% endif %}
-    {{ '--test-cert' if mode_test | bool else '' }}
+    {{ '--test-cert' if MODE_TEST | bool else '' }}
   register: certbot_result
   changed_when: "'Certificate not yet due for renewal' not in certbot_result.stdout"
   when: not cert_check.exists

roles/srv-web-6-6-tls-core/tasks/flavors/san.yml

@@ -10,15 +10,15 @@
         certbundle
         --domains "{{ current_play_domains_all | join(',') }}"
         --certbot-email "{{ users.administrator.email }}"
-        --certbot-acme-challenge-method "{{ certbot_acme_challenge_method }}"
+        --certbot-acme-challenge-method "{{ CERTBOT_ACME_CHALLENGE_METHOD }}"
         --chunk-size 100
-        {% if certbot_acme_challenge_method != 'webroot' %}
-        --certbot-credentials-file "{{ certbot_credentials_file }}"
-        --certbot-dns-propagation-seconds "{{ certbot_dns_propagation_wait_seconds }}"
+        {% if CERTBOT_ACME_CHALLENGE_METHOD != 'webroot' %}
+        --certbot-credentials-file "{{ CERTBOT_CREDENTIALS_FILE }}"
+        --certbot-dns-propagation-seconds "{{ CERTBOT_DNS_PROPAGATION_WAIT_SECONDS }}"
         {% else %}
-        --letsencrypt-webroot-path "{{ letsencrypt_webroot_path }}"
+        --letsencrypt-webroot-path "{{ LETSENCRYPT_WEBROOT_PATH }}"
         {% endif %}
-        {{ '--mode-test' if mode_test | bool else '' }}
+        {{ '--mode-test' if MODE_TEST | bool else '' }}
       register: certbundle_result
       changed_when: "'Certificate not yet due for renewal' not in certbundle_result.stdout"
       failed_when: >

roles/srv-web-6-6-tls-core/tasks/flavors/wildcard.yml

@@ -3,7 +3,7 @@
   vars:
     wildcard_domain: true
   when: 
-    - domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain)
+    - domain.split('.') | length == (PRIMARY_DOMAIN.split('.') | length + 1) and domain.endswith(PRIMARY_DOMAIN)
     - run_once_receive_certificate is not defined  
 
 - name: "Load dedicated certificate for domain"
@@ -11,7 +11,7 @@
   vars:
     wildcard_domain: false
   when: 
-    - not (domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain))
+    - not (domain.split('.') | length == (PRIMARY_DOMAIN.split('.') | length + 1) and domain.endswith(PRIMARY_DOMAIN))
 
 - name: run the receive_certificate tasks once
   set_fact: