Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository

2025-11-04 04:08:15 +00:00 · 2025-08-13 19:10:44 +02:00
parent 004507e233
commit db0e030900
171 changed files with 474 additions and 345 deletions
--- a/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml
+++ b/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml
@@ -11,4 +11,4 @@

  - name: "Set CAA records for all base domains"
    include_tasks: 01_set-caa-records.yml
-    when: dns_provider == 'cloudflare'
+    when: DNS_PROVIDER == 'cloudflare'
--- a/roles/srv-web-7-7-letsencrypt/tasks/01_set-caa-records.yml
+++ b/roles/srv-web-7-7-letsencrypt/tasks/01_set-caa-records.yml
@@ -1,14 +1,14 @@
 ---

- name: "Validate certbot_dns_api_token"
+- name: "Validate CERTBOT_DNS_API_TOKEN"
  fail:
    msg: >
-      The variable "certbot_dns_api_token" must be defined and cannot be empty!
-  when: (certbot_dns_api_token | default('') | trim) == ''
+      The variable "CERTBOT_DNS_API_TOKEN" must be defined and cannot be empty!
+  when: (CERTBOT_DNS_API_TOKEN | default('') | trim) == ''

 - name: "Ensure all CAA records are present"
  community.general.cloudflare_dns:
-    api_token: "{{ certbot_dns_api_token }}"
+    api_token: "{{ CERTBOT_DNS_API_TOKEN }}"
    zone:     "{{ item.0 }}"
    record:   "@"
    type:     CAA
--- a/roles/srv-web-7-7-letsencrypt/templates/letsencrypt.conf.j2
+++ b/roles/srv-web-7-7-letsencrypt/templates/letsencrypt.conf.j2
@@ -9,7 +9,7 @@ server
  #letsencrypt
  location ^~ /.well-known/acme-challenge/ {
    allow all;
-    root {{ letsencrypt_webroot_path }};
+    root {{ LETSENCRYPT_WEBROOT_PATH }};
    default_type "text/plain";
    try_files $uri =404;
  }
--- a/roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2
+++ b/roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2
@@ -1,3 +1,3 @@
-ssl_certificate         {{ [ letsencrypt_live_path, ssl_cert_folder] | path_join }}/fullchain.pem;
-ssl_certificate_key     {{ [ letsencrypt_live_path, ssl_cert_folder] | path_join }}/privkey.pem;
-ssl_trusted_certificate {{ [ letsencrypt_live_path, ssl_cert_folder] | path_join }}/chain.pem;
+ssl_certificate         {{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder] | path_join }}/fullchain.pem;
+ssl_certificate_key     {{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder] | path_join }}/privkey.pem;
+ssl_trusted_certificate {{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder] | path_join }}/chain.pem;