switched to new facts-syntax

local.yml

@@ -4,7 +4,7 @@
     - ansible.builtin.import_tasks: global_handlers/global_handlers.yml
   connection: local
   vars_files:
-    - "{{ lookup('first_found', ['os_vars/' + (ansible_distribution | lower) + '.yml'], errors='ignore') }}"
+    - "{{ lookup('first_found', ['os_vars/' + (ansible_facts['distribution'] | lower) + '.yml'], errors='ignore') }}"
   become: true
   vars:
     ansible_reboot_cooldown_minutes: 15 # Cooldown in Minuten
@@ -33,17 +33,17 @@
     - name: pre-run | update apt repository (debian, ubuntu, etc.) # noqa no-changed-when
       ansible.builtin.apt: update_cache=yes
       #changed_when: false
-      when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+      when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
       ignore_errors: True
     - name: pre-run | update pacman repository (arch)
       community.general.pacman: update_cache=yes
       #changed_when: false
-      when: ansible_distribution == 'Archlinux'
+      when: ansible_facts['distribution'] == 'Archlinux'
       ignore_errors: True
     - name: pre-run |update portage repository (gentoo)
       portage:
         sync: yes
-      when: ansible_distribution == 'Gentoo'
+      when: ansible_facts['distribution'] == 'Gentoo'
       ignore_errors: True
 
 
@@ -52,11 +52,11 @@
     - name: pre-run | upgrade system (debian, ubuntu, etc.)
       ansible.builtin.apt: upgrade=dist
       #changed_when: false
-      when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+      when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
       ignore_errors: True
     - name: pre-run | upgrade system (arch)
       community.general.pacman: upgrade=true
-      when: ansible_distribution == 'Archlinux'
+      when: ansible_facts['distribution'] == 'Archlinux'
       ignore_errors: True
 
 # run roles
@@ -227,14 +227,14 @@
       ansible.builtin.apt:
         autoclean: yes
       changed_when: false
-      when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+      when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
     - name: autoremove orphan packages (debian and ubuntu)
       tags: always
       ansible.builtin.apt:
         autoremove: yes
         purge: yes
-      when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+      when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
     - name: post-run | update marker file timestamp on successful run
       file:

roles/backup/files/config/omada_excludes.txt

@@ -0,0 +1 @@
+/opt/tplink/EAPController/data/autobackup/tmp

roles/backup/files/config/omada_includes.txt

@@ -0,0 +1 @@
+/opt/tplink/EAPController/data/autobackup/

roles/backup/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] }}.yml"
   tags: always
   ignore_errors: True
 

roles/backup/tasks/software/packages_utilities.yml

@@ -12,7 +12,7 @@
     state: latest
     name:
       - mariadb-clients
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
 
 - name: backup | utilities | install utilities (debian)
   tags: packages,system,system setup
@@ -20,14 +20,14 @@
     state: latest
     name:
       - mariadb-client
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]
 
 - name: backup | tailscale | install tailscale (arch)
   tags: packages,system,system setup,tailscale
   package:
     name: tailscale
     state: latest
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
 
 - name: backup | tailscale | install prerequisites (debian-based)
   tags: packages,system,system setup,tailscale
@@ -36,23 +36,23 @@
       - apt-transport-https
       - ca-certificates
     state: present
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]
 
 - name: backup | tailscale | add tailscale apt key (debian-based)
   tags: packages,system,system setup,tailscale
   get_url:
-    url: "https://pkgs.tailscale.com/stable/{{ ansible_distribution | lower }}/{{ ansible_distribution_release }}.noarmor.gpg"
+    url: "https://pkgs.tailscale.com/stable/{{ ansible_facts['distribution'] | lower }}/{{ ansible_facts['distribution']_release }}.noarmor.gpg"
     dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
     mode: '0644'
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]
 
 - name: backup | tailscale | add tailscale repository (debian-based)
   tags: packages,system,system setup,tailscale
   apt_repository:
-    repo: "deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"
+    repo: "deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution']_release }} main"
     state: present
     filename: tailscale
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]
   notify: update apt cache
 
 - name: backup | tailscale | install tailscale (debian-based)
@@ -60,4 +60,4 @@
   apt:
     name: tailscale
     state: latest
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]

roles/backup/tasks/system_setup/copy_backup_config.yml

@@ -11,7 +11,7 @@
   ansible.builtin.file:
     path: "/opt/backup/bin/backup_remote.bash"
     state: link
-    src: "{{ ansible_user_dir }}/bin/backup_remote.bash"
+    src: "{{ ansible_facts['user_dir'] }}/bin/backup_remote.bash"
 
 - name: backup | system setup | copy backup config files
   ansible.builtin.copy:
@@ -26,11 +26,11 @@
   
 - name: backup | system setup | add entries to ssh_config
   ansible.builtin.blockinfile:
-    dest: "{{ ansible_user_dir }}/.ssh/config"
+    dest: "{{ ansible_facts['user_dir'] }}/.ssh/config"
     block: "{{ lookup('template', 'ssh_config.j2') }}"
     marker: "## {mark} ANSIBLE MANAGED BLOCK FOR backup"
   # template:
   #   src: "ssh_config.j2"
-  #   dest: "{{ ansible_user_id }}/.ssh/config"
+  #   dest: "{{ ansible_facts['user_id'] }}/.ssh/config"
   #   backup: true
   #   mode: "0644"

roles/base/tasks/ansible_setup.yml

@@ -4,13 +4,13 @@
     path: "/etc/apt/sources.list"
     regexp: "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main"
     state: absent
-  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
 - debug:
-    var: ansible_distribution_release
+    var: ansible_facts['distribution']_release
 - debug:
-    var: equivalents[ansible_distribution_release]['ubuntu']
+    var: equivalents[ansible_facts['distribution']_release]['ubuntu']
-  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
   
 
 - name: ansible setup | get key
@@ -18,13 +18,13 @@
   get_url:
     url: "https://keyserver.ubuntu.com/pks/lookup?fingerprint=on&op=get&search=0x6125E2A8C77F2818FB7BD15B93C4A3FD7BB9C367" # required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
     dest: "/tmp/ansible-archive-keyring.asc" # Download to a temporary location
-  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
 - name: ansible setup | dearmor GPG key and place in /usr/share/keyrings
   ansible.builtin.command:
     cmd: "gpg --dearmor -o /usr/share/keyrings/ansible-archive-keyring.gpg /tmp/ansible-archive-keyring.asc"
     creates: "/usr/share/keyrings/ansible-archive-keyring.gpg"
-  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
   # Hinweis: Der 'warn: false' Parameter wurde aufgrund eines Konflikts entfernt.
   # Diese Aufgabe ist entscheidend für die moderne APT-Schlüsselverwaltung.
 
@@ -32,34 +32,34 @@
   file:
     path: /etc/apt/sources.list.d/ansible.list
     state: absent
-  when: ansible_distribution == "Debian"
+  when: ansible_facts['distribution'] == "Debian"
 
 - name: ansible setup | remove repository - Debian / Ubuntu
   tags: ansible,ansible-setup
   apt_repository:
-    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ equivalents[ansible_distribution_release]['ubuntu'] }} main"
+    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ equivalents[ansible_facts['distribution']_release]['ubuntu'] }} main"
     state: absent
     update_cache: no
     filename:  ansible
-  when: ansible_distribution in ["Debian", "Ubuntu"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu"]
 
 - name: ansible setup | update repository - Debian
   tags: ansible,ansible-setup
   apt_repository:
-    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ equivalents[ansible_distribution_release]['ubuntu'] }} main"
+    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ equivalents[ansible_facts['distribution']_release]['ubuntu'] }} main"
     state: present
     update_cache: yes 
     filename:  ansible
-  when: ansible_distribution == "Debian"
+  when: ansible_facts['distribution'] == "Debian"
 
 - name: ansible setup | update repository - Ubuntu
   tags: ansible,ansible-setup
   apt_repository:
-    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ ansible_distribution_release }} main"
+    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ ansible_facts['distribution']_release }} main"
     state: present
     update_cache: yes 
     filename:  ansible
-  when: ansible_distribution == "Ubuntu"
+  when: ansible_facts['distribution'] == "Ubuntu"
 
 - name: ansible setup | ensure ansible is the latest version
   tags: ansible,ansible-setup
@@ -79,7 +79,7 @@
 #   tags: ansible,ansible-setup,packages
 #   package:
 #     name: acl
-#   when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+#   when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
 
 # - name: ansible:setup | create ansible log file
 #   tags: ansible,ansible-setup

roles/base/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
 
@@ -41,7 +41,7 @@
   - import_tasks: system_setup/disable_standby.yml
     when: is_proxmox is defined and is_proxmox == true
   - import_tasks: software/wazuh-agent.yml
-    when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint", "Archlinux"]
+    when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint", "Archlinux"]
   - import_tasks: system_setup/disable_standby.yml
     when: is_proxmox is defined and is_proxmox == true
   - import_tasks: system_setup/import_stepca.yml

roles/base/tasks/software/packages_cleanup.yml

@@ -8,4 +8,4 @@
       - exim4-base
       - exim4-config
       - nano
-  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]

roles/base/tasks/software/packages_utilities.yml

@@ -59,7 +59,7 @@
     - lsd
     - pacman-contrib
     - which
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
   ignore_errors: true
 
 - name: system setup | utilities | install man-pages (arch)
@@ -71,7 +71,7 @@
     - man-db
     - man-pages
     - "{{ python_passlib_package }}"
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
   ignore_errors: true
 
 - name: system setup | utilities | install utilities (debian)
@@ -87,7 +87,7 @@
     - dnsutils
     - unattended-upgrades
     - "{{ python_passlib_package }}"
-  when: ansible_distribution in [ "Debian", "Ubuntu" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu" ]
   ignore_errors: true
 
 - name: system setup | utilities | install AUR helper (arch)

roles/base/tasks/system_setup/clock.yml

@@ -3,14 +3,14 @@
   package:
     name: systemd-timesyncd
     state: latest
-  when: ansible_distribution in ["Pop!_OS", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Pop!_OS", "Ubuntu", "Linux Mint"]
 
 - name: system setup | clock | install systemd-timesyncd (debian)
   tags: ntp, system setup
   apt:
     name: systemd-timesyncd
     state: latest
-  when: ansible_distribution == "Debian"
+  when: ansible_facts['distribution'] == "Debian"
 
 - name: system setup | clock | start and enable systemd-timestampd
   tags: ntp,system setup

roles/base/tasks/system_setup/cron.yml

@@ -11,14 +11,14 @@
     name: cronie
     state: started
     enabled: true
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
 
 - name: system setup | cron | add cronjob for ansible on reboot
   become: true
   become_user: root
   cron:
     name: "ansible provision"
-    user: "{{ ansible_user_id }}"
+    user: "{{ ansible_facts['user_id'] }}"
     job: 'ansible-pull --vault-password-file=~/.vaultpass -U "https://gitea.mewissen.site/rene/ansible-pull.git" -d "/opt/ansible-pull" -C master > /var/log/ansible_pull.log || cat /var/log/ansible_pull.log'
     state: present
     special_time: reboot
@@ -28,7 +28,7 @@
   become_user: root
   cron:
     name: "ansible provision"
-    user: "{{ ansible_user_id }}"
+    user: "{{ ansible_facts['user_id'] }}"
     job: 'ansible-pull --vault-password-file=~/.vaultpass -U "https://gitea.mewissen.site/rene/ansible-pull.git" -d "/opt/ansible-pull" -C master > /var/log/ansible_pull.log || cat /var/log/ansible_pull.log'
     state: present
     minute: 0
@@ -105,7 +105,7 @@
     hour: "0"
     minute: "0"
     job: "apt list --upgradeable"
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: system setup | cron | Send me a list of upgradeable packages daily (Archlinux)
   tags: cron
@@ -115,4 +115,4 @@
     hour: "0"
     minute: "0"
     job: "{{ root_home }} + '/bin/cron_pacman'"
-  when: ansible_distribution in ["Archlinux"]  
+  when: ansible_facts['distribution'] in ["Archlinux"]  

roles/base/tasks/system_setup/git.yml

@@ -1,7 +1,7 @@
 - name: base | system_setup | git config user.email
   git_config:
     name: user.email  # not required. The name of the setting. If no value is supplied, the value will be read from the config if it has been set.
-    value: 'root@{{ ansible_fqdn }}'
+    value: 'root@{{ ansible_facts["fqdn"] }}'
     scope: global
 
 - name: base | system_setup | git config user.name

roles/base/tasks/system_setup/locale.yml

@@ -4,7 +4,7 @@
     name:
       - locales-all
     state: latest
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_facts['distribution'] in [ "Debian", "Ubuntu", "Linux Mint" ]
 
 - name: system setup | locale | add de_DE
   tags: locale,system,setup

roles/base/tasks/users/root.yml

@@ -26,10 +26,10 @@
 
 - name: users | root | install private ssh keys for backup
   copy:
-    dest: "{{ ansible_user_dir }}/.ssh/"
+    dest: "{{ ansible_facts['user_dir'] }}/.ssh/"
     src: "{{ item }}"
-    owner: "{{ ansible_user_id }}"
+    owner: "{{ ansible_facts['user_id'] }}"
-    group: "{{ ansible_user_id }}"
+    group: "{{ ansible_facts['user_id'] }}"
     mode: '0600'
   loop:
     - "private_keys/backup_ed25519"
@@ -45,7 +45,7 @@
 - name: users | root | copy ~/validate-rsync.sh
   copy:
     #dest: "{{ getent_passwd[user][4] }}/validate-rsync.sh"
-    dest: "{{ ansible_user_dir }}/validate-rsync.sh"
+    dest: "{{ ansible_facts['user_dir'] }}/validate-rsync.sh"
     src: "system_setup/validate-rsync.sh"
     mode: "0744"
 

roles/bastionhost/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
 

roles/database/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution|lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution']|lower }}.yml"
   tags: always
   ignore_errors: True
 

roles/docker/tasks/install_docker.yml

@@ -2,7 +2,7 @@
   - name: docker | install docker | get convenience script
     ansible.builtin.get_url:
       url: "https://get.docker.com"
-      dest: "~/get-docker.sh"
+      dest: "/tmp/get-docker.sh"
       mode: "0777"  # not required. The permissions the resulting file or directory should have. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like C(0644) or C(01777)) or quote it (like C('644') or C('1777')) so Ansible receives a string and can do its own conversion from string into number. Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)). As of Ansible 2.6, the mode may also be the special string C(preserve). When set to C(preserve) the file will be given the same permissions as the source file.
       use_proxy: No
 
@@ -15,7 +15,7 @@
   #  file:
   #    path: "/tmp/get-docker.sh" # required. Path to the file being managed.
   #    state: absent
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: docker | install docker | docker-compose
   ansible.builtin.package:

roles/docker/tasks/main.yml

@@ -1,9 +1,9 @@
 ---
 # Load distro specific variables
-- ansible.builtin.include_vars: "{{ ansible_distribution | lower }}.yml"
+- ansible.builtin.include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
-- ansible.builtin.include_vars: "{{ ansible_fqdn | lower }}.yml"
+- ansible.builtin.include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - ansible.builtin.import_tasks: install_docker.yml

roles/domaincontroller/tasks/certs.yml

@@ -7,12 +7,12 @@
 - name: domaincontroller | certs | obtain certificate from step-ca via certbot
   command: >
     certbot certonly --standalone -n
-    -d {{ ansible_fqdn }}
+    -d {{ ansible_facts['fqdn'] }}
     --server {{ samba_stepca_server_url }}/acme/acme/directory
     --agree-tos
     --email admin@{{ samba_realm | lower }}
   args:
-    creates: /etc/letsencrypt/live/{{ ansible_fqdn }}/fullchain.pem
+    creates: /etc/letsencrypt/live/{{ ansible_facts['fqdn'] }}/fullchain.pem
   notify: restart samba-ad-dc
 
 - name: domaincontroller | certs | create certbot.service override directory

roles/domaincontroller/templates/smb.conf.j2

@@ -6,8 +6,8 @@
         workgroup = {{ samba_workgroup }}
 
         tls enabled  = yes
-        tls keyfile  = /etc/letsencrypt/live/{{ ansible_fqdn }}/privkey.pem
+        tls keyfile  = /etc/letsencrypt/live/{{ ansible_facts['fqdn'] }}/privkey.pem
-        tls certfile = /etc/letsencrypt/live/{{ ansible_fqdn }}/fullchain.pem
+        tls certfile = /etc/letsencrypt/live/{{ ansible_facts['fqdn'] }}/fullchain.pem
 
         template homedir = /home/%U
         template shell = /bin/zsh

roles/drone/tasks/main.yml

@@ -1,4 +1,4 @@
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - block:

roles/grafana/tasks/main.yml

@@ -1,9 +1,9 @@
 ---
 # Load distro specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - block:

roles/jitsimeet/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
 
 - block:

roles/mailserver/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
 
 - block:

roles/mastodon/tasks/main.yml

@@ -1,8 +1,8 @@
 ---
 # Load distro specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 

roles/mastodon/tasks/system_setup/letsencrypt.yml

@@ -1,5 +1,5 @@
 ---
-- stat: path=/etc/letsencrypt/live/{{ mastodon_host | default(ansible_fqdn) }}/fullchain.pem
+- stat: path=/etc/letsencrypt/live/{{ mastodon_host | default(ansible_facts['fqdn']) }}/fullchain.pem
   register: letsencrypt_cert
 
 - name: Copy letsencrypt nginx config
@@ -19,7 +19,7 @@
     - migration is not defined or migration == False
 
 - name: Install letsencrypt cert
-  command: certbot certonly -n --webroot -d {{ mastodon_host | default(ansible_fqdn) }} -w {{ mastodon_home }}/{{ mastodon_path }}/public/ --email "webmaster@{{ mastodon_host | default(ansible_fqdn) }}" --agree-tos && systemctl reload nginx
+  command: certbot certonly -n --webroot -d {{ mastodon_host | default(ansible_facts['fqdn']) }} -w {{ mastodon_home }}/{{ mastodon_path }}/public/ --email "webmaster@{{ mastodon_host | default(ansible_facts['fqdn']) }}" --agree-tos && systemctl reload nginx
   when: 
     - not letsencrypt_cert.stat.exists
     - migration == False or migration is not defined

roles/mastodon/tasks/system_setup/nginx.yml

@@ -1,6 +1,6 @@
 ---
 - debug:
-    msg: "Hostname: {{ mastodon_host | default(ansible_fqdn) }}"
+    msg: "Hostname: {{ mastodon_host | default(ansible_facts['fqdn']) }}"
 
 - name: mastodon | Copy nginx config
   template: 

roles/mastodon/templates/mastodon.conf.j2

@@ -6,7 +6,7 @@ map $http_upgrade $connection_upgrade {
 server {
   listen 80;
   listen [::]:80;
-  server_name {{ mastodon_host | default(ansible_fqdn) }};
+  server_name {{ mastodon_host | default(ansible_facts['fqdn']) }};
 
   # Useful for Let's Encrypt
   location /.well-known/acme-challenge/ { allow all; }
@@ -16,7 +16,7 @@ server {
 server {
   listen 443 ssl http2;
   listen [::]:443 ssl http2;
-  server_name {{ mastodon_host | default(ansible_fqdn) }};
+  server_name {{ mastodon_host | default(ansible_facts['fqdn']) }};
 
   ssl_protocols TLSv1.2;
   ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
@@ -24,8 +24,8 @@ server {
   ssl_session_cache shared:SSL:10m;
 
 {% if disable_letsencrypt != "true" %}
-  ssl_certificate     /etc/letsencrypt/live/{{ mastodon_host | default(ansible_fqdn) }}/fullchain.pem;
+  ssl_certificate     /etc/letsencrypt/live/{{ mastodon_host | default(ansible_facts['fqdn']) }}/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/{{ mastodon_host | default(ansible_fqdn) }}/privkey.pem;
+  ssl_certificate_key /etc/letsencrypt/live/{{ mastodon_host | default(ansible_facts['fqdn']) }}/privkey.pem;
 {% endif %}
 
   keepalive_timeout    70;

roles/nameserver/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
 
 - block:

roles/proxyserver/tasks/main.yaml

@@ -1,9 +1,9 @@
 ---
 # Load distro specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - include_tasks: squid.yaml

roles/reverseproxy/tasks/caddy.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
 
@@ -9,7 +9,7 @@
 
   # Perform remaining tasks:
   - ansible.builtin.import_tasks: caddy_install_debian.yml
-    when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+    when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
   - ansible.builtin.import_tasks: caddy_config.yml
   - ansible.builtin.import_tasks: caddy_service.yml
 

roles/reverseproxy/tasks/main.yml

@@ -1,8 +1,8 @@
 # Load distro specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - include_tasks: caddy.yml

roles/server/tasks/main.yml

@@ -1,15 +1,15 @@
 ---
 # Load distro specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
   ignore_errors: True
-- include_vars: "{{ ansible_fqdn | lower }}.yml"
+- include_vars: "{{ ansible_facts['fqdn'] | lower }}.yml"
   ignore_errors: True
 
 - block:
   - include_tasks: utilities/mail_transfer_agent.yml
   - include_tasks: utilities/telegraf.yml
-    when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+    when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
   - include_tasks: utilities/netdata.yml
     when: netdata is defined and netdata == true
   - include_tasks: utilities/snmpd.yml

roles/server/tasks/system_setup/cron.yml

@@ -2,7 +2,7 @@
   package:
     name: "cronie"
     state: latest
-  when: ansible_distribution == "Archlinux"
+  when: ansible_facts['distribution'] == "Archlinux"
 
 - name: server | system_setup | cron (VM)
   tags: cron

roles/server/tasks/utilities/mail_transfer_agent.yml

@@ -13,8 +13,8 @@
       loop:
         - { regex: "^root=.*$", line: "root=rene@tantooine.myfirewall.org"}
         - { regex: "^mailhub=.*", line: "mailhub=mail.universe.local"}
-        - { regex: "^hostname=.*", line: "hostname={{ ansible_fqdn }}"}
+        - { regex: "^hostname=.*", line: "hostname={{ ansible_facts['fqdn'] }}"}
-      when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
+      when: ansible_facts['distribution'] in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
     - name: server | utilities | remove postfix
       package:
         name: 

roles/server/tasks/utilities/snmpd.yml

@@ -13,7 +13,7 @@
     group: "root"
     mode: "0660"
     validate: "{{ commands.visudo }} -cf %s"
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: server | snmpd | create /etc/snmp
   ansible.builtin.file:

roles/server/tasks/utilities/telegraf.yml

@@ -51,12 +51,12 @@
   ansible.builtin.lineinfile:
     path: /etc/telegraf/telegraf.conf
     regexp: '^\s*#?\s*hostname\s*='
-    line: '  hostname = "{{ ansible_fqdn }}"'
+    line: '  hostname = "{{ ansible_facts['fqdn'] }}"'
     owner: root
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent interval
   tags: telegraf
@@ -68,7 +68,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent flush_interval
   tags: telegraf
@@ -80,7 +80,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent flush_jitter
   tags: telegraf
@@ -92,7 +92,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent collection_jitter
   tags: telegraf
@@ -104,7 +104,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent metric_batch_size
   tags: telegraf
@@ -116,7 +116,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent metric_buffer_limit
   tags: telegraf
@@ -128,7 +128,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: Configure telegraf agent round_interval
   tags: telegraf
@@ -140,7 +140,7 @@
     group: root
     mode: '0644'
   notify: restart_telegraf
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: server | telegraf | create systemd override directory for telegraf
   ansible.builtin.file:

roles/webservers/tasks/apps/nextcloud/prereq.yml

@@ -7,7 +7,7 @@
       - software-properties-common
       - lsb-release
       - ca-certificates
-  when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
+  when: ansible_facts['distribution'] in ["Debian", "Ubuntu", "Linux Mint"]
 
 - name: webservers | nextcloud | prereq | get php repo key
   ansible.builtin.uri:
@@ -18,7 +18,7 @@
   ansible.builtin.lineinfile:
     path: "/etc/apt/sources.list.d/php.list"
     state: present
-    line: "deb https://packages.sury.org/php/ {{ ansible_distribution_release | lower }} main"
+    line: "deb https://packages.sury.org/php/ {{ ansible_facts['distribution']_release | lower }} main"
     create: True
   
 - name: webservers | nextcloud | prereq | install php

roles/webservers/tasks/main.yml

@@ -1,5 +1,5 @@
 # Load distro-specific variables
-- include_vars: "{{ ansible_distribution | lower }}.yml"
+- include_vars: "{{ ansible_facts['distribution'] | lower }}.yml"
   tags: always
 
 - block:

update.yml

@@ -6,23 +6,23 @@
       become_user: root
       command:
         cmd: "git remote set-url origin ssh://git@gitea.mewissen.site:22422/rene/dotfiles.git"
-        chdir: "{{ ansible_user_dir }}/dotfiles"
+        chdir: "{{ ansible_facts['user_dir'] }}/dotfiles"
     - name: "git default settings"
       become: true
       become_user: root
       command:
         cmd: "git config pull.rebase false"
-        chdir: "{{ ansible_user_dir }}/dotfiles"
+        chdir: "{{ ansible_facts['user_dir'] }}/dotfiles"
     # - name: "git pull"
     #   become: yes
     #   command:
     #     cmd: "git pull"
-    #     chdir: "{{ ansible_user_dir }}/dotfiles"
+    #     chdir: "{{ ansible_facts['user_dir'] }}/dotfiles"
     - name: "remove cronjob for ansible"
       become: false
       cron:
         name: "ansible provision"
-        user: "{{ ansible_user_id }}"
+        user: "{{ ansible_facts['user_id'] }}"
         job: 'ansible-pull --vault-password-file=~/.vaultpass -U "https://gitea.mewissen.site/rene/ansible-pull.git" -d "/opt/ansible-pull" -C master > /var/log/ansible_update.log || cat /var/log/ansible_update.log'
         state: present
         minute: 0
@@ -32,7 +32,7 @@
       become_user: root
       cron:
         name: "ansible provision"
-        user: "{{ ansible_user_id }}"
+        user: "{{ ansible_facts['user_id'] }}"
         job: 'ansible-pull --vault-password-file=~/.vaultpass -U "https://gitea.mewissen.site/rene/ansible-pull.git" -d "/opt/ansible-pull" -C master > /var/log/ansible_update.log || cat /var/log/ansible_update.log'
         state: present
         minute: 0