webapps/privatebin/LISEZMOI.md

@@ -31,7 +31,7 @@ Exemple de playbook
     - all
   vars:
     # Supplanter ici les variables du rôle
-    domains: ['votre-vrai-domaine.org']
+    privatebin_domains: ['votre-vrai-domaine.org']
     service: 'mon-privatebin'
 
   roles:

webapps/privatebin/README.md

@@ -31,7 +31,7 @@ Example Playbook
     - all
   vars:
     # Overwrite the role variable here
-    domains: ['your-real-domain.org']
+    privatebin_domains: ['your-real-domain.org']
     service: 'my-privatebin'
 
   roles:

webapps/privatebin/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 # defaults file for vars
-system_dep: "['apt-transport-https', 'git', 'certbot', 'acl', 'apache2', 'libapache2-mpm-itk', 'libapache2-mod-php', 'php-gd']"
-git_url: 'https://github.com/PrivateBin/PrivateBin'
-git_version: '1.5.1'
-domains: ['example.domain.org']
-certbot_admin_email: 'mgauthier@evolix.ca'
+privatebin_system_dep: "['apt-transport-https', 'git', 'certbot', 'acl', 'apache2', 'libapache2-mpm-itk', 'libapache2-mod-php', 'php-gd']"
+privatebin_git_url: 'https://github.com/PrivateBin/PrivateBin'
+privatebin_git_version: '1.5.1'
+privatebin_domains: ['example.domain.net']
+privatebin_certbot_admin_email: 'security@example.net'

webapps/privatebin/tasks/main.yml

@@ -3,7 +3,7 @@
 
 - name: Install main system dependencies
   apt:
-    name: "{{ system_dep }}"
+    name: "{{ privatebin_system_dep }}"
     update_cache: yes
 
 - name: Add UNIX account
@@ -13,9 +13,9 @@
 
 - name: Clone privatebin repo (git)
   git:
-    repo: "{{ git_url }}"
+    repo: "{{ privatebin_git_url }}"
     dest: "~/PrivateBin/"
-    version: "{{ git_version | default(omit) }}"
+    version: "{{ privatebin_git_version | default(omit) }}"
     update: yes
     force: true
     umask: '0022'
@@ -37,7 +37,7 @@
 
 - name: Check if SSL certificate is present and register result
   stat:
-    path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
+    path: "/etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem"
   register: ssl
 
 - name: Generate certificate only if required (first time)
@@ -58,7 +58,7 @@
       state: directory
       mode: '0755'
   - name: Generate certificate with certbot
-    shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ certbot_admin_email }} -d {{ domains |first }}
+    shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ privatebin_certbot_admin_email }} -d {{ privatebin_domains |first }}
   - name: Create the ssl dir if needed
     file:
       path: /etc/apache2/ssl
@@ -72,7 +72,7 @@
 
 - name: (Re)check if SSL certificate is present and register result
   stat:
-    path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
+    path: "/etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem"
   register: ssl
 
 - name: (Re)template conf file for apache vhost with SSL

webapps/privatebin/tasks/upgrade.yml

@@ -10,9 +10,9 @@
 
 - name: Update privatebin repo (git)
   git:
-    repo: "{{ git_url }}"
+    repo: "{{ privatebin_git_url }}"
     dest: "~/PrivateBin/"
-    version: "{{ git_version }}"
+    version: "{{ privatebin_git_version }}"
     update: yes
     force: true
   become_user: "{{ service }}"

webapps/privatebin/templates/ssl.conf.j2

@@ -1,3 +1,3 @@
 SSLEngine On
-SSLCertificateFile /etc/letsencrypt/live/{{ domains |first }}/fullchain.pem
-SSLCertificateKeyFile /etc/letsencrypt/live/{{ domains |first }}/privkey.pem
+SSLCertificateFile /etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/{{ privatebin_domains |first }}/privkey.pem

webapps/privatebin/templates/vhost.conf.j2

@@ -1,5 +1,5 @@
 <VirtualHost *:80>
-    ServerName {{ domains |first }}
+    ServerName {{ privatebin_domains |first }}
     
     {% if ssl.stat.exists %}
     RewriteEngine On
@@ -12,7 +12,7 @@
 
 {% if ssl.stat.exists %}
 <VirtualHost *:443>
-    ServerName {{ domains |first }}
+    ServerName {{ privatebin_domains |first }}
 
     DocumentRoot /home/{{ service }}/PrivateBin