tocproject.toc.commons

Purpose

Common role imported by every others.
Supply a common namespace for shared variables and handlers.
Variable cooking to avoid visual noise in roles' code.

Variables

Local paths

Absolute path to instance directory.
```
toc_root: "{{ lookup('env', 'PWD') }}"
```

Absolute path to group vars directory.

toc_group_vars_root_dir: "{{ toc_root }}/group_vars"

Absolute path to toc group vars directory.

toc_group_vars_dir: "{{ toc_group_vars_root_dir }}/toc"

Absolute path to toc group ansible-vaulted secrets var files.
```
toc_secrets_dir: "{{ toc_group_vars_dir }}/secrets"
```
Local directory to render terraform modules for operations on instance.
```
toc_tf_modules_dir: "{{ toc_root }}/terraform"
```

Relative path to toc group vars directory.

toc_group_vars_dir_relative_dir: "./group_vars/toc"

Relative path to toc group ansible-vaulted secrets var files.

toc_secrets_dir_relative_dir: "{{ toc_group_vars_dir_relative_dir }}/secrets"

Relative path to default ssh keypair.

toc_ssh_private_key_file_relative_path: "{{ toc_secrets_dir_relative_dir }}/default.key"
toc_ssh_public_key_file_relative_path: "{{ toc_ssh_private_key_file_relative_path }}.pub"

Absolute path to default ssh keypair.

toc_ssh_private_key_file: "{{ toc_ssh_private_key_file_relative_path | realpath }}"
toc_ssh_public_key_file: "{{ toc_ssh_public_key_file_relative_path | realpath }}"

Domains

Domain name used for public zone

toc_public_domain: >-
  {{ toc_workspace }}.{{ toc_parent_domain }}

Top level domain used for private zone
```
toc_private_tld: "toc"
```

Domain used for private zone

toc_private_domain: "{{ toc_workspace }}.{{ toc_private_tld }}"

Subdomains for each services

toc_service_sudomain:
  # public prefixes
  api: "api"
  idp: "idp"
  pkg: "pkg"
  vpn: "vpn"
  # private prefixes
  bot: "bot"
  ide: "ide"
  git: "git"
  obs: "obs"
  pki: "pki"

Public services fqdn

toc_service_fqdn_api: "{{ toc_service_sudomain.api }}.{{ toc_public_domain }}"
toc_service_fqdn_idp: "{{ toc_service_sudomain.idp }}.{{ toc_public_domain }}"
toc_service_fqdn_pkg: "{{ toc_service_sudomain.pkg }}.{{ toc_public_domain }}"
toc_service_fqdn_vpn: "{{ toc_service_sudomain.vpn }}.{{ toc_public_domain }}"

Private services fqdn

toc_service_fqdn_bot: "{{ toc_service_sudomain.bot }}.{{ toc_private_domain }}"
toc_service_fqdn_git: "{{ toc_service_sudomain.git }}.{{ toc_private_domain }}"
toc_service_fqdn_ide: "{{ toc_service_sudomain.ide }}.{{ toc_private_domain }}"
toc_service_fqdn_obs: "{{ toc_service_sudomain.obs }}.{{ toc_private_domain }}"
toc_service_fqdn_pki: "{{ toc_service_sudomain.pki }}.{{ toc_private_domain }}"

PKI

Remote private ca directory

toc_pki_home_dir: "/etc/ssl/private/ca"

Path to private certificates' public part.

toc_service_private_cert_path:
  bot: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_bot }}.crt"
  git: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_git }}.crt"
  ide: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_ide }}.crt"
  obs: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_obs }}.crt"
  pki: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_pki }}.crt"

Path to private certificates' private part.

toc_service_private_cert_key_path:
  bot: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_bot }}.key"
  git: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_git }}.key"
  ide: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_ide }}.key"
  obs: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_obs }}.key"
  pki: "{{ toc_pki_home_dir }}/{{ toc_service_fqdn_pki }}.key"

Utils

New line chars variabilized for ansible-engine usage compatibility in split.
```
new_line: "\n"
```
Expected Terraform operation. One of: ['apply', 'destroy']
```
tf_action: apply
```