DEV-914 bugfix of regression from customer specific domains

create-database-backup.yml

@@ -116,5 +116,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-database.yml

@@ -135,5 +135,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-kibana-objects.yml

@@ -61,7 +61,6 @@
   vars:
     ansible_connection: local
     ansible_ssh_host: "{{ stage_server_domain }}"
-    kibana_api_endpoint: '{{ shared_service_elastic_stack_kibana_01_hostname }}-kibana.{{ domain }}'
     elastic_state: present
     elastic_users:
       -
@@ -201,5 +200,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-realm.yml

@@ -94,5 +94,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-remote-database-backup.yml

@@ -119,5 +119,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-server.yml

@@ -154,5 +154,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

create-service.yml

@@ -82,5 +82,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

export-database.yml

@@ -95,5 +95,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

group_vars/all/plain.yml

@@ -222,8 +222,6 @@ upstream_dns_servers:
 - 185.12.64.1
 - 185.12.64.2
 
-shared_service_harbor_hostname: "{{ stage }}-harbor-01.{{ domain_env }}"
-
 harbor_username: "{{ docker_registry_username_vault }}"
 harbor_token: "{{ docker_registry_token_vault }}"
 

group_vars/all/services.yml

@@ -1,4 +1,40 @@
 ---
 
+# TODO variable shouldn't used in a global way
 elastic_id: "{{ inventory_hostname }}-elastic"
+# TODO variable shouldn't used in a global way
 elastic_exporter_id: "{{ inventory_hostname }}-elastic-exporter"
+
+shared_service_url_harbor: "https://{{ shared_service_hostname_harbor }}"
+shared_service_hostname_harbor: "{{ stage }}-harbor-01.{{ domain_env }}"
+
+shared_service_url_kibana: "https://{{ shared_service_hostname_kibana }}"
+shared_service_hostname_kibana: "{{ stage }}-elastic-stack-kibana-01-kibana.{{ domain_env }}"
+
+shared_service_url_keycloak: "https://{{ shared_service_hostname_keycloak }}"
+shared_service_hostname_keycloak: "{{ stage }}-keycloak-01.{{ domain_env }}"
+
+shared_service_host_management: "{{ stage }}-management-01"
+shared_service_url_management: "https://{{ shared_service_hostname_management }}"
+shared_service_hostname_management: "{{ shared_service_host_management }}-connect.{{ domain_env }}"
+
+# use private loadbalancer ip for all kubernetes services
+shared_service_kube_argocd_hostname: "{{ stage }}-kube-argocd.{{ domain_env }}"
+shared_service_kube_awx_hostname: "{{ stage }}-kube-awx.{{ domain_env }}"
+shared_service_kube_harbor_hostname: "{{ stage }}-harbor.{{ domain_env }}"
+shared_service_kube_jaeger_collector_hostname: "{{ stage }}-kube-jaeger-collector.{{ domain_env }}"
+shared_service_kube_prometheus_hostname: "{{ stage }}-kube-prometheus.{{ domain_env }}"
+# TODO make value available for plays with static inventory - by autodiscover_pre_tasks.yml
+shared_service_kube_loadbalancer_ip_not_available: "private loadbalancer ip not available"
+shared_service_kube_loadbalancer_ip: "{{ stage_private_ingress_loadbalancer_ip | default(shared_service_kube_loadbalancer_ip_not_available) }}"
+shared_service_additional_hosts:
+  - name: "{{ shared_service_kube_argocd_hostname }}"
+    ip: "{{ shared_service_kube_loadbalancer_ip }}"
+  - name: "{{ shared_service_kube_awx_hostname }}"
+    ip: "{{ shared_service_kube_loadbalancer_ip }}"
+  - name: "{{ shared_service_kube_prometheus_hostname }}"
+    ip: "{{ shared_service_kube_loadbalancer_ip }}"
+  - name: "{{ shared_service_kube_jaeger_collector_hostname }}"
+    ip: "{{ shared_service_kube_loadbalancer_ip }}"
+  - name: "{{ shared_service_kube_harbor_hostname }}"
+    ip: "{{ shared_service_kube_loadbalancer_ip }}"

group_vars/connect/plain.yml

@@ -25,10 +25,10 @@ connect_auth_module: "oidc"
 connect_oidc_client_id: "{{ cluster_name }}"
 connect_oidc_client_secret: "{{ cluster_name }}"
 connect_oidc_registration_id: "{{ cluster_name }}"
-connect_oidc_issuer_uri: "https://{{ shared_service_keycloak_hostname }}/auth/realms/{{ current_realm_name }}"
+connect_oidc_issuer_uri: "https://{{ shared_service_hostname_keycloak }}/auth/realms/{{ current_realm_name }}"
 
-connect_password_change_url: "{{ http_s }}://{{ shared_service_keycloak_hostname }}/auth/realms/{{ current_realm_name }}/account/password"
+connect_password_change_url: "{{ http_s }}://{{ shared_service_hostname_keycloak }}/auth/realms/{{ current_realm_name }}/account/password"
-connect_iam_user_management_url: "{{ http_s }}://{{ shared_service_keycloak_hostname }}/auth/admin/{{ current_realm_name }}/console"
+connect_iam_user_management_url: "{{ http_s }}://{{ shared_service_hostname_keycloak }}/auth/admin/{{ current_realm_name }}/console"
 
 connect_mail_properties_simulation: false
 

group_vars/connect_wordpress/main.yml

@@ -5,8 +5,8 @@ connect_wordpress_maria_database: "{{ stage }}_{{ tenant_id }}_{{ cluster_name }
 connect_wordpress_maria_username: "{{ connect_wordpress_maria_database }}"
 connect_wordpress_maria_password: "connect-wordpress-maria-admin"
 
-connect_wordpress_oidc_issuer: "{{ http_s }}://{{ shared_service_keycloak_hostname }}/auth/realms/{{ current_realm_name }}"
+connect_wordpress_oidc_issuer: "{{ http_s }}://{{ shared_service_hostname_keycloak }}/auth/realms/{{ current_realm_name }}"
-connect_wordpress_oidc_provider_url: "{{ http_s }}://{{ shared_service_keycloak_hostname }}/auth/realms/{{ current_realm_name }}"
+connect_wordpress_oidc_provider_url: "{{ http_s }}://{{ shared_service_hostname_keycloak }}/auth/realms/{{ current_realm_name }}"
 connect_wordpress_oidc_client_id: "{{ cluster_name }}"
 connect_wordpress_oidc_client_secret: "{{ cluster_name }}"
 

group_vars/stage_dev/plain.yml

@@ -4,48 +4,6 @@ stage: "dev"
 
 # TODO read configuration with hetzner rest api
 shared_service_network: "10.0.0.0/16"
-shared_service_elastic_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_logstash_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-logstash-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_harbor_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-harbor-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_pdns_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-pdns-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_mail_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-mail-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
 shared_service_pg_master_ip: "{{ stage_server_infos
   | selectattr('name', 'match', stage + '-postgres-01' )
   | map(attribute='private_ip')
@@ -58,92 +16,6 @@ shared_service_pg_slave_ip: "{{ stage_server_infos
   | list
   | first
   | default('-') }}"
-shared_service_maria_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-maria-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_keycloak_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-keycloak-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_iam_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-iam-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_webdav_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-webdav-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_gitea_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-gitea-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_redis_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-redis-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_04: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-04' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_management_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-management-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-
-shared_service_kube_ip: "{{ stage_private_ingress_loadbalancer_ip | default('-') }}"
 
 shared_service_maria_hostname: "{{ stage }}-maria-01"
 shared_service_postgres_01_hostname: "{{ stage }}-postgres-01"
@@ -152,149 +24,13 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
-shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
-
-kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain_env }}"
-kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain_env }}"
-kube_master_03_hostname: "{{ stage }}-kube-master-03.{{ domain_env }}"
-kube_node_01_hostname: "{{ stage }}-kube-node-01.{{ domain_env }}"
-kube_node_02_hostname: "{{ stage }}-kube-node-02.{{ domain_env }}"
-kube_node_03_hostname: "{{ stage }}-kube-node-03.{{ domain_env }}"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
 shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_redis_hostname: "{{ stage }}-redis-01.{{ domain_env }}"
-shared_service_kube_argocd_hostname: "{{ stage }}-kube-argocd.{{ domain_env }}"
-shared_service_kube_awx_hostname: "{{ stage }}-kube-awx.{{ domain_env }}"
-shared_service_kube_prometheus_hostname: "{{ stage }}-kube-prometheus.{{ domain_env }}"
-shared_service_kube_jaeger_collector_hostname: "{{ stage }}-kube-jaeger-collector.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 shared_service_webdav_hostname: "{{ stage }}-webdav-01.{{ domain_env }}"
-shared_service_keycloak_hostname: "{{ stage }}-keycloak-01.{{ domain_env }}"
-shared_service_harbor_hostname: "{{ stage }}-harbor-01.{{ domain_env }}"
-
-management_service_connect_hostname: "{{ stage }}-management-01-connect.{{ domain_env }}"
-
-keycloak_server_url: "https://{{ shared_service_keycloak_hostname }}"
-
-shared_service_hosts: [
-  {
-    ip: "127.0.1.1",
-    name: "{{ inventory_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_01 }}",
-    name: "{{ shared_service_elastic_stack_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_02 }}",
-    name: "{{ shared_service_elastic_stack_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_03 }}",
-    name: "{{ shared_service_elastic_stack_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_logstash_01 }}",
-    name: "{{ shared_service_elastic_stack_logstash_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_maria_ip }}",
-    name: "{{ shared_service_maria_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_master_ip }}",
-    name: "{{ shared_service_postgres_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_slave_ip }}",
-    name: "{{ shared_service_postgres_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_harbor_ip }}",
-    name: "{{ shared_service_harbor_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_mail_ip }}",
-    name: "{{ shared_service_mail_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_keycloak_ip }}",
-    name: "{{ shared_service_keycloak_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_iam_ip }}",
-    name: "{{ shared_service_iam_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_webdav_ip }}",
-    name: "{{ shared_service_webdav_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_gitea_ip }}",
-    name: "{{ shared_service_gitea_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_redis_ip }}",
-    name: "{{ shared_service_redis_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_01 }}",
-    name: "{{ kube_master_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_02 }}",
-    name: "{{ kube_master_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_03 }}",
-    name: "{{ kube_master_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_01 }}",
-    name: "{{ kube_node_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_02 }}",
-    name: "{{ kube_node_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_03 }}",
-    name: "{{ kube_node_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pdns_ip }}",
-    name: "{{ shared_service_pdns_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_argocd_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_awx_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_prometheus_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_jaeger_collector_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_management_ip }}",
-    name: "{{ management_service_connect_hostname }}"
-  }
-]
-
-# TODO read configuration with hetzner rest api
-elastic_stack_network: {
-  dev-elastic-stack-elastic-01: "{{ shared_service_elastic_01 }}",
-  dev-elastic-stack-elastic-02: "{{ shared_service_elastic_02 }}",
-  dev-elastic-stack-elastic-03: "{{ shared_service_elastic_03 }}",
-}
 
 harbor_oidc_realm: "harbor"
 harbor_oidc_client_id: "harbor"
@@ -305,8 +41,6 @@ harbor_oidc_admin_password: "{{ harbor_oidc_admin_password_vault }}"
 management_oidc_realm: "management"
 management_oidc_client_id: "smardigo"
 
-smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages"
-
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"
 webdav_jwt_enabled: true

group_vars/stage_devscr/plain.yml

@@ -16,98 +16,6 @@ default_plattform_users:
 
 # TODO read configuration with hetzner rest api
 shared_service_network: "10.1.0.0/16"
-shared_service_kube_cpl_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_cpl_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_cpl_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-
-shared_service_kube_ip: "{{ stage_private_ingress_loadbalancer_ip | default('-') }}"
-
-kube_cpl_01_hostname: "{{ stage }}-kube-cpl-01.{{ domain }}"
-kube_cpl_02_hostname: "{{ stage }}-kube-cpl-02.{{ domain }}"
-kube_cpl_03_hostname: "{{ stage }}-kube-cpl-03.{{ domain }}"
-kube_node_01_hostname: "{{ stage }}-kube-node-01.{{ domain }}"
-kube_node_02_hostname: "{{ stage }}-kube-node-02.{{ domain }}"
-kube_node_03_hostname: "{{ stage }}-kube-node-03.{{ domain }}"
-
-shared_service_kube_argocd_hostname: "{{ stage }}-kube-argocd.{{ domain }}"
-shared_service_kube_prometheus_hostname: "{{ stage }}-kube-prometheus.{{ domain }}"
-shared_service_kube_harbor_hostname: "{{ stage }}-harbor.{{ domain }}"
-
-shared_service_hosts: [
-  {
-    ip: "127.0.1.1",
-    name: "{{ inventory_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_01 }}",
-    name: "{{ kube_cpl_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_02 }}",
-    name: "{{ kube_cpl_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_03 }}",
-    name: "{{ kube_cpl_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_01 }}",
-    name: "{{ kube_node_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_02 }}",
-    name: "{{ kube_node_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_03 }}",
-    name: "{{ kube_node_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_argocd_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_prometheus_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_harbor_hostname }}"
-  },
-]
 
 netgo_msteams_hook_cd: "{{ netgo_msteams_hook_cd_vault }}"
 netgo_msteams_hook_alerting: "{{ netgo_msteams_hook_alerting_vault }}"
@@ -120,4 +28,4 @@ gpg_key_smardigo_automation__private: '{{ gpg_key_smardigo_automation__private__
 kubernetes_with_awx: False
 kubernetes_with_gitea: True
 
-shared_service_harbor_hostname: "{{ stage }}-harbor.{{ domain }}"
+shared_service_hostname_harbor: "{{ stage }}-harbor.{{ domain }}"

group_vars/stage_ext/plain.yml

@@ -10,9 +10,7 @@ traefik_enabled: true
 filebeat_enabled: false
 node_exporter_enabled: true
 
-shared_service_hosts: []
-
 # an ext server has no private network
 node_exporter_listen_address: "0.0.0.0"
 
-shared_service_harbor_hostname: "prodnso-harbor-01.smardigo.digital"
+shared_service_hostname_harbor: "prodnso-harbor-01.smardigo.digital"

group_vars/stage_prodnso/plain.yml

@@ -4,48 +4,6 @@ stage: "prodnso"
 
 # TODO read configuration with hetzner rest api
 shared_service_network: "10.0.0.0/16"
-shared_service_elastic_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_logstash_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-logstash-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_harbor_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-harbor-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_pdns_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-pdns-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_mail_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-mail-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
 shared_service_pg_master_ip: "{{ stage_server_infos
   | selectattr('name', 'match', stage + '-postgres-01' )
   | map(attribute='private_ip')
@@ -58,86 +16,6 @@ shared_service_pg_slave_ip: "{{ stage_server_infos
   | list
   | first
   | default('-') }}"
-shared_service_maria_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-maria-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_keycloak_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-keycloak-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_iam_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-iam-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_webdav_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-webdav-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_gitea_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-gitea-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_redis_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-redis-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_management_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-management-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-
-shared_service_kube_ip: "{{ stage_private_ingress_loadbalancer_ip | default('-') }}"
 
 shared_service_maria_hostname: "{{ stage }}-maria-01"
 shared_service_postgres_01_hostname: "{{ stage }}-postgres-01"
@@ -146,149 +24,13 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
-shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
-
-kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain_env }}"
-kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain_env }}"
-kube_master_03_hostname: "{{ stage }}-kube-master-03.{{ domain_env }}"
-kube_node_01_hostname: "{{ stage }}-kube-node-01.{{ domain_env }}"
-kube_node_02_hostname: "{{ stage }}-kube-node-02.{{ domain_env }}"
-kube_node_03_hostname: "{{ stage }}-kube-node-03.{{ domain_env }}"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
 shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_redis_hostname: "{{ stage }}-redis-01.{{ domain_env }}"
-shared_service_kube_argocd_hostname: "{{ stage }}-kube-argocd.{{ domain_env }}"
-shared_service_kube_awx_hostname: "{{ stage }}-kube-awx.{{ domain_env }}"
-shared_service_kube_prometheus_hostname: "{{ stage }}-kube-prometheus.{{ domain_env }}"
-shared_service_kube_jaeger_collector_hostname: "{{ stage }}-kube-jaeger-collector.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 shared_service_webdav_hostname: "{{ stage }}-webdav-01.{{ domain_env }}"
-shared_service_keycloak_hostname: "{{ stage }}-keycloak-01.{{ domain_env }}"
-shared_service_harbor_hostname: "{{ stage }}-harbor-01.{{ domain_env }}"
-
-management_service_connect_hostname: "{{ stage }}-management-01-connect.{{ domain_env }}"
-
-keycloak_server_url: "https://{{ shared_service_keycloak_hostname }}"
-
-shared_service_hosts: [
-  {
-    ip: "127.0.1.1",
-    name: "{{ inventory_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_01 }}",
-    name: "{{ shared_service_elastic_stack_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_02 }}",
-    name: "{{ shared_service_elastic_stack_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_03 }}",
-    name: "{{ shared_service_elastic_stack_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_logstash_01 }}",
-    name: "{{ shared_service_elastic_stack_logstash_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_maria_ip }}",
-    name: "{{ shared_service_maria_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_master_ip }}",
-    name: "{{ shared_service_postgres_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_slave_ip }}",
-    name: "{{ shared_service_postgres_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_harbor_ip }}",
-    name: "{{ shared_service_harbor_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_mail_ip }}",
-    name: "{{ shared_service_mail_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_keycloak_ip }}",
-    name: "{{ shared_service_keycloak_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_iam_ip }}",
-    name: "{{ shared_service_iam_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_webdav_ip }}",
-    name: "{{ shared_service_webdav_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_gitea_ip }}",
-    name: "{{ shared_service_gitea_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_redis_ip }}",
-    name: "{{ shared_service_redis_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_01 }}",
-    name: "{{ kube_master_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_02 }}",
-    name: "{{ kube_master_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_03 }}",
-    name: "{{ kube_master_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_01 }}",
-    name: "{{ kube_node_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_02 }}",
-    name: "{{ kube_node_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_03 }}",
-    name: "{{ kube_node_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pdns_ip }}",
-    name: "{{ shared_service_pdns_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_argocd_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_awx_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_prometheus_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_jaeger_collector_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_management_ip }}",
-    name: "{{ management_service_connect_hostname }}"
-  }
-]
-
-# TODO read configuration with hetzner rest api
-elastic_stack_network: {
-  prodnso-elastic-stack-elastic-01: "{{ shared_service_elastic_01 }}",
-  prodnso-elastic-stack-elastic-02: "{{ shared_service_elastic_02 }}",
-  prodnso-elastic-stack-elastic-03: "{{ shared_service_elastic_03 }}",
-}
 
 harbor_oidc_realm: "harbor"
 harbor_oidc_client_id: "harbor"
@@ -299,8 +41,6 @@ harbor_oidc_admin_password: "{{ harbor_oidc_admin_password_vault }}"
 management_oidc_realm: "management"
 management_oidc_client_id: "smardigo"
 
-smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages"
-
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"
 webdav_jwt_enabled: true

group_vars/stage_prodwork01/plain.yml

@@ -12,86 +12,10 @@ default_plattform_users:
 
 # TODO read configuration with hetzner rest api
 shared_service_network: "10.3.0.0/16"
-shared_service_kube_cpl_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_cpl_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_cpl_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-cpl-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-
-shared_service_kube_ip: "{{ stage_private_ingress_loadbalancer_ip | default('-') }}"
-
-kube_cpl_01_hostname: "{{ stage }}-kube-cpl-01.{{ domain_env }}"
-kube_cpl_02_hostname: "{{ stage }}-kube-cpl-02.{{ domain_env }}"
-kube_cpl_03_hostname: "{{ stage }}-kube-cpl-03.{{ domain_env }}"
-kube_node_01_hostname: "{{ stage }}-kube-node-01.{{ domain_env }}"
-kube_node_02_hostname: "{{ stage }}-kube-node-02.{{ domain_env }}"
-kube_node_03_hostname: "{{ stage }}-kube-node-03.{{ domain_env }}"
-
-shared_service_hosts: [
-  {
-    ip: "127.0.1.1",
-    name: "{{ inventory_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_01 }}",
-    name: "{{ kube_cpl_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_02 }}",
-    name: "{{ kube_cpl_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_cpl_03 }}",
-    name: "{{ kube_cpl_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_01 }}",
-    name: "{{ kube_node_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_02 }}",
-    name: "{{ kube_node_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_03 }}",
-    name: "{{ kube_node_03_hostname }}"
-  }
-]
 
 filebeat_enabled: false
 
-shared_service_harbor_hostname: "prodnso-harbor-01.{{ domain }}"
+shared_service_hostname_harbor: "prodnso-harbor-01.{{ domain }}"
 
 netgo_msteams_hook_cd: "{{ netgo_msteams_hook_cd_vault }}"
 netgo_msteams_hook_alerting: "{{ netgo_msteams_hook_alerting_vault }}"

group_vars/stage_qa/plain.yml

@@ -4,48 +4,6 @@ stage: "qa"
 
 # TODO read configuration with hetzner rest api
 shared_service_network: "10.1.0.0/16"
-shared_service_elastic_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_elastic_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-elastic-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_logstash_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-elastic-stack-logstash-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_harbor_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-harbor-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_pdns_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-pdns-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_mail_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-mail-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
 shared_service_pg_master_ip: "{{ stage_server_infos
   | selectattr('name', 'match', stage + '-postgres-01' )
   | map(attribute='private_ip')
@@ -58,86 +16,6 @@ shared_service_pg_slave_ip: "{{ stage_server_infos
   | list
   | first
   | default('-') }}"
-shared_service_maria_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-maria-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_keycloak_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-keycloak-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_iam_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-iam-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_webdav_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-webdav-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_gitea_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-gitea-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_redis_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-redis-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_master_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-master-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_01: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_02: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-02' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_kube_node_03: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-kube-node-03' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-shared_service_management_ip: "{{ stage_server_infos
-  | selectattr('name', 'match', stage + '-management-01' )
-  | map(attribute='private_ip')
-  | list
-  | first
-  | default('-') }}"
-
-shared_service_kube_ip: "{{ stage_private_ingress_loadbalancer_ip | default('-') }}"
 
 shared_service_maria_hostname: "{{ stage }}-maria-01"
 shared_service_postgres_01_hostname: "{{ stage }}-postgres-01"
@@ -146,149 +24,13 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
-shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
-
-kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain_env }}"
-kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain_env }}"
-kube_master_03_hostname: "{{ stage }}-kube-master-03.{{ domain_env }}"
-kube_node_01_hostname: "{{ stage }}-kube-node-01.{{ domain_env }}"
-kube_node_02_hostname: "{{ stage }}-kube-node-02.{{ domain_env }}"
-kube_node_03_hostname: "{{ stage }}-kube-node-03.{{ domain_env }}"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
 shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_redis_hostname: "{{ stage }}-redis-01.{{ domain_env }}"
-shared_service_kube_argocd_hostname: "{{ stage }}-kube-argocd.{{ domain_env }}"
-shared_service_kube_awx_hostname: "{{ stage }}-kube-awx.{{ domain_env }}"
-shared_service_kube_prometheus_hostname: "{{ stage }}-kube-prometheus.{{ domain_env }}"
-shared_service_kube_jaeger_collector_hostname: "{{ stage }}-kube-jaeger-collector.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 shared_service_webdav_hostname: "{{ stage }}-webdav-01.{{ domain_env }}"
-shared_service_keycloak_hostname: "{{ stage }}-keycloak-01.{{ domain_env }}"
-shared_service_harbor_hostname: "{{ stage }}-harbor-01.{{ domain_env }}"
-
-management_service_connect_hostname: "{{ stage }}-management-01-connect.{{ domain_env }}"
-
-keycloak_server_url: "https://{{ shared_service_keycloak_hostname }}"
-
-shared_service_hosts: [
-  {
-    ip: "127.0.1.1",
-    name: "{{ inventory_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_01 }}",
-    name: "{{ shared_service_elastic_stack_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_02 }}",
-    name: "{{ shared_service_elastic_stack_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_elastic_03 }}",
-    name: "{{ shared_service_elastic_stack_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_logstash_01 }}",
-    name: "{{ shared_service_elastic_stack_logstash_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_maria_ip }}",
-    name: "{{ shared_service_maria_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_master_ip }}",
-    name: "{{ shared_service_postgres_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pg_slave_ip }}",
-    name: "{{ shared_service_postgres_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_harbor_ip }}",
-    name: "{{ shared_service_harbor_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_mail_ip }}",
-    name: "{{ shared_service_mail_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_keycloak_ip }}",
-    name: "{{ shared_service_keycloak_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_iam_ip }}",
-    name: "{{ shared_service_iam_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_webdav_ip }}",
-    name: "{{ shared_service_webdav_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_gitea_ip }}",
-    name: "{{ shared_service_gitea_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_redis_ip }}",
-    name: "{{ shared_service_redis_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_01 }}",
-    name: "{{ kube_master_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_02 }}",
-    name: "{{ kube_master_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_master_03 }}",
-    name: "{{ kube_master_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_01 }}",
-    name: "{{ kube_node_01_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_02 }}",
-    name: "{{ kube_node_02_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_node_03 }}",
-    name: "{{ kube_node_03_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_pdns_ip }}",
-    name: "{{ shared_service_pdns_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_argocd_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_awx_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_prometheus_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_kube_ip }}",
-    name: "{{ shared_service_kube_jaeger_collector_hostname }}"
-  },
-  {
-    ip: "{{ shared_service_management_ip }}",
-    name: "{{ management_service_connect_hostname }}"
-  }
-]
-
-# TODO read configuration with hetzner rest api
-elastic_stack_network: {
-  qa-elastic-stack-elastic-01: "{{ shared_service_elastic_01 }}",
-  qa-elastic-stack-elastic-02: "{{ shared_service_elastic_02 }}",
-  qa-elastic-stack-elastic-03: "{{ shared_service_elastic_03 }}",
-}
 
 harbor_oidc_realm: "harbor"
 harbor_oidc_client_id: "harbor"
@@ -299,8 +41,6 @@ harbor_oidc_admin_password: "{{ harbor_oidc_admin_password_vault }}"
 management_oidc_realm: "management"
 management_oidc_client_id: "smardigo"
 
-smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages"
-
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"
 webdav_jwt_enabled: true

import-database.yml

@@ -94,5 +94,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

patchday.yml

@@ -3,7 +3,6 @@
 ### tags:
 ###   check_elastic_cluster
 
-
 - hosts: prometheus
   vars:
     start: '{{ ansible_date_time.epoch }}'

pmci-callback.yml

@@ -18,5 +18,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

remove-database.yml

@@ -121,5 +121,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

remove-realm.yml

@@ -92,5 +92,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

remove-server.yml

@@ -91,5 +91,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

remove-service.yml

@@ -90,5 +90,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

restore-database-backup.yml

@@ -96,5 +96,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

restore-remote-database-backup.yml

@@ -261,5 +261,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

roles/common/configs/docker/config.json.j2

@@ -1,6 +1,6 @@
 {
   "auths": {
-    "{{ shared_service_harbor_hostname }}": {
+    "{{ shared_service_hostname_harbor }}": {
       "auth": "{{ [harbor_username, harbor_token] | join(":") | string | b64encode }}"
     }
   }

roles/common/tasks/main.yml

@@ -20,8 +20,31 @@
     state: present
     create: yes
     block: |
-      {% for host in shared_service_hosts %}
+      {{ '127.0.1.1 ' + inventory_hostname }}
-      {{ host.ip }} {{ host.name }}
+      {{ '# shared services without domain (only internal available)' }}
+      {% for server_info in stage_server_infos | default([]) | sort(attribute='name') %}
+      {% if
+         server_info.service in ['elastic','logstash','maria','postgres']
+      %}
+      {{ server_info.private_ip + ' ' + server_info.name }}
+      {% endif %}
+      {% endfor %}
+      {{ '# shared services with domain (maybe external available)' }}
+      {% for server_info in stage_server_infos | default([]) | sort(attribute='name') %}
+      {% if
+        server_info.service in ['harbor','gitea','postfix','keycloak','iam']
+        or server_info.name == shared_service_host_management | default([])
+      %}
+      {{ server_info.private_ip + ' ' + server_info.name + '.' + domain_env }}
+      {% endif %}
+      {% endfor %}
+      {{ '# additional services behind kube loadbalancer (maybe available)' }}
+      {% for host in shared_service_additional_hosts|default([]) %}
+      {% if shared_service_kube_loadbalancer_ip_not_available == host.ip %}
+      {{ '# loadbalancer private ip not available for ' + stage + ':' + host.name + ' (use dynamic inventory)'}}
+      {% else %}
+      {{ host.ip + ' ' + host.name }}
+      {% endif %}
       {% endfor %}
   when:
     - "'hcloud' in group_names"

roles/connect/defaults/main.yml

@@ -1,6 +1,6 @@
 ---
 
-connect_image_name: "{{ shared_service_harbor_hostname }}/smardigo/connect-whitelabel-app"
+connect_image_name: "{{ shared_service_hostname_harbor }}/smardigo/connect-whitelabel-app"
 
 connect_mail_host: "{{ shared_service_mail_hostname }}"
 connect_mail_properties_base_url: "{{ http_s }}://{{ connect_base_url }}"

roles/connect_compact/defaults/main.yml

@@ -5,9 +5,9 @@ connect_admin_username: "connect-admin"
 connect_admin_password: "{{ connect_admin_password_vault }}"
 connect_postgres_username: "connect-postgres-username"
 connect_postgres_password: "{{ connect_postgres_password_vault }}"
-connect_image_name: "{{ shared_service_harbor_hostname }}/smardigo/connect-whitelabel-app"
+connect_image_name: "{{ shared_service_hostname_harbor }}/smardigo/connect-whitelabel-app"
 
-iam_image_name: "{{ shared_service_harbor_hostname }}/smardigo/iam-app"
+iam_image_name: "{{ shared_service_hostname_harbor }}/smardigo/iam-app"
 
 elasticsearch_username: "elastic"
 elasticsearch_password: "{{ elasticsearch_password_vault }}"
@@ -17,7 +17,7 @@ keycloak_admin_username: "keycloak-admin"
 keycloak_admin_password: "{{ keycloak_admin_password_vault }}"
 keycloak_postgres_username: "keycloak_postgres"
 keycloak_postgres_password: "{{ keycloak_postgres_password_vault }}"
-keycloak_image_name: "{{ shared_service_harbor_hostname }}/smardigo/keycloak"
+keycloak_image_name: "{{ shared_service_hostname_harbor }}/smardigo/keycloak"
 
 kibana_id: "{{ inventory_hostname }}-kibana"
 

roles/connect_wordpress/defaults/main.yml

@@ -1,4 +1,4 @@
 ---
 
-wordpress_image_name: "{{ shared_service_harbor_hostname }}/smardigo/wordpress"
+wordpress_image_name: "{{ shared_service_hostname_harbor }}/smardigo/wordpress"
 wordpress_image_version: '1.3.1'

roles/connect_wordpress/vars/main.yml

@@ -43,7 +43,7 @@ wordpress_docker: {
         "  define( 'WP_HOME', 'https://{{ wordpress_base_url }}' );",
         "  define( 'WP_SITEURL', 'https://{{ wordpress_base_url }}' );",
         "  define( 'MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT );",
-        "AUTH_API: \"https://{{ shared_service_keycloak_hostname }}\"",
+        "AUTH_API: \"https://{{ shared_service_hostname_keycloak }}\"",
         "RESOURCE_API: \"https://{{ connect_base_url }}\"",
         "REALM_ID: \"{{ current_realm_name }}\"",
         "REGISTRATION_ID: \"{{ connect_wordpress_oidc_client_id }}\"",

roles/elastic/vars/main.yml

@@ -27,7 +27,7 @@ elastic_docker: {
         "cluster.initial_master_nodes: {{ groups['elastic']
           | join(',')}}",
         "bootstrap.memory_lock: \"true\"",
-        "network.publish_host: {{ elastic_stack_network[inventory_hostname] }}",
+        "network.publish_host: \"{{ hostvars[inventory_hostname]['stage_private_server_ip'] }}",
         "xpack.security.enabled: \"true\"",
         "xpack.security.http.ssl.enabled: \"true\"",
         "xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/ca.crt",

roles/harbor/defaults/main.yml

@@ -7,10 +7,6 @@ harbor_id: '{{ inventory_hostname }}-harbor'
 
 harbor_dockercompose_customized:
   services:
-    core:
-      extra_hosts:
-        - '{{ shared_service_keycloak_hostname }}:{{ shared_service_keycloak_ip }}'
-        - '{{ shared_service_mail_hostname }}:{{ shared_service_mail_ip }}'
     proxy:
       networks:
         - harbor
@@ -45,7 +41,7 @@ harbor_base_configuration:
   email_insecure: true
   auth_mode: oidc_auth
   oidc_name: "{{ harbor_oidc_realm }}"
-  oidc_endpoint: 'https://{{ shared_service_keycloak_hostname }}/auth/realms/{{ harbor_oidc_realm }}'
+  oidc_endpoint: 'https://{{ shared_service_hostname_keycloak }}/auth/realms/{{ harbor_oidc_realm }}'
   oidc_client_id: "{{ harbor_oidc_client_id }}"
   oidc_client_secret: "{{ harbor_oidc_client_secret }}"
   oidc_groups_claim: groups

roles/harbor_realm/defaults/main.yml

@@ -4,14 +4,14 @@ current_realm_clients: [
   {
     name: "{{ harbor_oidc_client_id }}",
     clientId: "{{ harbor_oidc_client_id }}",
-    admin_url: "{{ http_s }}://{{ shared_service_harbor_hostname }}",
+    admin_url: "{{ http_s }}://{{ shared_service_hostname_harbor }}",
-    root_url: "{{ http_s }}://{{ shared_service_harbor_hostname }}",
+    root_url: "{{ http_s }}://{{ shared_service_hostname_harbor }}",
     redirect_uris: [
-      "{{ http_s }}://{{ shared_service_harbor_hostname }}/*"
+      "{{ http_s }}://{{ shared_service_hostname_harbor }}/*"
     ],
     secret: "{{ harbor_oidc_client_secret }}",
     web_origins: [
-      "{{ http_s }}://{{ shared_service_harbor_hostname }}"
+      "{{ http_s }}://{{ shared_service_hostname_harbor }}"
     ]
   }
 ]

roles/iam/defaults/main.yml

@@ -1,3 +1,3 @@
 ---
 
-iam_image_name: '{{ shared_service_harbor_hostname }}/smardigo/iam-app'
+iam_image_name: '{{ shared_service_hostname_harbor }}/smardigo/iam-app'

roles/iam/vars/main.yml

@@ -4,7 +4,7 @@ iam_id: "{{ inventory_hostname }}-iam"
 
 iam_cache_timeout: 600s
 
-iam_keycloak_auth_server_url: "https://{{ shared_service_keycloak_hostname }}/auth"
+iam_keycloak_auth_server_url: "https://{{ shared_service_hostname_keycloak }}/auth"
 iam_keycloak_admin_user: "{{ keycloak_admin_username }}"
 iam_keycloak_admin_password: "{{ keycloak_admin_password }}"
 

roles/infrastructure_realm/defaults/main.yml

@@ -3,7 +3,7 @@
 infrastructure_realm_name: "infrastructure"
 
 argocd_server_url: "{{ http_s}}://{{ stage }}-argocd.{{ domain }}"
-keycloak_server_url: "{{ http_s}}://{{ stage }}-keycloak-01-keycloak.{{ domain }}"
+shared_service_url_keycloak: "{{ http_s}}://{{ stage }}-keycloak-01-keycloak.{{ domain }}"
 
 current_realm_name: "{{ infrastructure_realm_name }}"
 shared_service_mail_hostname: "not_available"

roles/keycloak/defaults/main.yml

@@ -3,7 +3,7 @@
 # TODO doesn't bind to local port (currently used by setup keycloak with ansible)
 service_port_keycloak_external: "8110"
 
-keycloak_image: "{{ shared_service_harbor_hostname }}/smardigo/keycloak"
+keycloak_image: "{{ shared_service_hostname_harbor }}/smardigo/keycloak"
 
 keycloak_default_client_scopes:
   - web-origins

roles/keycloak/tasks/_authenticate.yml

@@ -1,7 +1,7 @@
 ---
 - name: "Authenticating with keycloak server"
   uri:
-    url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token"
+    url: "{{ shared_service_url_keycloak }}/auth/realms/master/protocol/openid-connect/token"
     method: POST
     body_format: form-urlencoded
     body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'

roles/keycloak/tasks/_configure_client_crud.yml

@@ -3,7 +3,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients"
     method: GET
     headers:
       Authorization: "Bearer {{ bearer_token }} "
@@ -12,7 +12,7 @@
 
 - name: "CREATING client <{{ client_id }}> for realm <{{ realm_name }}>"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients"
     method: POST
     body_format: json
     body: "{{ keycloak_client_object }}"
@@ -35,7 +35,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: '{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients/{{ id }}'
+    url: '{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients/{{ id }}'
     method: PUT
     body_format: json
     body: "{{ keycloak_client_object }}"
@@ -50,7 +50,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: '{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients/{{ id }}'
+    url: '{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients/{{ id }}'
     method: DELETE
     body_format: json
     body: "{{ keycloak_client_object }}"

roles/keycloak/tasks/_configure_realm.yml

@@ -9,7 +9,7 @@
     auth_client_id: "admin-cli"
     auth_username: "{{ keycloak_admin_username }}"
     auth_password: "{{ keycloak_admin_password }}"
-    auth_keycloak_url: "{{ keycloak_server_url }}/auth"
+    auth_keycloak_url: "{{ shared_service_url_keycloak }}/auth"
     account_theme: "smardigo-theme"
     admin_theme: "smardigo-theme"
     login_theme: "smardigo-theme"
@@ -40,7 +40,7 @@
 - name: "Creating keycloak clientscopes"
   community.general.keycloak_clientscope:
     auth_client_id: admin-cli
-    auth_keycloak_url: "{{ keycloak_server_url }}/auth"
+    auth_keycloak_url: "{{ shared_service_url_keycloak }}/auth"
     auth_realm: "master"
     auth_username: "{{ keycloak_admin_username }}"
     auth_password: "{{ keycloak_admin_password }}"
@@ -57,7 +57,7 @@
     auth_client_id: "admin-cli"
     auth_username: "{{ keycloak_admin_username }}"
     auth_password: "{{ keycloak_admin_password }}"
-    auth_keycloak_url: "{{ keycloak_server_url }}/auth"
+    auth_keycloak_url: "{{ shared_service_url_keycloak }}/auth"
     state: present
     realm: "{{ current_realm_name }}"
     client_id: "{{ client.clientId }}"

roles/keycloak/tasks/_configure_realm_admin_users.yml

@@ -1,7 +1,7 @@
 ---
 - name: "Reading users of realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -34,7 +34,7 @@
 
 - name: "Reading realm clients"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/clients"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/clients"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -67,7 +67,7 @@
 
 - name: "Reading available role mappings for realm management client"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users/{{ realm_admin_user_id }}/role-mappings/clients/{{ realm_management_client_id }}/available"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users/{{ realm_admin_user_id }}/role-mappings/clients/{{ realm_management_client_id }}/available"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -94,7 +94,7 @@
 
 - name: "Adding realm admin role to user {{ realm_admin_user_id }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users/{{ realm_admin_user_id }}/role-mappings/clients/{{ realm_management_client_id }}"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users/{{ realm_admin_user_id }}/role-mappings/clients/{{ realm_management_client_id }}"
     method: POST
     body_format: json
     body: "{{ lookup('template','keycloak-become-realm-admin-user.json.j2') }}"

roles/keycloak/tasks/_configure_user_groupmembership_crud.yml

@@ -3,7 +3,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/groups"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/groups"
     method: GET
     headers:
       Authorization: "Bearer {{ bearer_token }} "
@@ -14,7 +14,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/users"
     method: GET
     headers:
       Authorization: "Bearer {{ bearer_token }} "
@@ -30,7 +30,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/users/{{ user_id }}/groups/"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/users/{{ user_id }}/groups/"
     method: GET
     headers:
       Authorization: "Bearer {{ bearer_token }} "
@@ -41,7 +41,7 @@
   delegate_to: 127.0.0.1
   become: false
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/users/{{ user_id }}/groups/{{ group_id }}"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/users/{{ user_id }}/groups/{{ group_id }}"
     method: PUT
     body_format: json
     headers:

roles/keycloak/tasks/_create_realm_admin.yml

@@ -1,7 +1,7 @@
 ---
 - name: "Reading users of realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -50,7 +50,7 @@
 
 - name: "Creating users for realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users"
     method: POST
     body_format: json
     body: "{{ lookup('template','keycloak-realm-create-user.json.j2') }}"

roles/keycloak/tasks/_create_realm_groups.yml

@@ -1,7 +1,7 @@
 ---
 - name: Read groups of realm {{ current_realm_name }}
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/groups"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -45,7 +45,7 @@
 
 - name: "Create groups for realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/groups"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/groups"
     method: POST
     body_format: json
     body: "{{ lookup('template','keycloak-realm-create-group.json.j2') }}"

roles/keycloak/tasks/_create_realm_users.yml

@@ -1,7 +1,7 @@
 ---
 - name: "Reading users of realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users"
     method: GET
     headers:
       Authorization: "Bearer {{ access_token }} "
@@ -50,7 +50,7 @@
 
 - name: "Creating users for realm {{ current_realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ current_realm_name }}/users"
     method: POST
     body_format: json
     body: "{{ lookup('template','keycloak-realm-create-user.json.j2') }}"

roles/keycloak/tasks/_delete_client.yml

@@ -7,7 +7,7 @@
 
 - name: "Authenticate with Keycloak server"
   uri:
-    url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token"
+    url: "{{ shared_service_url_keycloak }}/auth/realms/master/protocol/openid-connect/token"
     method: POST
     body_format: form-urlencoded
     body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'
@@ -19,7 +19,7 @@
 
 - name: "Read clients from realm {{ realm_name }}"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients"
     method: GET
     headers:
       Authorization: "Bearer {{ keycloak_authentication.json.access_token }}"
@@ -70,7 +70,7 @@
 
 - name: "Deleting client <{{ client_name }}> for realm <{{ realm_name }}>"
   uri:
-    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients/{{ realm_client_id }}"
+    url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ realm_name }}/clients/{{ realm_client_id }}"
     method: DELETE
     body_format: json
     headers:

roles/keycloak/tasks/main.yml

@@ -59,7 +59,7 @@
 
 - name: "Setting local keycloak url"
   set_fact:  
-    keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}"
+    shared_service_url_keycloak: "http://localhost:{{ service_port_keycloak_external }}"
   when: "'keycloak' in group_names"
 
 - name: "Wait for <localhost:{{ service_port_keycloak_external }}>"
@@ -70,7 +70,7 @@
 
 - name: "Authenticate with Keycloak server"
   uri:
-    url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token"
+    url: "{{ shared_service_url_keycloak }}/auth/realms/master/protocol/openid-connect/token"
     method: POST
     body_format: form-urlencoded
     body: 'username={{ keycloak_admin_username }}&password={{ keycloak_admin_password }}&client_id=admin-cli&grant_type=password'
@@ -96,7 +96,7 @@
     auth_client_id: "admin-cli"
     auth_username: "{{ keycloak_admin_username }}"
     auth_password: "{{ keycloak_admin_password }}"
-    auth_keycloak_url: "{{ keycloak_server_url }}/auth"
+    auth_keycloak_url: "{{ shared_service_url_keycloak }}/auth"
     account_theme: "smardigo-theme"
     admin_theme: "smardigo-theme"
     login_theme: "smardigo-theme"

roles/keycloak_compact/defaults/main.yml

@@ -5,7 +5,7 @@ keycloak_admin_username: "keycloak-admin"
 keycloak_admin_password: "{{ keycloak_admin_password_vault }}"
 keycloak_postgres_username: "keycloak_postgres"
 keycloak_postgres_password: "{{ keycloak_postgres_password_vault }}"
-keycloak_image_name: "{{ shared_service_harbor_hostname }}/smardigo/keycloak"
+keycloak_image_name: "{{ shared_service_hostname_harbor }}/smardigo/keycloak"
 
 keycloak_compact_tls_cert_resolver: letsencrypt-http
 

roles/keycloak_compact/tasks/main.yml

@@ -47,7 +47,7 @@
 
 - name: "Setting local keycloak url"
   set_fact:  
-    keycloak_server_url: "http://localhost:{{ service_port_keycloak_external }}"
+    shared_service_url_keycloak: "http://localhost:{{ service_port_keycloak_external }}"
 
 - name: "Wait for <localhost:{{ service_port_keycloak_external }}>"
   wait_for:

roles/kibana/defaults/main.yaml

@@ -10,7 +10,6 @@ prometheus_es_exporter__username: '{{ stage }}-prometheus-es-exporter'
 prometheus_es_exporter__password: '{{ prometheus_es_exporter__password_vault }}'
 prometheus_es_exporter__email: 'nso.devops@netgo.de'
 
-kibana_api_endpoint: '{{ shared_service_elastic_stack_kibana_01_hostname }}-kibana.{{ domain }}'
 kibana_technical_users:
   -
     elastic_users:

roles/kibana/tasks/_configure_dashboards.yml

@@ -10,7 +10,7 @@
 - name: "Dashboards: Get all searches in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -47,7 +47,7 @@
   - name: "Dashboards: Get all searches in elasticsearch"
     delegate_to: localhost
     uri:
-      url: "https://{{ kibana_api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=search"
+      url: "{{ shared_service_url_kibana }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=search"
       method: GET
       status_code: [200]
       user: "{{ elastic_admin_username }}"
@@ -121,7 +121,7 @@
 - name: "Create {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -140,7 +140,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -159,7 +159,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/_configure_indexpattern.yml

@@ -9,7 +9,7 @@
 - name: "Get all index patterns in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -49,7 +49,7 @@
 - name: "Create <{{ es_object_type }}> <{{ elastic_index_pattern.attributes.title }}>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -68,7 +68,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -87,7 +87,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_roles.yml

@@ -8,7 +8,7 @@
 - name: "Get all roles in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -39,7 +39,7 @@
 - name: "Create role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_role.name }}"
     method: PUT
     status_code: [204]
     user: "{{ elastic_admin_username }}" 
@@ -58,7 +58,7 @@
 - name: "Update role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_role.name }}"
     method: PUT
     status_code: [204]
     user: "{{ elastic_admin_username }}" 
@@ -77,7 +77,7 @@
 - name: "DELETE role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_role.name }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_searches.yml

@@ -10,7 +10,7 @@
 - name: "Get all searches in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type=search"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/_find?per_page=10000&type=search"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -46,7 +46,7 @@
   - name: "Get all indexpatterns in elasticsearch"
     delegate_to: localhost
     uri:
-      url: "https://{{ kibana_api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=index-pattern"
+      url: "{{ shared_service_url_kibana }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=index-pattern"
       method: GET
       status_code: [200]
       user: "{{ elastic_admin_username }}" 
@@ -109,7 +109,7 @@
 - name: "Create {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -128,7 +128,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -147,7 +147,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
+    url: '{{ shared_service_url_kibana }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_spaces.yml

@@ -8,7 +8,7 @@
 - name: "Get all spaces in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -46,7 +46,7 @@
 - name: "Create space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -65,7 +65,7 @@
 - name: "Update space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_space.name }}"
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -84,7 +84,7 @@
 - name: "Update space advanced settings <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}/s/{{ elastic_space.name }}/api/kibana/settings"
+    url: "{{ shared_service_url_kibana }}/s/{{ elastic_space.name }}/api/kibana/settings"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -103,7 +103,7 @@
 - name: "DELETE space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_space.name }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/_configure_users.yml

@@ -9,7 +9,7 @@
 - name: "Get all users in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -48,7 +48,7 @@
 - name: "Create user <<{{ elastic_user.username }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_user.username }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -67,7 +67,7 @@
 - name: "Update user <<{{ elastic_user.username }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_user.username }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -86,7 +86,7 @@
 - name: "DELETE user << elastic_user.username >>"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/{{ elastic_user.username }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_import_savedobjects.yml

@@ -1,5 +1,5 @@
 ---
-- name: "Importing kibana objects to <{{ kibana_api_endpoint }}>"
+- name: "Importing kibana objects to <{{ shared_service_url_kibana }}>"
   include_tasks: import_service_ojects.yml
   loop: "{{ es_index_pattern_services }}"
   loop_control:
@@ -9,7 +9,7 @@
 - name: "Setting default index pattern"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}/s/{{ stage }}-{{ tenant_id }}/api/kibana/settings"
+    url: "{{ shared_service_url_kibana }}/s/{{ stage }}-{{ tenant_id }}/api/kibana/settings"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/import_service_ojects.yml

@@ -32,7 +32,7 @@
 - name: "Importing service objects to kibana"
   delegate_to: localhost
   uri:
-    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_import?overwrite=true"
+    url: "{{ shared_service_url_kibana }}{{ api_path }}/_import?overwrite=true"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kubernetes/argocd/defaults/main.yml

@@ -32,17 +32,6 @@ argocd_server_admin_password: "{{ argocd_server_admin_password_vault | default(
 
 # https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd
 k8s_argocd_helm__release_values:
-  global:
-    hostAliases:
-      - ip: "{{ shared_service_harbor_ip }}"
-        hostnames:
-          - "{{ shared_service_harbor_hostname }}"
-      - ip: "{{ shared_service_keycloak_ip }}"
-        hostnames:
-          - "{{ shared_service_keycloak_hostname }}"
-      - ip: "{{ shared_service_gitea_ip }}"
-        hostnames:
-          - "{{ shared_service_gitea_hostname }}"
   controller:
     logLevel: warn
     logFormat: json
@@ -195,7 +184,7 @@ k8s_argocd_helm__release_values:
     config:
       oidc.config: |
         name: Keycloak
-        issuer: '{{ keycloak_server_url }}/auth/realms/argocd'
+        issuer: '{{ shared_service_url_keycloak }}/auth/realms/argocd'
         clientID: '{{ argo_client_id }}'
         clientSecret: $oidc.keycloak.clientSecret
         requestedScopes: ["openid", "profile", "email", "{{ argo_keycloak_clientscope_name }}"]

roles/kubernetes/argocd/tasks/main.yml

@@ -88,7 +88,7 @@
     become: False
     community.general.keycloak_clientscope:
       auth_client_id: admin-cli
-      auth_keycloak_url: "{{ keycloak_server_url }}/auth"
+      auth_keycloak_url: "{{ shared_service_url_keycloak }}/auth"
       auth_realm: 'master'
       auth_username: "{{ keycloak_admin_username }}"
       auth_password: "{{ keycloak_admin_password }}"
@@ -154,7 +154,7 @@
     delegate_to: localhost
     become: False
     uri:
-      url: "{{ keycloak_server_url }}/auth/admin/realms/{{ argo_realm_name }}/clients"
+      url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ argo_realm_name }}/clients"
       method: GET
       headers:
         Content-Type: "application/json"
@@ -179,7 +179,7 @@
     delegate_to: localhost
     become: False
     uri:
-      url: "{{ keycloak_server_url }}/auth/admin/realms/{{ argo_realm_name }}/clients/{{ id_of_client }}/client-secret"
+      url: "{{ shared_service_url_keycloak }}/auth/admin/realms/{{ argo_realm_name }}/clients/{{ id_of_client }}/client-secret"
       method: GET
       headers:
         Content-Type: "application/json"

roles/kubernetes/awx/tasks/awx-config.yml

@@ -283,12 +283,12 @@
   when:
     - awx_type_id != "None"
 
-- name: "Search <Container Registry> credentials <{{ shared_service_harbor_hostname }}>"
+- name: "Search <Container Registry> credentials <{{ shared_service_hostname_harbor }}>"
   include_tasks: awx-config-get-typ-id.yml
   vars:
     awx_rest_api_type: credentials
     awx_search_key: name
-    awx_search_name: "{{ shared_service_harbor_hostname }}"
+    awx_search_name: "{{ shared_service_hostname_harbor }}"
 
 - name: "Update awx_credential_harbor_id"
   set_fact:
@@ -296,14 +296,14 @@
   when:
     - awx_type_id != "None"
 
-- name: "Add <Container Registry> credentials <{{ shared_service_harbor_hostname }}>"
+- name: "Add <Container Registry> credentials <{{ shared_service_hostname_harbor }}>"
   delegate_to: localhost
   vars:
-    name: "{{ shared_service_harbor_hostname }}"
+    name: "{{ shared_service_hostname_harbor }}"
-    description: "{{ shared_service_harbor_hostname }}"
+    description: "{{ shared_service_hostname_harbor }}"
     credential_type_id: "{{ awx_credential_type_container_registry_id }}"
     credential_type_name: "Container Registry"
-    host: "{{ shared_service_harbor_hostname }}"
+    host: "{{ shared_service_hostname_harbor }}"
     username: "{{ harbor_username }}"
     password: "{{ harbor_token }}"
   uri:
@@ -323,12 +323,12 @@
   changed_when: response.status == 201
   when: awx_credential_harbor_id is not defined
 
-- name: "Search <Container Registry> credentials <{{ shared_service_harbor_hostname }}>"
+- name: "Search <Container Registry> credentials <{{ shared_service_hostname_harbor }}>"
   include_tasks: awx-config-get-typ-id.yml
   vars:
     awx_rest_api_type: credentials
     awx_search_key: name
-    awx_search_name: "{{ shared_service_harbor_hostname }}"
+    awx_search_name: "{{ shared_service_hostname_harbor }}"
   when: awx_credential_harbor_id is not defined
 
 - name: "Update awx_credential_harbor_id"
@@ -360,7 +360,7 @@
   vars:
     name: "hetzner-ansible"
     description: "hetzner-ansible"
-    image: "{{ shared_service_harbor_hostname }}/awx/awx-custom-ee"
+    image: "{{ shared_service_hostname_harbor }}/awx/awx-custom-ee"
     credential: "{{ awx_credential_harbor_id }}"
     pull: "always"
   uri:

roles/kubernetes/namespace/templates/docker-secret.json.j2

@@ -1,6 +1,6 @@
 {
   "auths": {
-    "{{ shared_service_harbor_hostname }}": {
+    "{{ shared_service_hostname_harbor }}": {
       "auth": "{{ [harbor_username, harbor_token] | join(":") | string | b64encode }}"
     }
   }

roles/management/defaults/main.yml

@@ -15,7 +15,7 @@ connect_connections:
   password: "{{ awx_admin_password }}"
 - id: "harbor"
   name: "Harbor"
-  url: "https://{{ shared_service_harbor_hostname }}/v2/"
+  url: "https://{{ shared_service_hostname_harbor }}/v2/"
   connectionType: "HTTP"
   authType: "BASIC_AUTH"
   username: "{{ harbor_admin_username }}"

roles/pdns/defaults/main.yml

@@ -1,9 +1,9 @@
 ---
 
-pdns_image_name: "{{ shared_service_harbor_hostname }}/smardigo/pdns-authoritative"
+pdns_image_name: "{{ shared_service_hostname_harbor }}/smardigo/pdns-authoritative"
 pdns_image_version: "1.0.0"
 
-pdns_recursor_image_name: "{{ shared_service_harbor_hostname }}/smardigo/pdns-recursor"
+pdns_recursor_image_name: "{{ shared_service_hostname_harbor }}/smardigo/pdns-recursor"
 pdns_recursor_image_version: "1.0.0"
 
 pdns_admin_image_name: "ngoduykhanh/powerdns-admin"

roles/webdav/defaults/main.yaml

@@ -1,3 +1,3 @@
 ---
 
-webdav_image_name: "{{ shared_service_harbor_hostname }}/smardigo/smardigo-webdav-app"
+webdav_image_name: "{{ shared_service_hostname_harbor }}/smardigo/smardigo-webdav-app"

tasks/autodiscover_pre_tasks.yml

@@ -94,6 +94,50 @@
   when:
     - debug
 
+- name: "Reading hetzner loadbalancer infos for stage <{{ stage }}>"
+  uri:
+    url: "https://api.hetzner.cloud/v1/load_balancers"
+    method: GET
+    headers:
+      authorization: Bearer {{ hetzner_authentication_ansible }}
+  register: hetzner_loadbalancers
+  delegate_to: 127.0.0.1
+  tags:
+    - always
+
+- name: "Printing hetzner loadbalancer infos for stage <{{ stage }}>"
+  debug:
+    msg: "{{ hetzner_loadbalancers.json.load_balancers }}"
+  delegate_to: 127.0.0.1
+  tags:
+    - always
+  when:
+    - debug
+
+- name: "Reading hetzner loadbalancer infos for stage <{{ stage }}> with pagination"
+  set_fact:
+    shared_service_kube_loadbalancer_ip: "{{
+       hetzner_loadbalancers.json.load_balancers
+       | json_query(querystr1)
+       | first
+       | default([])
+       | first
+       | default(shared_service_kube_loadbalancer_ip_not_available) }}"
+  vars:
+    querystr1: "[?name=='{{ stage }}-ingress'].private_net[*].ip"
+  delegate_to: 127.0.0.1
+  tags:
+    - always
+
+- name: "Printing hetzner loadbalancer infos for stage <{{ stage }}>"
+  debug:
+    msg: "{{ shared_service_kube_loadbalancer_ip }}"
+  delegate_to: 127.0.0.1
+  tags:
+    - always
+  when:
+    - debug
+
 # due to a hetzner api bug for label selector: only last given selector is used - label_selector=stage=XXX,!manual not working correctly
 - name: "Reading hetzner server infos for stage <{{ stage }}>"
   set_fact:

tasks/smardigo_management_message.yml

@@ -25,7 +25,7 @@
 
 - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
   uri:
-    url: "{{ smardigo_management_url }}"
+    url: "{{ shared_service_url_management }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages"
     method: POST
     body_format: json
     body: "{{ lookup('template','smardigo-management-message.json.j2') }}"

update-docker-image.yml

@@ -87,7 +87,7 @@
     - name: "Pull/Tag/Push image <{{ source_project }}/{{ source_image_name }}:{{ source_image_version }}>"
       community.docker.docker_image:
         name: "dev-harbor-01.smardigo.digital/{{ source_project }}/{{ source_image_name }}:{{ source_image_version }}"
-        repository: "{{ shared_service_harbor_hostname }}/{{ destination_project | default(source_project) }}/{{ destination_image_name | default(source_image_name) }}:{{ destination_image_version | default(source_image_version) }}"
+        repository: "{{ shared_service_hostname_harbor }}/{{ destination_project | default(source_project) }}/{{ destination_image_name | default(source_image_name) }}:{{ destination_image_version | default(source_image_version) }}"
         force_tag: true
         source: pull
         push: true
@@ -105,5 +105,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

update-monitoring.yml

@@ -89,5 +89,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml

update-service-state.yml

@@ -86,5 +86,5 @@
     connect_jwt_username: "{{ management_admin_username }}"
 
   tasks:
-    - name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
+    - name: "Sending smardigo management message to <{{ shared_service_url_management }}>"
       include_tasks: tasks/smardigo_management_message.yml