10 changed files with 53 additions and 136 deletions
--- a/README.md
+++ b/README.md
@ -3,53 +3,38 @@
 ZeroTier
 =========
-This Ansible role adds the ZeroTier repository and installs the `zerotier-one` package using your system's package manager. Depending on the provided variables this role can also add and authorize new members to (existing) ZeroTier networks, and tell the new member to join the network.
+This Ansible role installs the `zerotier-one` package, adds and authorizes new members to (existing) ZeroTier networks, and tells the new member to join the network.
 Requirements
 ------------
-Technically this role has no requirements. If it's ran without any variables set it will only run the installation tasks. The following variables impact the role's behavior:
+This role has an optional access token variable to authorize the member using the ZeroTier API. The role also takes the ID of the ZeroTier network to automatically join the new member.
 [**zerotier_network_id**](#zerotier_network_id): when set hosts are told to join this network.  
 [**zerotier_api_accesstoken**](#zerotier_api_accesstoken): when set the role can handle member authentication and configuration using the ZeroTier API.  
 Role Variables
 --------------
-### zerotier_network_id
+### zerotier_api_url
-*Type*: string  
+The url where the Zerotier API lives. Must use HTTPS protocol.
-*Default value*:  
+Default: https://my.zerotier.com
 *Description*: The 16 character network ID of the network the new members should join. The node will not join any network if omitted.
-### zerotier_member_register_short_hostname
+### zerotier_accesstoken
-*Type*: boolean  
+The access token needed to authorize with the ZeroTier API. You can generate one in your account settings at https://my.zerotier.com/. If this is left out then the newly joined member will not be automatically authorized.
-*Default value*: `false`  
+
-*Description*: By default `inventory_hostname` will be used to name a member in a network. If set to `true`, `inventory_hostname_short` will be used instead.
+### zerotier_network_id
 The 16 character network ID of the network the new members should join. The node will not join any network if omitted.
 ### zerotier_register_short_hostname
 Used to register the short hostname (without the FQDN) on the network instead of the long one.
 Default: `false`
 ### zerotier_member_ip_assignments
-*Type*: list  
+A list of IP addresses to assign this member. The member will be automatically assigned an address on the network if left out.
 *Default value*: `[]`  
 *Description*: A list of IP addresses to assign this member. The member will be automatically assigned an address on the network if left out.
 ### zerotier_member_description
-*Type*: string  
+Optional desription for a member.
 *Default value*: `""`  
 *Description*: Optional description for a member.
 ### zerotier_api_accesstoken
 *Type*: string  
 *Default value*: `""`  
 *Description*: The access token needed to authorize with the ZeroTier API. You can generate one in your account settings at https://my.zerotier.com/. If this is left out then the newly joined member will not be automatically authorized.
 ### zerotier_api_url
 *Type*: string  
 *Default value*: `https://my.zerotier.com`  
 *Description*: The url where the Zerotier API lives. Must use HTTPS protocol.  
 ### zerotier_api_delegate
-*Type*: string  
+Option to delegate tasks for Zerotier API calls. By default the API calls are made from the machine running the role.
 *Default value*: `localhost`  
 *Description*: Option to delegate tasks for Zerotier API calls. This is useful in a situation where API calls can only be made from a white-listed management server, for example.
 Example Playbook
 ----------------
@ -58,7 +43,7 @@ Example Playbook
    - hosts: servers
      vars:
         zerotier_network_id: 1234567890qwerty
-         zerotier_api_accesstoken: "{{ vault_zerotier_accesstoken }}"
+         zerotier_accesstoken: "{{ vault_zerotier_accesstoken }}"
         zerotier_register_short_hostname: true
      roles:
@ -90,4 +75,4 @@ Example Inventory
    [dbservers:vars]
    zerotier_member_description='<AppName> db cluster node'
-```
+```
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1,8 +1,7 @@
 ---
 # defaults file for ansible-role-zerotier
 zerotier_api_accesstoken: "{{ zerotier_accesstoken | default() }}" # For backwards compatibility
 zerotier_api_url: https://my.zerotier.com
 zerotier_api_delegate: localhost
 zerotier_apt_state: present
-zerotier_member_register_short_hostname: "{{ zerotier_register_short_hostname | default(false) }}" # For backwards compatibility
+zerotier_register_short_hostname: false
 zerotier_authorize_member: true
--- a/files/set_facts.sh
+++ b/files/set_facts.sh
@ -1,43 +0,0 @@
 #!/bin/bash
 FACTS_DIR='/etc/ansible/facts.d'
 FACT_FILE="${FACTS_DIR}/zerotier.fact"
 NODE_STATUS=($(zerotier-cli status))
 NETWORKS=$(zerotier-cli listnetworks | tail -n+2)
 function file_content {
    if [ ! -z "$NETWORKS" ]; then
        network_count=$(echo "$NETWORKS" |wc -l)
        counter=1
        echo "{"
        echo "  \"node_id\":\"${NODE_STATUS[2]}\","
        echo "  \"networks\": {"
        while read -r; do
            network=($REPLY)
            echo "    \"${network[2]}\": {"
            echo "        \"status\":\"${network[5]}\","
            echo "        \"device\":\"${network[7]}\""
            if [ "$counter" -eq "$network_count" ]; then
                echo "    }"
            else
                echo "    },"
            fi
            ((counter++))
        done <<< $NETWORKS
        echo "  }"
        echo "}"
    else
        echo "{\"node_id\":\"${NODE_STATUS[2]}\",\"networks\":{}}"
    fi
 }
 if [ ! -d "$FACTS_DIR" ]; then
    mkdir -p $FACTS_DIR
 fi
 file_content > $FACT_FILE
 # TO-DO
 # Handle different states than "OK". Other statuses can mess up positions.
--- a/meta/main.yml
+++ b/meta/main.yml
@ -16,7 +16,7 @@ galaxy_info:
  # - CC-BY
  license: GPLv3
-  min_ansible_version: 2.9
+  min_ansible_version: 2.4
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
@ -27,7 +27,7 @@ galaxy_info:
  # this branch. If Travis integration is configured, only notifications for this
  # branch will be accepted. Otherwise, in all cases, the repo's default branch
  # (usually master) will be used.
-  github_branch: master
+  #github_branch:
  #
  # platforms is a list of platforms, and each platform has a name and a list of versions.
@ -39,10 +39,6 @@ galaxy_info:
  - name: Debian
    versions:
    - stretch
  - name: Ubuntu
    versions:
    - Bionic
    - Cosmic
  - name: Fedora
    versions:
    - 28
--- a/tasks/authorize_node.yml
+++ b/tasks/authorize_node.yml
@ -1,38 +1,52 @@
 ---
 - block:
-  - name: Authorize new members to network
+  - name: Get Zerotier NodeID
    shell: zerotier-cli info | awk '{print $3}'
    register: nodeid
    changed_when: false
  - name: Set NodeID as fact
    set_fact:
      zerotier_node_id: "{{ nodeid.stdout }}"
  when:
  - zerotier_accesstoken is defined
  - not ansible_check_mode
  tags:
  - configuration
 - block:
  - name: Authorize members to network
    uri:
-      url: "{{ zerotier_api_url }}/api/network/{{ zerotier_network_id }}/member/{{ ansible_local['zerotier']['node_id'] }}"
+      url: "{{ zerotier_api_url }}/api/network/{{ zerotier_network_id }}/member/{{ zerotier_node_id }}"
      method: POST
      headers:
-        Authorization: bearer {{ zerotier_api_accesstoken }}
+        Authorization: bearer {{ zerotier_accesstoken }}
      body:
        hidden: false
        config:
          authorized: "{{ zerotier_authorize_member }}"
      body_format: json
-    register: auth_apiresult
+      register: auth_apiresult
    delegate_to: "{{ zerotier_api_delegate }}"
    when:
    - ansible_local['zerotier']['networks'][zerotier_network_id] is not defined or
      ansible_local['zerotier']['networks'][zerotier_network_id]['status'] != 'OK'
  - name: Configure members in network
    uri:
-      url: "{{ zerotier_api_url }}/api/network/{{ zerotier_network_id }}/member/{{ ansible_local['zerotier']['node_id'] }}"
+      url: "{{ zerotier_api_url }}/api/network/{{ zerotier_network_id }}/member/{{ zerotier_node_id }}"
      method: POST
      headers:
-        Authorization: bearer {{ zerotier_api_accesstoken }}
+        Authorization: bearer {{ zerotier_accesstoken }}
      body:
-        name: "{{ zerotier_member_register_short_hostname | ternary(inventory_hostname_short, inventory_hostname) }}"
+        name: "{{ zerotier_register_short_hostname | ternary(inventory_hostname_short, inventory_hostname) }}"
        description: "{{ zerotier_member_description | default() }}"
        config:
          ipAssignments: "{{ zerotier_member_ip_assignments | default([]) | list }}"
      body_format: json
-    register: conf_apiresult
+      register: conf_apiresult
    delegate_to: "{{ zerotier_api_delegate }}"
  when:
  - zerotier_accesstoken is defined
  - not ansible_check_mode
  tags:
  - configuration
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -1,6 +1,6 @@
 ---
- include_tasks: install/{{ ansible_facts['os_family'] }}.yml
+- include_tasks: install/{{ ansible_os_family }}.yml
  tags:
  - installation
  - repositories
--- a/tasks/install/Debian.yml
+++ b/tasks/install/Debian.yml
@ -1,31 +1,9 @@
 - name: Add ZeroTier PGP key
  apt_key:
    url: "{{ zerotier_gpg_url }}"
    id: "{{ zerotier_gpg_fingerprint }}"
 - name: Check if Ubuntu release has dedicated repo
  uri:
    url: "{{ zerotier_download_base_url }}/debian/{{ zerotier_deb_release_repo }}"
  failed_when: false
  when:
    - ansible_facts['distribution'] == "Ubuntu"
  register: release_repo
 - block:
  - name: Overwrite Ubuntu release repo name
    set_fact:
      zerotier_deb_release_repo: bionic
  - name: Re-gather facts
    setup: ~
  when:
    - ansible_facts['distribution'] == "Ubuntu"
    - ansible_facts['distribution_major_version'] == "18"
    - release_repo.status == 404
 - name: Add ZeroTier APT repository
  apt_repository:
-    repo: deb {{ zerotier_download_base_url }}/debian/{{ zerotier_deb_release_repo }} {{ zerotier_deb_release_repo }} main
+    repo: deb {{ zerotier_download_base_url }}/debian/{{ ansible_distribution_release }} {{ ansible_distribution_release }} main
    filename: zerotier
  register: zerotier_repo
--- a/tasks/install/RedHat.yml
+++ b/tasks/install/RedHat.yml
@ -2,7 +2,6 @@
  rpm_key:
    state: present
    key: "{{ zerotier_gpg_url }}"
    fingerprint: "{{ zerotier_gpg_fingerprint }}"
 - name: Add ZeroTier repo for RHEL/CentOS
  yum_repository:
@ -12,7 +11,7 @@
    gpgcheck: yes
    enabled: yes
  register: zerotier_repo
-  when: ansible_facts['distribution'] != "Fedora"
+  when: ansible_distribution != "Fedora"
 - name: Add zerotier repo for Fedora
  yum_repository:
@ -22,4 +21,4 @@
    gpgcheck: yes
    enabled: yes
  register: zerotier_repo
-  when: ansible_facts['distribution'] == "Fedora"
+  when: ansible_distribution == "Fedora"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -2,20 +2,11 @@
 # tasks file for ansible-role-zerotier
 - import_tasks: install.yml
  when:
-  - not skip_install | default(false) | bool
+  - not skip_install|default(false)|bool
 - block:
  - name: Update ansible_local facts
    script: set_facts.sh
  - name: Re-gather ansible_local facts
    setup: filter=ansible_local
 - import_tasks: authorize_node.yml
  when:
-  - zerotier_api_accesstoken | length > 0
+  - zerotier_accesstoken is defined
  - ansible_local['zerotier']['node_id'] is defined
 - import_tasks: join_network.yml
  when:
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,6 +1,4 @@
 ---
 # vars file for ansible-role-zerotier
 zerotier_download_base_url: http://download.zerotier.com
 zerotier_deb_release_repo: "{{ ansible_facts['distribution_release'] }}"
 zerotier_gpg_url: https://download.zerotier.com/contact@zerotier.com.gpg
 zerotier_gpg_fingerprint: 74A5E9C458E1A431F1DA57A71657198823E52A61