diff --git a/playbooks/adm.yml b/playbooks/adm.yml
index 3daeffe..f4db906 100644
--- a/playbooks/adm.yml
+++ b/playbooks/adm.yml
@@ -28,7 +28,7 @@
     - ansible_host
     - certbot
     - role: keytab
-      principals:
+      keytab_principals:
         - "host/{{ inventory_hostname }}@{{ kerberos_realm }}"
     - nfs_client
     - sssd
diff --git a/playbooks/collab.yml b/playbooks/collab.yml
index 38f5b8d..89edf92 100644
--- a/playbooks/collab.yml
+++ b/playbooks/collab.yml
@@ -28,9 +28,9 @@
     - collab
     - mod_auth_gssapi
     - role: keytab
-      keytab: /etc/httpd/httpd.keytab
-      principals: HTTP/collab.foo.sh@FOO.SH
-      group: apache
+      keytab_path: /etc/httpd/httpd.keytab
+      keytab_principals: HTTP/collab.foo.sh@FOO.SH
+      keytab_group: apache
     - ldap
 
   tasks:
diff --git a/playbooks/mail.yml b/playbooks/mail.yml
index cb72de2..4019251 100644
--- a/playbooks/mail.yml
+++ b/playbooks/mail.yml
@@ -26,7 +26,7 @@
   roles:
     - base
     - role: keytab
-      principals:
+      keytab_principals:
         - "host/{{ inventory_hostname }}@{{ kerberos_realm }}"
         - "smtp/{{ mail_server }}@{{ kerberos_realm }}"
     - nfs_client
diff --git a/playbooks/nas.yml b/playbooks/nas.yml
index 58db737..ceffe23 100644
--- a/playbooks/nas.yml
+++ b/playbooks/nas.yml
@@ -38,7 +38,7 @@
     - sssd
     - nfs_server
     - role: keytab
-      principals: "nfs/{{ inventory_hostname }}@FOO.SH"
+      keytab_principals: "nfs/{{ inventory_hostname }}@FOO.SH"
 
   tasks:
     - name: Copy exports file
diff --git a/playbooks/print.yml b/playbooks/print.yml
index 1f90c63..8bfea58 100644
--- a/playbooks/print.yml
+++ b/playbooks/print.yml
@@ -50,5 +50,5 @@
       ansible.builtin.import_role:
         name: keytab
       vars:
-        keytab: /etc/cups/cups.keytab
-        principals: "HTTP/print.foo.sh@{{ kerberos_realm }}"
+        keytab_path: /etc/cups/cups.keytab
+        keytab_principals: "HTTP/print.foo.sh@{{ kerberos_realm }}"
diff --git a/playbooks/shell.yml b/playbooks/shell.yml
index 7eee3e4..2f031da 100644
--- a/playbooks/shell.yml
+++ b/playbooks/shell.yml
@@ -15,7 +15,7 @@
   roles:
     - base
     - role: keytab
-      principals:
+      keytab_principals:
         - "host/{{ inventory_hostname }}@{{ kerberos_realm }}"
         - "nfs/{{ inventory_hostname }}@{{ kerberos_realm }}"
     - nfs_client
diff --git a/playbooks/static.yml b/playbooks/static.yml
index b912fbe..8471c0a 100644
--- a/playbooks/static.yml
+++ b/playbooks/static.yml
@@ -15,7 +15,7 @@
   roles:
     - base
     - role: keytab
-      principals:
+      keytab_principals:
         - "host/{{ inventory_hostname }}@FOO.SH"
         - "nfs/{{ inventory_hostname }}@FOO.SH"
     - nfs_client
diff --git a/playbooks/zm.yml b/playbooks/zm.yml
index f4b39e8..8dd9964 100644
--- a/playbooks/zm.yml
+++ b/playbooks/zm.yml
@@ -27,9 +27,9 @@
     - base
     - mod_auth_gssapi
     - role: keytab
-      keytab: /etc/httpd/httpd.keytab
-      principals: HTTP/zm.foo.sh@FOO.SH
-      group: apache
+      keytab_path: /etc/httpd/httpd.keytab
+      keytab_principals: HTTP/zm.foo.sh@FOO.SH
+      keytab_group: apache
 
   tasks:
     - name: Run handlers to get interfaces configured
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 3e8b002..06932b1 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -8,10 +8,10 @@
   ansible.builtin.include_role:
     name: keytab
   vars:
-    keytab: /etc/dovecot/dovecot.keytab
-    principals:
+    keytab_path: /etc/dovecot/dovecot.keytab
+    keytab_principals:
       - "imap/{{ mail_server }}@{{ kerberos_realm }}"
-    group: dovecot
+    keytab_group: dovecot
 
 - name: Install privatekey
   ansible.builtin.copy:
diff --git a/roles/keytab/defaults/main.yml b/roles/keytab/defaults/main.yml
index 8b08f0a..e4c4ebf 100644
--- a/roles/keytab/defaults/main.yml
+++ b/roles/keytab/defaults/main.yml
@@ -1,3 +1,3 @@
 ---
-keytab: /etc/krb5.keytab
-group: "{{ ansible_wheel }}"
+keytab_path: /etc/krb5.keytab
+keytab_group: "{{ ansible_wheel }}"
diff --git a/roles/keytab/tasks/main.yml b/roles/keytab/tasks/main.yml
index c4e5496..828e4fd 100644
--- a/roles/keytab/tasks/main.yml
+++ b/roles/keytab/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Check if keytab exists
   ansible.builtin.stat:
-    path: "{{ keytab }}"
+    path: "{{ keytab_path }}"
   register: keytab_status
   check_mode: false
 
@@ -15,7 +15,7 @@
       - -k
       - "/tmp/{{ inventory_hostname }}.kt"
       - "{{ item }}"
-  with_items: "{{ principals }}"
+  with_items: "{{ keytab_principals }}"
   delegate_to: ldap01.home.foo.sh
   when: not keytab_status.stat.exists
 
@@ -39,12 +39,12 @@
   ansible.builtin.shell: >-
     set -o pipefail &&
     umask 077 &&
-    echo '{{ keytab_data.stdout }}' | base64 -d > "{{ keytab }}"
+    echo '{{ keytab_data.stdout }}' | base64 -d > "{{ keytab_path }}"
   when: not keytab_status.stat.exists
 
 - name: Check keytab permissions
   ansible.builtin.file:
-    path: "{{ keytab }}"
-    mode: "{% if group == ansible_wheel %}0600{% else %}0640{% endif %}"
+    path: "{{ keytab_path }}"
+    mode: "{% if keytab_group == ansible_wheel %}0600{% else %}0640{% endif %}"
     owner: root
-    group: "{{ group }}"
+    group: "{{ keytab_group }}"