keytab: Prefix variable names with keytab_

roles/keytab/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: Check if keytab exists
   ansible.builtin.stat:
-    path: "{{ keytab }}"
+    path: "{{ keytab_path }}"
   register: keytab_status
   check_mode: false
 
@@ -15,7 +15,7 @@
       - -k
       - "/tmp/{{ inventory_hostname }}.kt"
       - "{{ item }}"
-  with_items: "{{ principals }}"
+  with_items: "{{ keytab_principals }}"
   delegate_to: ldap01.home.foo.sh
   when: not keytab_status.stat.exists
 
@@ -39,12 +39,12 @@
   ansible.builtin.shell: >-
     set -o pipefail &&
     umask 077 &&
-    echo '{{ keytab_data.stdout }}' | base64 -d > "{{ keytab }}"
+    echo '{{ keytab_data.stdout }}' | base64 -d > "{{ keytab_path }}"
   when: not keytab_status.stat.exists
 
 - name: Check keytab permissions
   ansible.builtin.file:
-    path: "{{ keytab }}"
-    mode: "{% if group == ansible_wheel %}0600{% else %}0640{% endif %}"
+    path: "{{ keytab_path }}"
+    mode: "{% if keytab_group == ansible_wheel %}0600{% else %}0640{% endif %}"
     owner: root
-    group: "{{ group }}"
+    group: "{{ keytab_group }}"