Linuxfabrik
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎roles/acme_sh/README.md‎
Lines changed: 85 additions & 18 deletions b/‎roles/acme_sh/README.md‎
Lines changed: 85 additions & 18 deletions
diff --git a/‎roles/alternatives/README.md‎
Lines changed: 36 additions & 6 deletions b/‎roles/alternatives/README.md‎
Lines changed: 36 additions & 6 deletions
diff --git a/‎roles/ansible_init/README.md‎
Lines changed: 103 additions & 15 deletions b/‎roles/ansible_init/README.md‎
Lines changed: 103 additions & 15 deletions
@@ -19,6 +19,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
+* **all roles**: Rewrite all role READMEs to use the new standard format: replace markdown tables with bullet lists for tags and variables, convert HTML/blockquote subkeys to expanded indented format, standardize terminology (`Bool` not `Boolean`, `Mandatory` not `Required`)
 * **role:opensearch**: Rewrite README with step-by-step cluster setup guide, single-node section, post-installation steps, and improved variable documentation
 * **role:elasticsearch**: Improve README with single-node section and clearer explanation of the manual certificate approach for cluster setup
 * **COMPATIBILITY**: Add missing `crypto_policy` RHEL 10 entry
 
@@ -10,6 +10,7 @@ SSLCertificateKeyFile   /etc/pki/tls/private/www.example.com.key
 SSLCertificateChainFile /etc/pki/tls/certs/www.example.com-chain.crt
 ```
 
+
 ## Mandatory Requirements
 
 * Install `openssl`. This can be done using the [linuxfabrik.lfops.apps](https://github.com/Linuxfabrik/lfops/tree/main/roles/apps) role.
@@ -30,19 +31,53 @@ If you use the [acme.sh Playbook](https://github.com/Linuxfabrik/lfops/blob/main
 
 ## Tags
 
-| Tag                    | What it does                                  | Reload / Restart |
-| ---                    | ------------                                  | ---------------- |
-| `acme_sh`              | Installs acme.sh and issues certificates      | - |
-| `acme_sh:certificates` | Issues certificates                           | - |
-| `acme_sh:state`        | Manages the state of the weekly acme.sh timer | - |
+`acme_sh`
+
+* Installs acme.sh and issues certificates.
+* Triggers: none.
+
+`acme_sh:certificates`
+
+* Issues certificates.
+* Triggers: none.
+
+`acme_sh:state`
+
+* Manages the state of the weekly acme.sh timer.
+* Triggers: none.
 
 
 ## Mandatory Role Variables
 
-| Variable                 | Description                                                                           |
-| --------                 | -----------                                                                           |
-| `acme_sh__account_email` | Email address for the Let's encrypt account. This address will receive expiry emails. |
-| `acme_sh__certificates`  | List of certificates that should be issued. Subkeys: <ul><li>`name`: Mandatory, string. Domain of the certificate.</li><li>`alternative_names`: Optional, list. Subject Alternative Names (SAN) for the certificate. Defaults to unset.</li><li>`reload_cmd`: Optional, string. Command to execute after issue/renew to reload the server. Defaults to `systemctl reload httpd`.</li></ul> |
+`acme_sh__account_email`
+
+* Email address for the Let's encrypt account. This address will receive expiry emails.
+* Type: String.
+* Default: none
+
+`acme_sh__certificates`
+
+* List of certificates that should be issued.
+* Type: List of dictionaries.
+* Default: none
+* Subkeys:
+
+    * `name`:
+
+        * Mandatory. Domain of the certificate.
+        * Type: String.
+
+    * `alternative_names`:
+
+        * Optional. Subject Alternative Names (SAN) for the certificate.
+        * Type: List.
+        * Default: unset
+
+    * `reload_cmd`:
+
+        * Optional. Command to execute after issue/renew to reload the server.
+        * Type: String.
+        * Default: `'systemctl reload httpd'`
 
 Example:
 ```yaml
@@ -59,15 +94,47 @@ acme_sh__certificates:
 
 ## Optional Role Variables
 
-| Variable | Description | Default Value |
-| -------- | ----------- | ------------- |
-| `acme_sh__deploy_to_host`  | The host which the issued certificates should be deployed to. | unset |
-| `acme_sh__deploy_to_host_hook`  | The deployment hook which should be used to deploy the certificates to the deploy host. | `ssh` |
-| `acme_sh__deploy_to_host_reload_cmd`  | The reload command which should be executed on the deploy host after the certificates were deployed to the deploy host. | `reload_cmd` subkey of the `acme_sh__certificates` item, or `systemctl reload httpd` |
-| `acme_sh__deploy_to_host_user`  | The remote user account which should be used to deploy the certificates to the deploy host. | `root` |
-| `acme_sh__key_length`  | Key length in bits of the certificates to issue. | `4096` |
-| `acme_sh__reload_cmd` | The reload command which should be executed on the local host after the certificates were installed. | `reload_cmd` subkey of the `acme_sh__certificates` item, or `systemctl reload httpd` |
-| `acme_sh__timer_enabled` | Enables or disables the weekly acme.sh timer, analogous to `systemctl enable/disable --now`. | `true` |
+`acme_sh__deploy_to_host`
+
+* The host which the issued certificates should be deployed to.
+* Type: String.
+* Default: unset
+
+`acme_sh__deploy_to_host_hook`
+
+* The deployment hook which should be used to deploy the certificates to the deploy host.
+* Type: String.
+* Default: `'ssh'`
+
+`acme_sh__deploy_to_host_reload_cmd`
+
+* The reload command which should be executed on the deploy host after the certificates were deployed to the deploy host.
+* Type: String.
+* Default: `reload_cmd` subkey of the `acme_sh__certificates` item, or `'systemctl reload httpd'`
+
+`acme_sh__deploy_to_host_user`
+
+* The remote user account which should be used to deploy the certificates to the deploy host.
+* Type: String.
+* Default: `'root'`
+
+`acme_sh__key_length`
+
+* Key length in bits of the certificates to issue.
+* Type: Number.
+* Default: `4096`
+
+`acme_sh__reload_cmd`
+
+* The reload command which should be executed on the local host after the certificates were installed.
+* Type: String.
+* Default: `reload_cmd` subkey of the `acme_sh__certificates` item, or `'systemctl reload httpd'`
+
+`acme_sh__timer_enabled`
+
+* Enables or disables the weekly acme.sh timer, analogous to `systemctl enable/disable --now`.
+* Type: Bool.
+* Default: `true`
 
 Example:
 ```yaml
 
@@ -11,16 +11,46 @@ Hints:
 
 ## Tags
 
-| Tag       | What it does                         | Reload / Restart |
-| ---       | ------------                         | ---------------- |
-| `alternatives` | Manages alternative programs for common commands. | - |
+`alternatives`
+
+* Manages alternative programs for common commands.
+* Triggers: none.
 
 
 ## Mandatory Role Variables
 
-| Variable | Description | Default Value |
-| -------- | ----------- | ------------- |
-| `alternatives__alternatives` | List of alternatives to remove or to deploy. Subkeys:<ul><li>`link`: String. The path to the symbolic link that should point to the real executable. This option is always required on RHEL-based distributions. On Debian-based distributions this option is required when the alternative `name` is unknown to the system.</li><li>`name`: Mandatory, string. The generic name of the link.</li><li>`path`: Optional, string. The path to the real executable that the link should point to.</li><li>`priority`: Optional, number. The priority of the alternative. If no priority is given for creation `50` is used as a fallback.</li><li>`state`: Optional, string. One of:<ul><li>`selected`: Default. Install the alternative (if not already installed), and set it as the currently selected alternative for the group.</li><li>`present`: Install the alternative (if not already installed), but do not set it as the currently selected alternative for the group.</li><li>`auto`: Install the alternative (if not already installed), and set the group to auto mode.</li><li>`absent`: Remove the alternative.</li></ul></ul> | `[]` |
+`alternatives__alternatives`
+
+* List of alternatives to remove or to deploy.
+* Type: List of dictionaries.
+* Default: `[]`
+* Subkeys:
+
+    * `link`:
+
+        * The path to the symbolic link that should point to the real executable. This option is always required on RHEL-based distributions. On Debian-based distributions this option is required when the alternative `name` is unknown to the system.
+        * Type: String.
+
+    * `name`:
+
+        * Mandatory. The generic name of the link.
+        * Type: String.
+
+    * `path`:
+
+        * Optional. The path to the real executable that the link should point to.
+        * Type: String.
+
+    * `priority`:
+
+        * Optional. The priority of the alternative. If no priority is given for creation `50` is used as a fallback.
+        * Type: Number.
+
+    * `state`:
+
+        * Optional. One of: `selected` (default; install the alternative and set it as the currently selected alternative for the group), `present` (install the alternative but do not set it as the currently selected alternative for the group), `auto` (install the alternative and set the group to auto mode), `absent` (remove the alternative).
+        * Type: String.
+        * Default: `'selected'`
 
 Example:
 ```yaml
 
@@ -14,20 +14,36 @@ This role:
 
 ## Tags
 
-| Tag            | What it does                                                                                                                                   | Reload / Restart |
-| ---            | ------------                                                                                                                                   | ---------------- |
-| `ansible_init` | * Update ansible_init (ansinv) itself<br> * Update ../lfops<br> * Load repo list<br> * Clone the inventories<br> * Install ansible collections | - |
-| `ansible_init:collections` | Install ansible collections | - |
-| `ansible_init:command` | Load repo list | - |
+`ansible_init`
+
+* Update ansible_init (ansinv) itself.
+* Update ../lfops.
+* Load repo list.
+* Clone the inventories.
+* Install ansible collections.
+* Triggers: none.
+
+`ansible_init:collections`
+
+* Install ansible collections.
+* Triggers: none.
+
+`ansible_init:command`
+
+* Load repo list.
+* Triggers: none.
 
 
 ## Mandatory Role Variables
 
-| Variable | Description |
-| -------- | ----------- |
-| `ansible_init__url` | URL of the ansinv repo. |
+`ansible_init__url`
+
+* URL of the ansinv repo.
+* Type: String.
+* Default: none
 
 Example:
+
 ```yaml
 # mandatory
 ansible_init__url: 'git@example.com:my-ansinv.git'
@@ -36,15 +52,87 @@ ansible_init__url: 'git@example.com:my-ansinv.git'
 
 ## Optional Role Variables
 
-| Variable | Description | Default Value |
-| -------- | ----------- | ------------- |
-| `ansible_init__ansible_collections` | List of dictionaries of Ansible collections to install. Subkeys: <br> * `name`: Mandatory, string. Name of the collection. <br> * `type`. Optional. Defaults to `collection`. One of `collection`, `role`, or `both`. | `[]` |
-| `ansible_init__inventories` | List of dictionaries of inventories to clone. Subkeys: <br> * `name`: Mandatory, string. Name of the inventory. Will be used as the folder name. <br> * `url`: Mandatory, string. Git, SSH, or HTTP(S) protocol address of the repository. <br> * `version`: Optional, string. Defaults to `'main'`. Git version to checkout. | `[]` |
-| `ansible_init__lfops_url` | URL of the LFOps repo. Either `'git@github.com:Linuxfabrik/lfops.git'` for development purposes, or `'https://github.com/Linuxfabrik/lfops.git'` for general access. | `'https://github.com/Linuxfabrik/lfops.git'` |
-| `ansible_init__roles` | List of dictionaries of roles to clone. Subkeys: <br> * `name`: Mandatory, string. Name of the role. Will be used as the folder name. <br> * `url`: Mandatory, string. Git, SSH, or HTTP(S) protocol address of the repository. <br> * `version`: Optional, string. Defaults to `'main'`. Git version to checkout. | `[]` |
-| `ansible_init__version` | Git version of the ansinv repo to checkout. | `'main'` |
+`ansible_init__ansible_collections`
+
+* List of dictionaries of Ansible collections to install.
+* Subkeys:
+
+    * `name`:
+
+        * Mandatory. Name of the collection.
+        * Type: String.
+
+    * `type`:
+
+        * Optional. One of `collection`, `role`, or `both`.
+        * Type: String.
+        * Default: `'collection'`
+
+* Type: List of dictionaries.
+* Default: `[]`
+
+`ansible_init__inventories`
+
+* List of dictionaries of inventories to clone.
+* Subkeys:
+
+    * `name`:
+
+        * Mandatory. Name of the inventory. Will be used as the folder name.
+        * Type: String.
+
+    * `url`:
+
+        * Mandatory. Git, SSH, or HTTP(S) protocol address of the repository.
+        * Type: String.
+
+    * `version`:
+
+        * Optional. Git version to checkout.
+        * Type: String.
+        * Default: `'main'`
+
+* Type: List of dictionaries.
+* Default: `[]`
+
+`ansible_init__lfops_url`
+
+* URL of the LFOps repo. Either `'git@github.com:Linuxfabrik/lfops.git'` for development purposes, or `'https://github.com/Linuxfabrik/lfops.git'` for general access.
+* Type: String.
+* Default: `'https://github.com/Linuxfabrik/lfops.git'`
+
+`ansible_init__roles`
+
+* List of dictionaries of roles to clone.
+* Subkeys:
+
+    * `name`:
+
+        * Mandatory. Name of the role. Will be used as the folder name.
+        * Type: String.
+
+    * `url`:
+
+        * Mandatory. Git, SSH, or HTTP(S) protocol address of the repository.
+        * Type: String.
+
+    * `version`:
+
+        * Optional. Git version to checkout.
+        * Type: String.
+        * Default: `'main'`
+
+* Type: List of dictionaries.
+* Default: `[]`
+
+`ansible_init__version`
+
+* Git version of the ansinv repo to checkout.
+* Type: String.
+* Default: `'main'`
 
 Example:
+
 ```yaml
 # optional
 ansible_init__ansible_collections: