Add support for proxy networks & cleanup playbook vars

playbooks/1password.yaml

@@ -1,4 +1,6 @@
 ---
 - hosts: localhost
+  vars_files:
+    - vars/environment.yaml
   roles:
     - 1password

playbooks/Linux.yaml

@@ -2,10 +2,8 @@
 - import_playbook: LinuxCLI.yaml
 - import_playbook: UnixGUI.yaml
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: firefox
     - role: kitty

playbooks/LinuxCLI.yaml

@@ -1,14 +1,14 @@
 ---
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: rpmfusion
       when: ansible_os_family == 'RedHat' and ansible_distribution == 'Fedora'
 - import_playbook: UnixCLI.yaml
 - hosts: localhost
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: gdb
     - role: podman

playbooks/UnixCLI.yaml

@@ -1,9 +1,7 @@
 ---
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: sudo
       when: ansible_user_id != "root"

playbooks/UnixGUI.yaml

@@ -1,9 +1,7 @@
 ---
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: flatpak
       when: ansible_os_family != "Darwin"

playbooks/WSL.yaml

@@ -1,9 +1,7 @@
 ---
 - import_playbook: LinuxCLI.yaml
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: wsl

playbooks/Windows.yaml

@@ -1,9 +1,7 @@
 ---
 - hosts: windows
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: python
     - role: git

playbooks/macOS.yaml

@@ -1,14 +1,14 @@
 ---
 - import_playbook: UnixCLI.yaml
 - hosts: localhost
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: system-info
 - import_playbook: UnixGUI.yaml
 - hosts: localhost
-  vars:
-    github_auth_headers: >-
-      {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
-          if lookup('env', 'GITHUB_TOKEN') else {} }}
+  vars_files:
+    - vars/environment.yaml
   roles:
     - role: mas
 

playbooks/vars/environment.yaml

@@ -0,0 +1,15 @@
+---
+# GitHub may rate limit unauthenticated API requests, this is more likely when
+# behind a network proxy. Set the GITHUB_TOKEN environment variable to
+# authenticate any GitHub API requests executed while playing roles.
+github_auth_headers: >-
+  {{ { 'Authorization': 'Bearer ' + lookup('env', 'GITHUB_TOKEN') }
+      if lookup('env', 'GITHUB_TOKEN') else {} }}
+
+# When working behind a network proxy, set the http_proxy and https_proxy
+# environment variables. These will be passed through to uses of the `get_url`
+# module when playing roles.
+proxy_environment: >-
+  {{ { 'http_proxy': lookup('env', 'http_proxy'),
+       'https_proxy': lookup('env', 'https_proxy') }
+      if lookup('env', 'http_proxy') and lookup('env', 'https_proxy') else {} }}