move to non-deprecated template variable formatting

roles/blog/tasks/blog.yml

 - name: Create directory for blog HTML
-  file: state=directory path=/var/www/${domain} group=www-data owner=www-data
+  file: state=directory path=/var/www/{{ domain }} group=www-data owner=www-data
 
 - name: Configure the Apache HTTP server for the blog
-  template: src=etc_apache2_sites-available_blog.j2 dest=/etc/apache2/sites-available/${domain} group=www-data owner=www-data
+  template: src=etc_apache2_sites-available_blog.j2 dest=/etc/apache2/sites-available/{{ domain }} group=www-data owner=www-data
   notify: restart apache
 
 - name: Enable blog site
-  command: a2ensite ${domain} creates=/etc/apache2/sites-enabled/${domain}
+  command: a2ensite {{ domain }} creates=/etc/apache2/sites-enabled/{{ domain }}
   notify: restart apache
 

roles/common/tasks/encfs.yml

 
 # If it is empty, we need to create the encfs
 - name: Create encfs
-  shell: printf "p\n${encfs_password}" | encfs /encrypted /decrypted --public --stdinpass && touch /decrypted/test
+  shell: printf "p\n{{ encfs_password }}" | encfs /encrypted /decrypted --public --stdinpass && touch /decrypted/test
   when: encfs_check.rc > 0
 
 # If it isn't empty, we simply need to mount it (but only if /decrypted/test doesn't exist)
 - name: Mount encfs
-  shell: printf "${encfs_password}" | encfs /encrypted /decrypted --public --stdinpass creates="/decrypted/test"
+  shell: printf "{{ encfs_password }}" | encfs /encrypted /decrypted --public --stdinpass creates="/decrypted/test"
   when: encfs_check.rc == 0
 
 - name: Set decrypted directory permissions

roles/common/tasks/users.yml

 - name: Create main user account
-  user: name=${main_user_name} state=present shell=/usr/bin/zsh groups=sudo,fuse
+  user: name={{ main_user_name }} state=present shell=/usr/bin/zsh groups=sudo,fuse

roles/ircbouncer/tasks/znc.yml

     - libperl-dev
 
 - name: Download znc release
-  get_url: url=http://znc.in/releases/archive/znc-${znc_version}.tar.gz dest=/root/znc-${znc_version}.tar.gz
+  get_url: url=http://znc.in/releases/archive/znc-{{ znc_version }}.tar.gz dest=/root/znc-{{ znc_version }}.tar.gz
 
 - name: Decompress znc source
-  command: tar xzf /root/znc-${znc_version}.tar.gz chdir=/root creates=/root/znc-${znc_version}/configure
+  command: tar xzf /root/znc-{{ znc_version }}.tar.gz chdir=/root creates=/root/znc-{{ znc_version }}/configure
 
 - name: Build and install znc
-  shell: ./configure --enable-python ; make ; make install executable=/bin/bash chdir=/root/znc-${znc_version} creates=/usr/local/bin/znc
+  shell: ./configure --enable-python ; make ; make install executable=/bin/bash chdir=/root/znc-{{ znc_version }} creates=/usr/local/bin/znc
 
 - name: Create znc group
   group: name=znc state=present

roles/mailserver/tasks/dovecot.yml

   user: name=vmail group=vmail state=present uid=5000 home=/decrypted
 
 - name: Ensure mail domain directories are in place
-  file: state=directory path=/decrypted/${item.name} owner=vmail group=dovecot mode=770
+  file: state=directory path=/decrypted/{{ item.name }} owner=vmail group=dovecot mode=770
   with_items:
-    - ${mail_virtual_domains}
+    - {{ mail_virtual_domains }}
 
 - name: Ensure mail directories are in place
-  file: state=directory path=/decrypted/${item.name}/${item.primary_user} owner=vmail group=dovecot
+  file: state=directory path=/decrypted/{{ item.name }}/{{ item.primary_user }} owner=vmail group=dovecot
   with_items:
-    - ${mail_virtual_domains}
+    - {{ mail_virtual_domains }}
 
 - name: Copy dovecot.conf into place
   copy: src=etc_dovecot_dovecot.conf dest=/etc/dovecot/dovecot.conf
 
 - name: Copy additional Dovecot configuration files in place
-  copy: src=etc_dovecot_conf.d_${item} dest=/etc/dovecot/conf.d/${item}
+  copy: src=etc_dovecot_conf.d_{{ item }} dest=/etc/dovecot/conf.d/{{ item }}
   with_items:
     - 10-mail.conf
     - 10-auth.conf

roles/mailserver/tasks/dspam.yml

   file: state=directory path=/decrypted/dspam group=dspam owner=dspam
 
 - name: Put dspam configuration files in place
-  copy: src=etc_dspam_{{item}} dest=/etc/dspam/{{item}} owner=dspam group=dspam
+  copy: src=etc_dspam_{{ item }} dest=/etc/dspam/{{ item }} owner=dspam group=dspam
   with_items:
     - default.prefs
     - dspam.conf
   notify: restart postfix
 
 - name: Put dspam dovecot configuration in place
-  copy: src=etc_dovecot_conf.d_{{item}} dest=/etc/dovecot/conf.d/{{item}} owner=vmail group=dovecot
+  copy: src=etc_dovecot_conf.d_{{ item }} dest=/etc/dovecot/conf.d/{{ item }} owner=vmail group=dovecot
   with_items:
     - 20-imap.conf
     - 90-plugin.conf
   notify: restart dovecot
 
 - name: Put sieve rules into each primary user directory
-  copy: src=dot_dovecot.sieve dest=/decrypted/${item.name}/${item.primary_user}/.dovecot.sieve owner=vmail group=dovecot
+  copy: src=dot_dovecot.sieve dest=/decrypted/{{ item.name }}/{{ item.primary_user }}/.dovecot.sieve owner=vmail group=dovecot
   with_items:
-    - ${mail_virtual_domains}
+    - {{ mail_virtual_domains }}
   notify: restart dovecot

roles/mailserver/tasks/opendkim.yml

     - opendkim
     - opendkim-tools
 
-- name: Create OpenDKIM config directory 
+- name: Create OpenDKIM config directory
   file: state=directory path=/etc/opendkim group=opendkim owner=opendkim
 
 - name: Create OpenDKIM key directories
-  file: state=directory path=/etc/opendkim/keys/${item.name} group=opendkim owner=opendkim
+  file: state=directory path=/etc/opendkim/keys/{{ item.name }} group=opendkim owner=opendkim
   with_items:
-    - ${mail_virtual_domains}
+    - {{ mail_virtual_domains }}
 
 - name: Generate OpenDKIM keys
-  command: opendkim-genkey -r -d ${item.name} -D /etc/opendkim/keys/${item.name}/ creates=/etc/opendkim/keys/${item.name}/default.private
+  command: opendkim-genkey -r -d {{ item.name }} -D /etc/opendkim/keys/{{ item.name }}/ creates=/etc/opendkim/keys/{{ item.name }}/default.private
   with_items:
-    - ${mail_virtual_domains}
+    - {{ mail_virtual_domains }}
 
 - name: Put opendkim.conf into place
   copy: src=etc_opendkim.conf dest=/etc/opendkim.conf owner=opendkim group=opendkim
     - restart postfix
 
 - name: Put additional OpenDKIM configuration files into place
-  template: src=etc_opendkim_{{item}}.j2 dest=/etc/opendkim/{{item}} owner=opendkim group=opendkim
+  template: src=etc_opendkim_{{ item }}.j2 dest=/etc/opendkim/{{ item }} owner=opendkim group=opendkim
   with_items:
     - KeyTable
     - SigningTable

roles/mailserver/tasks/postfix.yml

   notify: restart postfix
 
 - name: Copy additional postfix configuration files
-  template: src=etc_postfix_${item}.j2 dest=/etc/postfix/${item} owner=root group=root
+  template: src=etc_postfix_{{ item }}.j2 dest=/etc/postfix/{{ item }} owner=root group=root
   with_items:
     - mysql-virtual-mailbox-domains.cf
     - mysql-virtual-mailbox-maps.cf

roles/mailserver/templates/etc_postfix_main.cf.j2

 # See /usr/share/postfix/main.cf.dist for a commented, more complete version
 # Modified as per http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
- 
+
 smtpd_banner = $myhostname ESMTP $mail_name
 biff = no
- 
+
 # Accept messages up to 50MB
 message_size_limit = 51200000
 
 # appending .domain is the MUA's job.
 append_dot_mydomain = no
- 
+
 # Uncomment the next line to generate "delayed mail" warnings
 #delay_warning_time = 4h
- 
+
 readme_directory = no
 
 # antispam
 unknown_virtual_mailbox_reject_code = 554
 unverified_recipient_reject_code = 554
 unverified_sender_reject_code = 554
- 
+
 # TLS parameters
 smtpd_tls_cert_file=/etc/ssl/certs/wildcard_combined.pem
 smtpd_tls_key_file=/etc/ssl/private/wildcard_private.key
 smtpd_use_tls=yes
-#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
-#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 smtpd_tls_auth_only = yes
 smtp_tls_security_level = may
 smtp_tls_loglevel = 2
 
 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
 # information on enabling SSL in the smtp client.
- 
+
 myhostname = {{ mail_server_hostname }}
 myorigin = $mydomain
 alias_maps = hash:/etc/aliases

roles/monitoring/tasks/monit.yml

   copy: src=etc_monit_monitrc dest=/etc/monit/monitrc
 
 - name: Copy monit service config files into place
-  copy: src=etc_monit_conf.d_${item} dest=/etc/monit/conf.d/${item}
+  copy: src=etc_monit_conf.d_{{ item }} dest=/etc/monit/conf.d/{{ item }}
   with_items:
     - apache2
     - dovecot

roles/tarsnap/tasks/tarsnap.yml

   command:
     gpg --import tarsnap-signing-key.asc
     chdir=/root/
-    
+
 - name: Download tarsnap SHA file
   get_url:
-    url="https://www.tarsnap.com/download/tarsnap-sigs-{{tarsnap_version}}.asc"
-    dest="/root/tarsnap-sigs-{{tarsnap_version}}.asc"
-    
+    url="https://www.tarsnap.com/download/tarsnap-sigs-{{ tarsnap_version }}.asc"
+    dest="/root/tarsnap-sigs-{{ tarsnap_version }}.asc"
+
 - name: Make the command that gets the current sha
   template:
     src=getSha.sh
     dest=/root/getSha.sh
     mode=0755
-    
+
 - name: get the SHA256sum for this tarsnap release
   command:
     ./getSha.sh
     chdir=/root
   register: tarsnap_sha
-  
+
 - name: Download Tarsnap source
   get_url:
-    url="https://www.tarsnap.com/download/tarsnap-autoconf-{{tarsnap_version}}.tgz"
-    dest="/root/tarsnap-autoconf-{{tarsnap_version}}.tgz"
-    sha256sum={{tarsnap_sha.stdout_lines[0]}}
-    
+    url="https://www.tarsnap.com/download/tarsnap-autoconf-{{ tarsnap_version }}.tgz"
+    dest="/root/tarsnap-autoconf-{{ tarsnap_version }}.tgz"
+    sha256sum={{ tarsnap_sha.stdout_lines[0] }}
+
 
 - name: Decompress Tarsnap source
-  command: tar xzf /root/tarsnap-autoconf-${tarsnap_version}.tgz chdir=/root creates=/root/tarsnap-autoconf-${tarsnap_version}/COPYING
+  command: tar xzf /root/tarsnap-autoconf-{{ tarsnap_version }}.tgz chdir=/root creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/COPYING
 
 - name: Configure Tarsnap for local build
-  command: ./configure chdir=/root/tarsnap-autoconf-${tarsnap_version} creates=/root/tarsnap-autoconf-${tarsnap_version}/Makefile
+  command: ./configure chdir=/root/tarsnap-autoconf-{{ tarsnap_version }} creates=/root/tarsnap-autoconf-{{ tarsnap_version }}/Makefile
 
 - name: Build and install Tarsnap
-  command: make all install clean chdir=/root/tarsnap-autoconf-${tarsnap_version} creates=/usr/local/bin/tarsnap
+  command: make all install clean chdir=/root/tarsnap-autoconf-{{ tarsnap_version }} creates=/usr/local/bin/tarsnap
 
 - name: Copy Tarsnap key file into place
   copy: src=root_tarsnap.key dest=/root/tarsnap.key owner=root group=root

roles/tarsnap/templates/getSha.sh

 #!/bin/bash
-gpgResult=`gpg --decrypt tarsnap-sigs-{{tarsnap_version}}.asc`
+gpgResult=`gpg --decrypt tarsnap-sigs-{{ tarsnap_version }}.asc`
 sha=${gpgResult#*=}
 echo $sha > /root/tarsnapSha
 echo $sha