4 files changed, 23 insertions, 23 deletions

diff --git a/roles/pf/defaults/main.yml b/roles/pf/defaults/main.yml
index 90b4c7e..7e8ac41 100644
--- a/roles/pf/defaults/main.yml
+++ b/roles/pf/defaults/main.yml
@@ -1,8 +1,8 @@
 ---
 
-pf_rules: null
+pf__rules: null
 
-pf_configuration_file: /etc/pf.conf
-pf_test_delay: 2
-pf_test_ports:
+pf__configuration_file: /etc/pf.conf
+pf__test_delay: 2
+pf__test_ports:
   - "{{ ansible_port }}"
diff --git a/roles/pf/meta/main.yml b/roles/pf/meta/main.yml
index 8a6aa88..9c02951 100644
--- a/roles/pf/meta/main.yml
+++ b/roles/pf/meta/main.yml
@@ -5,7 +5,7 @@ argument_specs:
     short_description: pf main entrypoint.
     options:
 
-      pf_rules:
+      pf__rules:
         type: list
         elements: dict
         required: true
@@ -25,17 +25,17 @@ argument_specs:
             required: true
             description: Port to be configured
 
-      pf_configuration_file:
+      pf__configuration_file:
         type: path
         required: true
         description: Pf configuration file
 
-      pf_test_delay:
+      pf__test_delay:
         type: int
         required: true
         description: Pf test delay
 
-      pf_test_ports:
+      pf__test_ports:
         type: list
         element: int
         required: true
diff --git a/roles/pf/tasks/main.yml b/roles/pf/tasks/main.yml
index 4fba69e..9737315 100644
--- a/roles/pf/tasks/main.yml
+++ b/roles/pf/tasks/main.yml
@@ -3,35 +3,35 @@
 - name: generate pf configuration
   ansible.builtin.template:
     src: pf.conf.j2
-    dest: "{{ pf_configuration_file }}"
+    dest: "{{ pf__configuration_file }}"
     owner: 0
     group: 0
     mode: "0600"
-  register: pf_result_generate_configuration
+  register: pf__result_generate_configuration
 
 - name: lint pf configuration  # noqa: no-handler
-  ansible.builtin.command: "pfctl -nf {{ pf_configuration_file }}"
-  register: pf_result_lint_configuration
+  ansible.builtin.command: "pfctl -nf {{ pf__configuration_file }}"
+  register: pf__result_lint_configuration
   changed_when:
-    - pf_result_generate_configuration.changed
-    - pf_result_lint_configuration.rc != 0
+    - pf__result_generate_configuration.changed
+    - pf__result_lint_configuration.rc != 0
 
 - name: restart pf  # noqa: no-handler
-  ansible.builtin.command: pfctl -f "{{ pf_configuration_file }}"
-  when: pf_result_generate_configuration.changed
+  ansible.builtin.command: pfctl -f "{{ pf__configuration_file }}"
+  when: pf__result_generate_configuration.changed
 
 - name: test pf rules
   ansible.builtin.wait_for:
     port: "{{ item }}"
-    delay: "{{ pf_test_delay }}"
+    delay: "{{ pf__test_delay }}"
     state: started
-  loop: "{{ pf_test_ports }}"
+  loop: "{{ pf__test_ports }}"
 
 - name: enable pf
   ansible.builtin.command: pfctl -e
-  register: pf_result_enable
+  register: pf__result_enable
   changed_when:
-    - "'already enabled' not in pf_result_enable.stderr"
+    - "'already enabled' not in pf__result_enable.stderr"
   failed_when:
-    - pf_result_enable.rc != 0
-    - "'already enabled' not in pf_result_enable.stderr"
+    - pf__result_enable.rc != 0
+    - "'already enabled' not in pf__result_enable.stderr"
diff --git a/roles/pf/templates/pf.conf.j2 b/roles/pf/templates/pf.conf.j2
index 193c9d2..2f159b4 100644
--- a/roles/pf/templates/pf.conf.j2
+++ b/roles/pf/templates/pf.conf.j2
@@ -11,7 +11,7 @@ block all
 pass in quick on egress proto tcp to port {{ ansible_port }}
 
 # host services
-{% for rule in pf_rules %}
+{% for rule in pf__rules %}
 # {{ rule.name }}
 pass in quick on egress proto {{ rule.protocol }} to port {{ rule.port }}
 {% endfor %}