#!/usr/bin/env ansible-playbook
---
- hosts: eap.adm.crans.org, odlyd.adm.crans.org, radius.adm.crans.org
  vars:
    certbot:
      dns_rfc2136_name: certbot_challenge.
      dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
      mail: root@crans.org
      certname: crans.org
      domains: "crans.org"
    bind:
      masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
  roles:
    - certbot
    - freeradius