#!/usr/bin/env ansible-playbook
---
# root is the first playbook to launch (as root) whe initiation a new server
- hosts: tealc.adm.crans.org
  roles:
    - baie

- hosts: virtu
  roles:
    - proxmox-apt-sources

- hosts: server
  vars:
    # # Will be in /usr/scripts/
    # crans_scripts_git: "http://gitlab.adm.crans.org/nounous/scripts.git"

    # NTP servers
    ntp_servers:
      - charybde.adm.crans.org
    #   - silice.adm.crans.org
  roles:
    - debian-apt-sources
    - common-tools
    - sudo
    - ntp-client
    # - crans-scripts
    - root-config

- hosts: crans_vm
  roles:
    - qemu-guest-agent
    - serial-tty

- hosts: ldap_server
  vars:
    slapd: '{{ glob_slapd | combine(loc_slapd | default({})) }}'
    ldap:
      private_key: "{{ vault_ldap_private_key }}"
      certificate: "{{ vault_ldap_certificate }}"
  roles:
    - slapd

- hosts: server
  vars:
    ldap: '{{ glob_ldap | combine(loc_ldap | default({})) }}'
  roles:
    - ldap-client
    - home-nounous

- hosts: server,!virtu
  roles:
    - openssh