#!/usr/bin/env ansible-playbook
---
# Set variable adm_iface for all servers
# - hosts: server
#   tasks:
#     - name: Register adm interface in adm_iface variable
#       shell: set -o pipefail && grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
#       register: adm_iface
#       check_mode: false
#       changed_when: true
#       args:
#         executable: /bin/bash

# Common CRANS configuration for all servers
- hosts: server
  vars:
    # Group permissions
    ssh_allow_groups: ssh nounou apprenti cableur root

    # Scripts will tell users to go there to manage their account
    intranet_url: 'https://intranet.crans.org/'

    # # Will be in /usr/scripts/
    # crans_scripts_git: "http://gitlab.adm.crans.org/nounous/scripts.git"

    # NTP servers
    ntp_servers:
      - charybde.adm.crans.org
    #   - silice.adm.crans.org
  roles:
    - common-tools
    - debian-apt-sources
    - ldap-client
    - openssh
    - sudo
    - ntp-client
    # - crans-scripts
    - root-config

# Deploy LDAP replica
- hosts: odlyd.adm.crans.org,soyouz.adm.crans.org,fy.adm.crans.org,thot.adm.crans.org
  roles: []  # TODO

- hosts: otis.adm.crans.org
  roles:
    - ansible

# Tools for members
- hosts: zamok.adm.crans.org
  roles:
#     - zamok-tools

# - import_playbook: plays/mail.yml
- import_playbook: plays/nfs.yml
# - import_playbook: plays/logs.yml
# - import_playbook: plays/backup.yml
# - import_playbook: plays/network-interfaces.yml
# - import_playbook: plays/monitoring.yml
# - import_playbook: plays/generate_documentation.yml

# Services that only apply to a subset of server
# - import_playbook: plays/tv.yml
# - import_playbook: plays/mailman.yml
# - import_playbook: plays/dhcp.yml
# - import_playbook: plays/dns.yml
# - import_playbook: plays/wireguard.yml
# - import_playbook: plays/mirror.yml
# - import_playbook: plays/owncloud.yml
# - import_playbook: plays/reverse-proxy.yml