#!/usr/bin/env ansible-playbook
---
# Deploy Re2o
- hosts: otis.adm.crans.org
  vars:
    re2o:
      owner: root
      group: nounou
      version: dev_crans
      settings_local_owner: root
      settings_local_group: root
      db_password: "{{ vault_re2o_db_password }}"
      django_secret_key: "{{ vault_re2o_django_secret_key }}"
      aes_key: "{{ vault_re2o_aes_key }}"
    ldap:
      master_password: "{{ vault_ldap_master_password }}"
  roles:
    - re2o

# Deploy services config on all servers
- hosts: server
  vars:
    re2o:
      server: re2o.adm.crans.org
      service_user: "{{ vault_re2o_service_user }}"
      service_password: "{{ vault_re2o_service_password }}"
    mail_server: smtp.adm.crans.org
  roles:
    - re2o-services

# Deploy re2o dns service on dns server
- hosts: silice.adm.crans.org
  roles:
    - re2o-dns

# Deploy re2o home service on nfs server
- hosts: zbee.adm.crans.org
  roles:
    - re2o-home

# Deploy re2o notif-users service on zamok
- hosts: zamok.adm.crans.org
  roles:
    - re2o-notif-users

# Deploy re2o dhcp on dhcp servers
- hosts: odlyd.adm.crans.org,dhcp.adm.crans.org
  roles:
    - re2o-dhcp

# Deploy re2o firewall on servers
- hosts: gulp.adm.crans.org,odlyd.adm.crans.org,ipv6-zayo.adm.crans.org,zamok.adm.crans.org,routeur.adm.crans.org
  roles:
    - re2o-firewall

# Re2o firewall specific configuration for gulp
- hosts: gulp.adm.crans.org
  roles:
    - re2o-firewall-gulp

# Re2o firewall specific configuration for odlyd
- hosts: odlyd.adm.crans.org
  roles:
    - re2o-firewall-odlyd

# Re2o firewall specific configuration for ipv6-zayo
- hosts: ipv6-zayo.adm.crans.org
  roles:
    - re2o-firewall-ipv6-zayo

# Re2o firewall specific configuration for zamok
- hosts: zamok.adm.crans.org
  roles:
    - re2o-firewall-zamok

# Re2o firewall specific configuration for routeur
- hosts: routeur.adm.crans.org
  roles:
    - re2o-firewall-routeur

# Deploy re2o mail-server on MTA and MDA
- hosts: titanic.adm.crans.org,sputnik.adm.crans.org
  roles:
    - re2o-mail-server