-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsite.yml
35 lines (33 loc) · 1.23 KB
/
site.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---
# All tasks are run as the deploy user, which can sudo when needed.
# DNS needs to be up first so that certbot can find us to issue a
# cert. This probably means a two phase thing - common firewall and
# dns, wait for propogation, and then the rest.
- hosts: cloud
remote_user: "{{ deploy_acct }}"
become: True
force_handlers: True
vars:
ansible_ssh_common_args: '-o StrictHostKeyChecking=accept-new'
ansible_ssh_private_key_file: "{{ deploy_acct_sshkey }}"
roles:
- { role: common, tags: common }
- { role: cryptdir, tags: cryptdir }
- { role: apache, tags: web }
- { role: mailhost, tags: mail }
- { role: bacula-client, tags: bacula-client }
# On the director machine we also need the client because we are doing
# a local backup of the catalog.
- hosts: backup_server
remote_user: "{{ deploy_acct }}"
become: True
force_handlers: True
vars:
ansible_ssh_common_args: '-o StrictHostKeyChecking=accept-new'
ansible_ssh_private_key_file: "{{ deploy_acct_sshkey }}"
roles:
- { role: common, tags: common }
- { role: mailnull, tags: mail }
- { role: cryptdir, tags: cryptdir }
- { role: bacula-client, tags: bacula-client }
- { role: bacula-director, tags: bacula-director }