hypervisors/ansible/hypervisors.yml

---
- hosts: hypervisors

  handlers:
    - name: enable interfaces
      command:
        cmd: ifup -a

  pre_tasks:
    - name: Set timezone
      timezone:
        name: Europe/Amsterdam

    - name: Create data directory
      file:
        path: /data
        state: directory
        mode: og=rwx

  roles:
    - {role: setup_apt, tags: setup_apt}
    - {role: libvirt, tags: libvirt}

- hosts: atlas

  roles:
    - {role: postgresql, tags: postgresql}
    - {role: ssh_ca, tags: ssh_ca}
    - {role: wireguard, tags: wireguard}

- hosts: hypervisors

  pre_tasks:
    - name: Copy interfaces configuration
      copy:
        src: dmz.conf
        dest: /etc/network/interfaces.d/dmz.conf
      register: interfaces

    - name: Enable interfaces
      command:
        cmd: ifup -a
      when: interfaces.changed

    - name: Delete externally managed environment file
      shell:
        cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"
      register: rm
      changed_when: "rm.rc == 0"
      failed_when: "false"

  roles:
    - {role: ssh_ca_known_hosts, tags: ssh_ca_known_hosts}
    - {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}
    - {role: borg, tags: borg}