diff options
| -rw-r--r-- | common.yml | 23 | ||||
| -rw-r--r-- | roles/common/handlers/main.yml | 3 |
2 files changed, 23 insertions, 3 deletions
@@ -1,34 +1,57 @@ --- # XXX: This organization is unfortunate. As of Ansible 1.4, roles are # applied playbook by playbook and not globally for the whole inventory; # therefore if two playbooks are given the role 'common', the tasks # defined in 'common' would be run twice. # The quickfix to ensure that plays are role-disjoint is to create a # separate play for each role. Of course the downside is that we loose # (most of) the advantage of roles... - name: Common tasks hosts: all roles: - common +- name: Base system + hosts: IMAP:MX:MSA:webmail:lists:wiki:git + gather_facts: False + tasks: + - name: Copy LetsEncrypt's ACME client + copy: src=deb/letsencrypt-tiny_0.1-1_all.deb + dest=/tmp + notify: Install LetsEncrypt's ACME client + - genkey + - name: Create a user 'letsencrypt' + user: name=letsencrypt system=yes + group=nogroup + createhome=no + home=/nonexistent + shell=/usr/sbin/nologin + password=! + state=present + handlers: + - name: Install LetsEncrypt's ACME client + apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb + tags: + - letsencrypt + - name: Common SQL tasks hosts: MDA:webmail:lists:bacula-dir gather_facts: False tags: mysql,sql roles: - common-SQL - name: Common LDAP tasks hosts: MDA:MSA:LDAP-provider:MX gather_facts: True tags: slapd,ldap roles: - common-LDAP - name: Configure the LDAP provider hosts: LDAP-provider gather_facts: False tags: slapd,ldap roles: - LDAP-provider diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml index 07047c7..a852c4d 100644 --- a/roles/common/handlers/main.yml +++ b/roles/common/handlers/main.yml @@ -35,23 +35,20 @@ - name: Restart Postfix service: name=postfix state=restarted - name: Reload Postfix service: name=postfix state=reloaded - name: Restart stunnel service: name=stunnel4 pattern=/usr/bin/stunnel4 state=restarted - name: Restart bacula-fd service: name=bacula-fd state=restarted - name: Update certificate command: update-ca-certificates - name: Restart munin-node service: name=munin-node state=restarted - name: Restart freshclam service: name=clamav-freshclam state=restarted - -- name: Install LetsEncrypt's ACME client - apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb |