1 files changed, 23 insertions, 0 deletions

diff --git a/common.yml b/common.yml
index bd2f3db..d689e04 100644
--- a/common.yml
+++ b/common.yml
@@ -1,34 +1,57 @@
 ---
 # XXX: This organization is unfortunate. As of Ansible 1.4, roles are
 # applied playbook by playbook and not globally for the whole inventory;
 # therefore if two playbooks are given the role 'common', the tasks
 # defined in 'common' would be run twice.
 # The quickfix to ensure that plays are role-disjoint is to create a
 # separate play for each role. Of course the downside is that we loose
 # (most of) the advantage of roles...
 
 - name: Common tasks
   hosts: all
   roles:
     - common
 
+- name: Base system
+  hosts: IMAP:MX:MSA:webmail:lists:wiki:git
+  gather_facts: False
+  tasks:
+    - name: Copy LetsEncrypt's ACME client
+      copy: src=deb/letsencrypt-tiny_0.1-1_all.deb
+            dest=/tmp
+      notify: Install LetsEncrypt's ACME client
+       - genkey
+    - name: Create a user 'letsencrypt'
+      user: name=letsencrypt system=yes
+            group=nogroup
+            createhome=no
+            home=/nonexistent
+            shell=/usr/sbin/nologin
+            password=!
+            state=present
+  handlers:
+    - name: Install LetsEncrypt's ACME client
+      apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb
+  tags:
+   - letsencrypt
+
 - name: Common SQL tasks
   hosts: MDA:webmail:lists:bacula-dir
   gather_facts: False
   tags: mysql,sql
   roles:
     - common-SQL
 
 - name: Common LDAP tasks
   hosts: MDA:MSA:LDAP-provider:MX
   gather_facts: True
   tags: slapd,ldap
   roles:
     - common-LDAP
 
 - name: Configure the LDAP provider
   hosts: LDAP-provider
   gather_facts: False
   tags: slapd,ldap
   roles:
     - LDAP-provider