ansible_playbook_servers/site.yml

---
- name: check if ansible is not to old
  hosts: localhost
  roles:
    - { role: do1jlr.ansible_version, tags: [default,version,default,always], gather_facts: false}


- name: general roles for all hosts
  hosts: all
  roles:
    - { role: base, tags: [default,packages,base]}
    - { role: ranger, tags: [packages,ranger]}
    - { role: bat, tags: [packages,bat], when: [ansible_os_family == 'Debian']}

- name: user specific roles for all hosts
  hosts: all
  roles:
    - { role: users, tags: [default,users]}
    - { role: dotfiles, tags: [default,dotfiles]}
    - { role: ssh_auth, tags: [default,users]}
    - { role: sshd, tags: [default,users]}
    - { role: geerlingguy.firewall, tags: [default,firewall], become: true}
    - { role: robertdebock.fail2ban, tags: [default,fail2ban], become: true}

- name: deploy web config
  hosts: web
  roles:
    - { role: webhost2, tags: [web,webhost]}
    - { role: acmetool_fix, tags: [web,acmetool]}
    - { role: acmetool2, tags: [web,acmetool]}
    - { role: nginx2, tags: [web,nginx]}
    - { role: geerlingguy.mysql, tags: [web,git,mysql]}
    - { role: gitea, tags: [web,gitea,git]}
    - { role: goaccess, tags: [web,goaccess]}

- name: deploy mail config
  hosts: mail
  roles:
    - { role: do1jlr.mailserver_preperation, tags: [mail,mailserver_preperation,prep,mailserver]}
    - { role: unbound, tags: [mail,unbound]}
    - { role: webhost2, tags: [mail,webhost]}
    - { role: acmetool_fix, tags: [mail,acmetool]}
    - { role: acmetool2, tags: [mail,acmetool]}
    - { role: nginx2, tags: [mail,nginx]}
    - { role: geerlingguy.mysql, tags: [mail,mysql,mariadb]}
    - { role: do1jlr.dovecot, tags: [mail,dovecot,mailserver_dovecot]}
    - { role: postfix, tags: [mail,postfix]}
    - { role: do1jlr.rspamd, tags: [mail,rspamd,dcim]}
Initial commit 2020-12-12 23:03:33 +01:00			`---`
Update submodules and add versionscheck 2021-01-14 22:29:57 +01:00			`- name: check if ansible is not to old`
			`hosts: localhost`
			`roles:`
update yamllint and modules 2021-01-20 22:54:29 +01:00			`- { role: do1jlr.ansible_version, tags: [default,version,default,always], gather_facts: false}`
Update submodules and add versionscheck 2021-01-14 22:29:57 +01:00
Initial commit 2020-12-12 23:03:33 +01:00
update users 2020-12-22 23:53:15 +01:00			`- name: general roles for all hosts`
Initial commit 2020-12-12 23:03:33 +01:00			`hosts: all`
			`roles:`
			`- { role: base, tags: [default,packages,base]}`
			`- { role: ranger, tags: [packages,ranger]}`
			`- { role: bat, tags: [packages,bat], when: [ansible_os_family == 'Debian']}`
update users 2020-12-22 23:53:15 +01:00
			`- name: user specific roles for all hosts`
			`hosts: all`
			`roles:`
			`- { role: users, tags: [default,users]}`
Initial commit 2020-12-12 23:03:33 +01:00			`- { role: dotfiles, tags: [default,dotfiles]}`
update users 2020-12-22 23:53:15 +01:00			`- { role: ssh_auth, tags: [default,users]}`
			`- { role: sshd, tags: [default,users]}`
Add fail2ban and firewall 2020-12-31 20:29:38 +01:00			`- { role: geerlingguy.firewall, tags: [default,firewall], become: true}`
			`- { role: robertdebock.fail2ban, tags: [default,fail2ban], become: true}`
web site deployment ongoing 2020-12-23 01:17:14 +01:00
			`- name: deploy web config`
			`hosts: web`
			`roles:`
update module and ansible config 2020-12-23 17:09:14 +01:00			`- { role: webhost2, tags: [web,webhost]}`
try to fix acmetool and fix template path 2020-12-23 20:02:06 +01:00			`- { role: acmetool_fix, tags: [web,acmetool]}`
web site deployment ongoing 2020-12-23 01:17:14 +01:00			`- { role: acmetool2, tags: [web,acmetool]}`
			`- { role: nginx2, tags: [web,nginx]}`
deploy backwesen.de 2021-01-04 21:52:10 +01:00			`- { role: geerlingguy.mysql, tags: [web,git,mysql]}`
			`- { role: gitea, tags: [web,gitea,git]}`
Add goaccess 2020-12-24 02:38:51 +01:00			`- { role: goaccess, tags: [web,goaccess]}`
improve website collection 2021-01-01 02:52:42 +01:00
try to do smth. with mail 2021-01-02 02:03:34 +01:00			`- name: deploy mail config`
			`hosts: mail`
			`roles:`
ansible migrate prep to submodule 2021-01-16 18:04:32 +01:00			`- { role: do1jlr.mailserver_preperation, tags: [mail,mailserver_preperation,prep,mailserver]}`
unbound added 2021-01-02 06:27:07 +01:00			`- { role: unbound, tags: [mail,unbound]}`
Add tls 2021-01-02 22:19:16 +01:00			`- { role: webhost2, tags: [mail,webhost]}`
			`- { role: acmetool_fix, tags: [mail,acmetool]}`
			`- { role: acmetool2, tags: [mail,acmetool]}`
			`- { role: nginx2, tags: [mail,nginx]}`
enable ansible vault 2021-01-02 22:37:59 +01:00			`- { role: geerlingguy.mysql, tags: [mail,mysql,mariadb]}`
dovecot 2021-01-16 19:38:03 +01:00			`- { role: do1jlr.dovecot, tags: [mail,dovecot,mailserver_dovecot]}`
robertdebock.dovecot does not fit for my usecase 2021-01-14 20:21:49 +01:00			`- { role: postfix, tags: [mail,postfix]}`
basically install rspamd 2021-01-21 20:51:22 +01:00			`- { role: do1jlr.rspamd, tags: [mail,rspamd,dcim]}`