---
- name: Check if ansible is not to old
  hosts: localhost
  roles:
    - {role: do1jlr.ansible_version, tags: [default, version, default, always]}

- name: General roles for all hosts
  hosts: all
  roles:
    - {role: l3d.packages, tags: [packages, general]}
    - {role: do1jlr.ranger, tags: [packages, ranger]}
    - {role: gantsign.bat, tags: [packages, bat], when: [ansible_os_family == 'Debian']}
    - {role: unattended_upgrades, tags: [default, unattended, unattended_upgrades, security], become: true, when: ansible_distribution == 'Debian'}
    - {role: do1jlr.rtl_nic_firmware, tags: [apu, rtl_nic, firmware]}
    - {role: do1jlr.avahi_client, tags: [avahi, avahi_client]}
    - {role: l3d.time.ntp, tags: [ntp]}
    - {role: prometheus.prometheus.node_exporter, tags: [monitoring, node_exporter]}

- name: User specific roles for all hosts
  hosts: all
  roles:
    - {role: do1jlr.admin_base, tags: [default, init, users, accounts, dotfiles]}
    - {role: do1jlr.dotfiles, tags: [default, dotfiles]}
    - {role: geerlingguy.firewall, tags: [default, firewall], become: true}
    - {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true}

- name: Setup Webserver
  hosts: all
  roles:
    - {role: do1jlr.webhost, tags: [web, webhost], become: true}
    - {role: do1jlr.acmetool, tags: [web, acmetool], become: true}
    - {role: do1jlr.nginx, tags: [web, nginx]}
    - {role: l3d.nginx_exporter, tags: [monitoring, nginx, prometheus, exporter]}


- name: Deploy web config
  hosts: web
  roles:
    # - {role: geerlingguy.mysql, tags: [web, git, mysql], become: true}
    - {role: l3d.git.gitea, tags: [web, gitea, git]}

- name: Deploy dns resolver
  hosts: resolver
  roles:
    - {role: do1jlr.unbound, tags: [mail, unbound]}

- name: Deploy services
  hosts: services
  roles:
    - {role: do1jlr.etebase, tags: [etebase, etesync, calendar, kalender, contacts, kontakte]}
    - {role: grafana.grafana.grafana, tags: [grafana. monitoring]}
    - {role: prometheus.prometheus.prometheus, tags: [monitoring, prometheus]}
    - {role: l3d.homebox, tags: [homebox]}

- name: Deploy legacy mail config
  hosts: mail01.l3d.space
  roles:
    # - {role: do1jlr.mysql, tags: [mail, mysql, mariadb], become: true}
    - {role: do1jlr.mailserver_preperation, tags: [mail, mailserver_preperation, prep, mailserver]}
    - {role: do1jlr.dovecot, tags: [mail, dovecot, mailserver_dovecot]}
    - {role: postfix, tags: [mail, postfix]}
    - {role: do1jlr.rspamd, tags: [mail, rspamd]}
    - {role: do1jlr.weechat, tags: [irc, weechat]}

- name: Setup luna.l3d.ch host
  hosts: luna.l3d.ch
  roles: []