ansible-infra/deploy.yaml

---
- name: Ensure SSH server config deployment on ssh_server_config_hosts
  hosts: ssh_server_config_hosts
  roles:
    - deploy_ssh_server_config

- name: Ensure deployment of infrastructure authorized keys
  hosts: infrastructure_authorized_keys_hosts
  roles:
    - infrastructure_authorized_keys

- name: Ensure Nextcloud config
  hosts: nextcloud_hosts
  roles:
    - nextcloud

- name: Ensure ola deployment on ola_hosts
  hosts: ola_hosts
  roles:
    - ola

- name: Ensure foobazdmx deployment on foobazdmx_hosts
  hosts: foobazdmx_hosts
  roles:
    - foobazdmx

- name: Ensure Dokuwiki config
  hosts: wiki
  roles:
    - dokuwiki

- name: Ensure NGINX deployment on nginx_hosts, which are also public_reverse_proxy_hosts, before certbot role runs
  hosts: nginx_hosts:&public_reverse_proxy_hosts
  roles:
    - nginx

- name: Ensure certbot and certificate deployment on certbot_hosts
  hosts: certbot_hosts
  roles:
    - certbot

- name: Ensure Docker Compose deployment on docker_compose_hosts
  hosts: docker_compose_hosts
  roles:
    - docker_compose

- name: Ensure NGINX deployment on nginx_hosts
  hosts: nginx_hosts:!public_reverse_proxy_hosts
  roles:
    - nginx

- name: Ensure prometheus_node_exporter deployment on prometheus_node_exporter_hosts
  hosts: prometheus_node_exporter_hosts
  roles:
    - prometheus_node_exporter

- name: Configure unattended upgrades
  hosts: all
  become: true
  roles:
    - role: debops.debops.unattended_upgrades
      vars:
        unattended_upgrades__origins:
          - "o=${distro_id},n=${distro_codename}"
          - "o=Docker,n=${distro_codename}"
          - "o=nginx,n=${distro_codename}"