ansible-infra/ansible_collections/debops/debops/playbooks/service/tinc-plain.yml

---
# Copyright (C) 2015-2017 Maciej Delmanowski <drybjed@gmail.com>
# Copyright (C) 2016-2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2015-2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only

- name: Configure Tinc VPN
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_tinc', 'debops_service_tinc_aux' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  pre_tasks:

    - name: Prepare tinc environment
      ansible.builtin.import_role:
        name: 'tinc'
        tasks_from: 'main_env'
      tags: [ 'role::tinc', 'role::tinc:secret', 'role::secret', 'role::ferm' ]

  roles:

    - role: secret
      tags: [ 'role::secret', 'role::tinc:secret' ]
      secret__directories: '{{ tinc__env_secret__directories }}'

    - role: etc_services
      tags: [ 'role::etc_services', 'skip::etc_services' ]
      etc_services__dependent_list: '{{ tinc__env_etc_services__dependent_list }}'

    - role: ferm
      tags: [ 'role::ferm', 'skip::ferm' ]
      ferm__dependent_rules: '{{ tinc__env_ferm__dependent_rules }}'

    - role: tinc
      tags: [ 'role::tinc', 'skip::tinc' ]