prevent SMTP smuggling
[ansible.git] / site.yml
index 47d75181515ecbd84435e2ede17bc5ec7ca07007..d503df387bc67c2d98a51316b364ddb5036a1622 100644 (file)
--- a/site.yml
+++ b/site.yml
@@ -1,3 +1,69 @@
-- import_playbook: base.yml
-- import_playbook: upgrade.yml
-- import_playbook: email.yml
+# Dependencies are "expressed" by the hosts file, e.g.
+# ```
+# [email:children]
+# journalwatch
+# [letsencrypt:children]
+# prosody
+# ```
+# I tried using role dependencies but that doesn't interact well with tags:
+# When restricting to a tag, its dependencies still get played.
+
+- hosts: all
+  gather_facts: no
+  pre_tasks:
+  - setup:
+  roles:
+  - base
+  tags: base
+
+- hosts: unbound
+  gather_facts: no
+  roles:
+  - unbound
+  tags: unbound
+
+- hosts: letsencrypt
+  gather_facts: no
+  roles:
+  - letsencrypt
+  tags: letsencrypt
+
+- hosts: email
+  gather_facts: no
+  roles:
+  - email
+  tags: email
+
+- hosts: journalwatch
+  # depends: email
+  gather_facts: no
+  roles:
+  - journalwatch
+  tags: journalwatch
+
+- hosts: bind
+  gather_facts: no
+  roles:
+  - bind
+  tags: bind
+
+- hosts: etherpad
+  gather_facts: no
+  roles:
+  - etherpad
+  tags: etherpad
+
+- hosts: prosody
+  # depends: letsencrypt
+  gather_facts: no
+  pre_tasks:
+  - setup:
+  roles:
+  - prosody
+  tags: prosody
+
+- hosts: apache
+  gather_facts: no
+  roles:
+  - apache
+  tags: apache