- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=odcs:odcs-stg"

- name: make the box be real
  hosts: odcs:odcs-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - include_tasks: "{{ tasks_path }}/yumrepos.yml"

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - rsyncd
  - sudo
  - collectd/base

  tasks:
  - include_tasks: "{{ tasks_path }}/2fa_client.yml"
  - include_tasks: "{{ tasks_path }}/motd.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: openvpn on the prod frontend nodes
  hosts: odcs-frontend
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - openvpn/client

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Set up a gluster share on the backend for the frontend
  hosts: odcs:odcs-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - role: gluster/consolidated
    gluster_brick_dir: /srv/glusterfs/
    gluster_mount_dir: /srv/odcs
    gluster_brick_name: odcs
    gluster_server_group: odcs-stg
    tags: gluster
    when: env == 'staging'
  - role: gluster/consolidated
    gluster_brick_dir: /srv/glusterfs/
    gluster_mount_dir: /srv/odcs
    gluster_brick_name: odcs
    gluster_server_group: odcs
    tags: gluster
    when: env != 'staging'

- name: Set up odcs frontend service
  hosts: odcs-frontend:odcs-frontend-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - mod_wsgi
  - fedmsg/base
  - odcs/frontend

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Set up odcs backend service
  hosts: odcs-backend:odcs-backend-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - odcs/backend
  - fedmsg/base

  #- role: nfs/client
  #  mnt_dir: '/mnt/fedora_koji'
  #  nfs_src_dir: 'fedora_koji'
  #  when: env != 'staging'

    # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji_prod'
    nfs_src_dir: 'fedora_koji'
    when: env == 'staging'

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"