- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=mm:mm_stg"

- name: make the boxe be real for real
  hosts: mm:mm_stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - { role: openvpn/client, when: env != "staging" and inventory_hostname.startswith('mm-frontend')  }
  - ipa/client
  - sudo
  - collectd/base
  - { role: nfs/client, when: inventory_hostname.startswith('mm-backend01'), mnt_dir: '/srv/pub',  nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' }

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  tasks:
  - import_tasks: "{{ tasks_path }}/motd.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Deploy the backend
  hosts: mm_backend:mm_backend_stg
  user: root
  gather_facts: True

  vars_files:
  -  /srv/web/infra/ansible/vars/global.yml
  - "/srv/private/ansible/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README

  roles:
  - mirrormanager/backend
  - s3-mirror
  - geoip

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Deploy the crawler
  hosts: mm_crawler:mm_crawler_stg
  user: root
  gather_facts: True

  vars_files:
  -  /srv/web/infra/ansible/vars/global.yml
  - "/srv/private/ansible/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - mirrormanager/crawler
  - { role: rsyncd,
      when: env != "staging" }
  - { role: openvpn/client, when: datacenter != "iad2" }

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Deploy the frontend (web-app)
  hosts: mm_frontend:mm_frontend_stg
  user: root
  gather_facts: True

  vars_files:
  -  /srv/web/infra/ansible/vars/global.yml
  - "/srv/private/ansible/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - mirrormanager/frontend2

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

# Do this one last, since the mirrormanager user needs to exist so that it can
# own the fedmsg certs we put in place here.
- name: Put fedmsg stuff in place
  hosts: mm:mm_stg
  user: root
  gather_facts: True

  vars_files:
  -  /srv/web/infra/ansible/vars/global.yml
  - "/srv/private/ansible/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - role: fedmsg/base
  # Set up for fedora-messaging
  - { role: rabbit/user,
      username: "mirrormanager{{ env_suffix }}"}

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"