ansible/playbooks/groups/people.yml

# Create a people server
#
#
- include: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=people01.fedoraproject.org"

- name: make the box be real
  hosts: people01.fedoraproject.org
  user: root
  gather_facts: True

  vars_files: 
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:

  - name: mount project volume
    mount: >
        name=/project
        src=/dev/mapper/GuestVolGroup00-project
        fstype=xfs
        opts="noatime,noexec,nosuid,nodev"
        passno=0
        dump=0
        state=mounted
    tags:
    - mount

  - name: mount srv volume
    mount: >
        name=/srv
        src=/dev/mapper/GuestVolGroup00-srv
        fstype=xfs
        opts="usrquota,gqnoenforce,noatime,noexec,nosuid,nodev"
        passno=0
        dump=0
        state=mounted
    tags:
    - mount

  - name: create /srv/home directory
    file: path=/srv/home state=directory owner=root group=root

  - name: bind mount home volume
    mount: >
        name=/home
        src=/srv/home
        fstype=none
        opts=bind
        passno=0
        dump=0
        state=mounted
    tags:
    - mount

  roles:
  - base
  - collectd/base
  - fas_client
  - hosts
  - nagios_client
  - rkhunter
  - rsyncd
  - sudo
  - { role: openvpn/client, when: env != "staging" }
  - cgit/base
  - cgit/clean_lock_cron
  - cgit/make_pkgs_list
  - clamav
  - planet
  - fedmsg/base
  - git/server

  - role: apache

  - role: httpd/mod_ssl

  - role: httpd/certificate
    name: wildcard-2014.fedorapeople.org
    SSLCertificateChainFile: wildcard-2014.fedorapeople.org.intermediate.cert

  - people
 
  tasks:
  - include: "{{ tasks }}/yumrepos.yml"
  - include: "{{ tasks }}/2fa_client.yml"
  - include: "{{ tasks }}/motd.yml"

  handlers:
  - include: "{{ handlers }}/restart_services.yml"