---
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
  vars:
    myhosts: "batcave"

- name: Make the box be real
  hosts: batcave
  user: root
  gather_facts: true

  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - "/srv/private/ansible/vars.yml"
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - openvpn/client
  - zabbix/zabbix_agent
  - ipa/client
  - ansible-server
  - sudo
  - collectd/base
  - role: git/hooks
  - rsyncd
  - apache
  - httpd/mod_ssl
  - role: httpd/certificate
    certname: "{{wildcard_cert_name}}"
    SSLCertificateChainFile: "{{wildcard_int_file}}"
  - role: rabbit/user
    user_name: "batcave{{ env_suffix }}"
    user_sent_topics: ^org\.fedoraproject\.{{ env_short }}\.(ansible|git|infragit|logger)\..*
  - role: rabbit/queue
    queue_username: "mirror_forge_ansible{{ env_suffix }}"
    queue_name: "mirror_forge_ansible{{ env_suffix }}"
    queue_routing_keys:
    - "org.fedoraproject.prod.forgejo.push"
    queue_thresholds:
      warning: 10
      critical: 100
    user_sent_topics: ^$
  - batcave
  - role: grobisplitter
    when: datacenter == 'rdu3'
  - { role: nfs/client, when: inventory_hostname.startswith('batcave'), mnt_dir: '/srv/web/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' }
  - { role: nfs/client, when: inventory_hostname.startswith('batcave01'), mnt_dir: '/mnt/fedora/app', nfs_src_dir: 'fedora_app/app' }
  - { role: mirror_forge_ansible, tags: ['mirror_forge_ansible'] }
  - kickstarts

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"