#!/usr/bin/env ansible-playbook # vim:ft=ansible: --- # Preambulatory system configuration - hosts: all roles: - role: common tags: [ common ] - role: ansible-pull tags: [ ansible, common ] # Database servers - hosts: db1.test.desu.ltd roles: - role: geerlingguy.postgresql vars: postgresql_hba_entries: # Just allow all access on this block. # When rolling out to our new env, I'll allow by particular IP alone - { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 } become: yes tags: [ db, psql ] # Webservers - hosts: web1.test.desu.ltd roles: - role: geerlingguy.apache become: yes tags: [ web, apache ] - role: geerlingguy.php become: yes tags: [ web, php ]