---
- import_playbook: "include/deploy-kvm-guest.yml myhosts=nms"

- name: configure instance
  hosts: nms
  user: root
  gather_facts: true

  pre_tasks:
    - name: mount /export
      mount:
        name: /export
        src: LABEL=/export
        fstype: xfs
        opts: noatime,noexec,nosuid,nodev
        passno: "0"
        dump: "0"
        state: mounted

  vars_files:
    - "{{ ansible_private }}/vars.yml"

  roles:
    - base
    - sssd
    - mkhomedir
    - tftp

  tasks:
    - import_role:
        name: rsyslog
        tasks_from: udp-listen
    - import_role:
        name: postfix
        tasks_from: relay
      vars:
        relay_domains: [foo.sh]

    - name: copy dns zone files
      copy:
        dest: "/var/lib/unbound/{{ item }}"
        src: "/srv/dns/{{ item }}"
        mode: 0644
        owner: root
        group: "{{ ansible_wheel }}"
      tags: dns
      notify: restart unbound
      with_items:
        - 25.20.172.in-addr.arpa
        - oob.foo.sh
    - import_role:
        name: unbound

    # convert this to role for restart support
    - name: enable ntp server for oob network
      lineinfile:
        path: /etc/chrony.conf
        regexp: "^#?allow .*"
        line: "allow 172.20.25.0/24"

    - name: install extra tools
      package:
        name: "{{ item }}"
        state: installed
      with_items:
        - net-snmp-utils
        - nmap
        - rcs
        - scanssh
        - sslscan
        - unzip
        - wget