---
- import_playbook: "include/deploy-kvm-guest.yml myhosts=adm01.home.foo.sh"

- name: configure instance
  hosts: adm
  user: root
  gather_facts: true

  vars_files:
    - "{{ ansible_private }}/vars.yml"

  pre_tasks:
    - name: mount /export
      mount:
        name: /export
        src: LABEL=/export
        fstype: xfs
        opts: noatime,noexec,nosuid,nodev
        passno: "0"
        dump: "0"
        state: mounted

  roles:
    - base
    - ansible-host
    - certbot
    - kerberos/client
    - ldap/client
    - ldap/nss
    - role: kerberos/keytab
      principals:
        - "host/{{ inventory_hostname }}@FOO.SH"
    - web-build

  tasks:
    - name: install packages
      package:
        name: "{{ item }}"
        state: installed
      with_items:
        - libvirt-client
        - make
        - virt-install
        - yamllint
    - name: disable ip host key checking from ssh
      copy:
        content: |
          Host *.home.foo.sh
            CheckHostIP no
          Host vmhost01.home.foo.sh
            ProxyJump root@ssh.foo.sh
          Host vm03.home.foo.sh
            ProxyJump root@ssh.foo.sh
        dest: /root/.ssh/config
        mode: 0600
        owner: root
        group: "{{ ansible_wheel }}"