initial_server_setup-quick-test.yml

---
# https://stackoverflow.com/questions/18195142/safely-limiting-ansible-playbooks-to-a-single-machine
# - hosts: "{{ target | default('all,!openwrt,!tasmota') }}"
#   remote_user: "{{ ssh_user | default('ansible_adm') }}"
#   gather_facts: no
#   vars_files:
#     - vars/main.yml
#   roles:
#     - role: common_handlers
#       become: true # the whole role, including handlers, will become root
#     - install_files
#     - install_user_files

- hosts: "{{ target | default('all,!openwrt,!tasmota') }}"
  remote_user: "{{ ssh_user | default('ansible_adm') }}"

  vars_files:
    - vars/main.yml

  roles:
    - role: common_handlers
      become: true # the whole role, including handlers, will become root
    # - role: bootstrap
    # - role: ssh_bootstrap
    #   become: true
    # - role: management
    #   when: host_is_mgmt | default(false)
    # - user
    # - essentials
    # - logs
    # - monitoring
    # - role: spectre_mitigations_disabled
    #   when: not (host_is_container | default(false)) and not (host_is_pi | default(false))
    # # pve_server is loaded in bootstrap.yml as well, but that's just to make sure all the repos are there.  No harm updating that here as time goes on
    # - role: hostname
    #   when: not (host_is_container | default(false))
    # - role: fileserver
    #   when: host_is_fileserver | default(false)
    # - role: mailserver
    #   when: host_is_mailserver | default(false)
    # - role: pve_server
    #   when: host_is_pve_server | default(false)
    # - role: virtual
    #   when: host_is_virtual | default(false)
    # - role: physical
    #   when: host_is_physical | default(false)
    # - role: laptop
    #   when: host_is_laptop | default(false)
    # - role: dell_server
    #   when: host_is_dell_server | default(false)
    # - role: desktop
    #   when: host_is_desktop | default(false)
    - role: ssh
    - role: fail2ban