### -*-yaml-*-
###
### Tasks applicable for all Debian hosts.

---

###--------------------------------------------------------------------------
### Necessary packages.

- name: read required package lists
  tags: [pkgs]
  include_vars: vars/pkglists.yml

- name: install universally applicable Debian packages
  tags: [pkgs]
  apt: name={{ item }} state=installed
  with_items: pkglist.base

- name: install Debian packages for physical hosts
  tags: [pkgs]
  apt: name={{ item }} state=installed
  with_items: pkglist.physical
  when: vm_host is not defined

- name: install Debian packages for servers
  tags: [pkgs]
  apt: name={{ item }} state=installed
  with_items: pkglist.server
  when: server is defined

- name: install Debian packages for VM hosts
  tags: [pkgs]
  apt: name={{ item }} state=installed
  with_items: pkglist.vmhost
  when: (vm_role |default('none')) == 'host'

###--------------------------------------------------------------------------
### PKI machinery.

- name: install PKI maintenance scripts
  tags: [pki, pki-scripts]
  copy: src=pki/{{ item }} dest=/etc/cron.daily/
  with_items:
    - update-ca-certs
    - check-x509-certs

###--------------------------------------------------------------------------
### Mail configuration.

- name: build mail configuration files
  tags: [mail, mail-config]
  local_action: command make chdir={{ rootdir }}/exim-config/
  run_once: true

- name: install appropriate email configuration
  tags: [mail, mail-config]
  copy: src=exim-config/exim4-{{ mail_mode |default('satellite')}}.conf
        dest=/etc/exim4/exim4.conf
  notify: restart exim

### FIXME: set up certificates and so on. [mail, mail-pki]

###--------------------------------------------------------------------------
### Some unpleasant hacks.

# - name: Trap for yaid

###----- That's all, folks --------------------------------------------------