---
# 1) Deploy the lxc container(s)
- hosts: ldap
  # The host may not exist yet: do not gather facts
  gather_facts: false
  tags:
    - lxc
  tasks:
    # Delegate lxc container deployment to `ansible_lxc_host`
    - import_role: name='lxc_guest'
      vars:
        vm_name: '{{ inventory_hostname }}'
        vm_size: '1G'
        vg_name: '{{ hostvars[ansible_lxc_host]["vg_name"] }}'
      delegate_to: '{{ ansible_lxc_host }}'
    # The host may not be directly reachable: use `ssh_lxc` proxy to
    # gather facts (setup) and configure SSH.
    - set_fact: ansible_connection='ssh_lxc'
    - setup:
    - include_role: name='ssh_server'
    # Now the host should be ssh-reachable
    - set_fact: ansible_connection='ssh'

# 2) Deploy LDAP server(s)
- hosts: ldap
  roles:
      - role: dns_record
      - role: ldap
        ldap_domain: 'lilik.it'
        ldap_organization: 'LILiK'
        fqdn_domain: 'dmz.{{ domain }}'
        x509_suffix: 'o=LILiK,l=Firenze,st=IT'
        virtual_domains:
          - '{{ domain }}'
        # Default values:
        #ldap_tls_enabled: true
        #renew_rootdn_pw: true
        #check_tree: true

# 3) Enable monitoring
- hosts: status
  roles:
    - role: icinga2-monitoring