From 4c503561e4d833532a10cc15aa0fe72edba8171d Mon Sep 17 00:00:00 2001
From: Wojciech Kozlowski <wk@wojciechkozlowski.eu>
Date: Sun, 18 Dec 2022 21:14:04 +0100
Subject: [PATCH] Add playbook tags and update README

---
 README.md | 43 +++++++++++++++++++++++++++++++------------
 main.yml  |  4 ++++
 2 files changed, 35 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 1c2a6f8..ab723ed 100644
--- a/README.md
+++ b/README.md
@@ -4,9 +4,10 @@ Ansible playbooks for provisioning The Nine Worlds.
 
 ## Secrets vault
 
-- Encrypt with: ```ansible-vault encrypt secrets.yml```
+- Encrypt with: ```ansible-vault encrypt vault.yml```
 - Decrypt with: ```ansible-vault decrypt secrets.yml```
-- Print secrets to STDOUT: ```ansible-vault decrypt --output - secrets.yml```
+- Encrypt all `vault.yml` in a directory with: ```ansible-vault encrypt directory/**/vault.yml```
+- Decrypt all `vault.yml` in a directory with: ```ansible-vault decrypt directory/**/vault.yml```
 - Run a playbook with ```ansible-playbook --vault-id @prompt playbook.yml```
 
 ## The Nine Worlds
@@ -29,33 +30,51 @@ ansible-playbook main.yml -i testing
 
 ### Playbooks
 
-The Nine Worlds playbook is composed of smaller [`playbooks`](playbooks). To run a single playbook,
-invoke the `main.yml` playbook directly from the desired playbook's directory. For example, to run
-the [`system`](system) playbook, run:
+The Ansible Edda playbook is composed of smaller [`playbooks`](playbooks). To run a single playbook,
+invoke the relevant playbook directly from the playbook directory. For example, to run the
+[`system`](system) playbook, run:
 
 ``` sh
-ansible-playbook playbooks/system/main.yml
+ansible-playbook playbooks/system.yml
+```
+
+Alternatively you can use its tag as well:
+
+``` sh
+ansible-playbook main.yml --tags "system"
 ```
 
 ### Roles
 
-Playbooks are composed of roles defined in the playbook's `roles` directory, e.g.
-[`playbooks/system/roles`](playbooks/system/roles) for `system`.
+Playbooks are composed of roles defined in the `roles` directory,
+[`playbooks/roles`](playbooks/roles).
 
-To play only a specific role in a playbook, e.g. `base` in the playbook `system`, run:
+To play only a specific role, e.g. `system/base` in the playbook `system`, run:
 
 ``` sh
-ansible-playbook playbooks/system/main.yml --tags "system:base"
+ansible-playbook playbooks/system.yml --tags "system:base"
+```
+
+Or from the main playbook:
+
+``` sh
+ansible-playbook main.yml --tags "system:base"
 ```
 
 ### Role sub-tasks
 
 Some roles are split into smaller groups of tasks. This can be checked by looking at the
 `tasks/main.yml` file of a role, e.g.
-[`playbooks/system/roles/base/tasks/main.yml`](playbooks/system/roles/base/tasks/main.yml).
+[`playbooks/roles/system/base/tasks/main.yml`](playbooks/roles/system/base/tasks/main.yml).
 
 To play only a particular group within a role, e.g. `sshd` in `base` of `system`, run:
 
 ``` sh
-ansible-playbook playbooks/system/main.yml --tags "system:base:sshd"
+ansible-playbook playbooks/system.yml --tags "system:base:sshd"
+```
+
+Or from the main playbook:
+
+``` sh
+ansible-playbook main.yml --tags "system:base:sshd"
 ```
diff --git a/main.yml b/main.yml
index a003d7e..8960031 100644
--- a/main.yml
+++ b/main.yml
@@ -1,5 +1,9 @@
 ---
 - ansible.builtin.import_playbook: "playbooks/system.yml"
+  tags: "system"
 - ansible.builtin.import_playbook: "playbooks/vpn.yml"
+  tags: "vpn"
 - ansible.builtin.import_playbook: "playbooks/backups.yml"
+  tags: "backups"
 - ansible.builtin.import_playbook: "playbooks/services.yml"
+  tags: "services"