--- - name: "system : all" hosts: "all" tasks: - name: "block domains" ansible.builtin.lineinfile: path: "/etc/hosts" line: "127.0.0.1 {{ item }}" loop: "{{ [system_mail_smtp_server | default([])] | union( [vpn_wireguard_server_address | default([])] ) | union( [services_backups_restic_aws_bucket_endpoint | default([])] ) | flatten }}" when: not (the_nine_worlds_production | bool) tags: "always" - name: "system : ups" hosts: "ups" roles: - role: "system/ups" tags: "system:ups" - name: "system : smart" hosts: "smart" roles: - role: "system/smart" vars: system_base_smartd_conf_file: "files/system/smart/smartd.conf" tags: "system:smart" - name: "system : zfs" hosts: "zfs" roles: - role: "system/zfs" tags: "system:zfs" - name: "system : all" hosts: "all" roles: - role: "system/base/nftables" tags: - "system:base" - "system:base:nftables" - role: "system/base/mail" vars: system_base_mail_disable_dns: "{{ not (the_nine_worlds_production | bool) }}" tags: - "system:base" - "system:base:mail" - role: "system/base/sshd" tags: - "system:base" - "system:base:sshd" - role: "system/base/ntp" tags: - "system:base" - "system:base:ntp" - role: "system/base/fail2ban" tags: - "system:base" - "system:base:fail2ban" - role: "system/base/fstrim" tags: - "system:base" - "system:base:fstrim" - role: "system/base/unattended_upgrades" tags: - "system:base" - "system:base:unattended_upgrades" - role: "system/base/logs" vars: system_base_logs_ignore_file: "files/system/base/logs/ignore" tags: - "system:base" - "system:base:logs" - role: "system/base/systemd_mail" tags: - "system:base" - "system:base:systemd_mail" - role: "system/base/utils" tags: - "system:base" - "system:base:utils" - role: "system/base/motd" vars: system_base_motd_dir: "files/system/base/motd" tags: - "system:base" - "system:base:motd" - role: "system/base/root" tags: - "system:base" - "system:base:root" - role: "system/base/user" tags: - "system:base" - "system:base:user"