playbook-all.yml

---
- name: create servers
  hosts: localhost

  tasks:

    - name: get hcloud api key from environment
      set_fact:
        config_file: "{{ lookup('env', 'CONTINUOUS_DEPLOY_SERVERS_CONFIG') }}"

    - name: set config file default
      set_fact:
        config_file: "servers.yml"
      when: config_file == ""

    - name: load config file
      shell: "cat {{ config_file }}"
      register: servers

    - name: load config
      set_fact:
        configs: "{{ servers.stdout | from_yaml }}"

    - name: set up servers and DNS entries
      include_tasks: tasks/config_loop.yml
      no_log: yes # could contain secrets
      with_items: "{{ configs }}"
      loop_control:
        loop_var: config

    - name: wait for servers to be up
      wait_for:
        timeout: 30

- name: provision / deploy on servers
  hosts: all:!localhost:!temp

  roles:
    - role: base-ubuntu-docker

  tasks:
    - name: ping servers
      ping:

    - name: switch user (this is always safe after base-ubuntu-docker role is executed)
      set_fact:
        ansible_user: admin

    - name: reset ssh connection to apply possible user change
      meta: reset_connection

    - name: Run whoami without become.
      command: whoami
      changed_when: false
      become: false
      register: whoami

    - name: ensure right user is logged in
      fail: "wrong user is used! should: {{ ansible_user }} | is: {{ whoami.stdout }}"
      when: whoami.stdout != ansible_user

    - name: restore carry paths after rebuild
      include_role:
        name: rebuild-carry-path-restore

    - name: deploy docker-compose project
      include_role:
        name: docker-compose-deploy
      with_items: "{{ docker_compose_projects }}"
      loop_control:
        loop_var: docker_compose_project