--- # deploy.yml — One-command host rebuild # # Rebuilds a host from bare metal to fully configured using repo state. # Assumes: SSH access via Tailscale, root user, host is in inventory. # # Usage: # Full fleet: ansible-playbook deploy.yml # Single host: ansible-playbook deploy.yml --limit helsinki-a # Dry run: ansible-playbook deploy.yml --check --diff # Services only (skip baseline): ansible-playbook deploy.yml --tags services # # Prerequisites: # - Target host has SSH access via Tailscale # - Target host has a base OS installed (Debian) # - ansible-galaxy install -r requirements.yml - name: Common baseline hosts: all tags: [common, baseline] roles: - role: common - role: dotfiles - name: Docker engine hosts: docker_hosts tags: [docker] roles: - role: docker - name: Caddy + status page (helsinki-a) hosts: helsinki-a tags: [services, caddy, status_page] roles: - role: caddy - role: status_page - role: systemd_services - name: Docker services hosts: docker_hosts tags: [services, docker_services] roles: - role: docker_services - name: Mail — poste.io (nuremberg-a) hosts: nuremberg-a tags: [services, mail] roles: - role: docker_services - name: Media stack + backups (london-b) hosts: london-b tags: [services, london-b] roles: - role: media_stack - role: backup - name: Gaming servers (copenhagen-a) hosts: copenhagen-a tags: [services, gaming] roles: - role: systemd_services - role: mariadb - name: Proxmox VE (london-a) hosts: london-a tags: [services, proxmox] roles: - role: proxmox_ve - name: ZFS scrub scheduling hosts: zfs_hosts tags: [services, zfs] roles: - role: zfs