---
- name: Build Consul cluster
  hosts: consul_instances
  any_errors_fatal: true
  become: true

  roles:
    - name: ansible-consul
      consul_version: "1.11.3"
      consul_install_upgrade: true
      # consul_tls_enable: true
      consul_connect_enabled: true
      consul_ports_grpc: 8502
      consul_client_address: "0.0.0.0"
      consul_auto_encrypt:
        enabled: true
        dns_san: ["services.thefij"]
        ip_san: ["192.168.2.41", "127.0.0.1"]

  # tasks:
  # # Limit to consul host
  #   - name: Add a value to Consul
  #     consul_kv:
  #       key: ansible_test
  #       value: Hello from Ansible!
  #     execute_once: true

- name: Build Nomad cluster
  hosts: nomad_instances
  any_errors_fatal: true
  become: true

  roles:
    - name: ansible-nomad
      nomad_version: "1.2.6"
      nomad_install_upgrade: true
      nomad_allow_purge_config: true
      nomad_encrypt_enable: true
      nomad_cni_enable: true
      nomad_docker_enable: true
      # nomad_use_consul: true
      nomad_bind_address: 0.0.0.0

      nomad_host_networks:
        # - name: public
        #   cidr: 192.168.0.0/16
        - name: private
          cidr: 10.0.0.0/8
          reserved_ports: "22"
        - name: nomad-bridge
          # cidr: 172.26.64.0/20
          interface: nomad
          reserved_ports: "22"
        - name: loopback
          interface: lo
          reserved_ports: "22"

      # TODO: this should probably be based on host
      nomad_host_volumes:
        - name: mysql-data
          path: /srv/volumes/mysql-data
          owner: "nomad"
          group: "bin"
          mode: "0755"
          read_only: false