---

# v3, nginx, docker

- hosts: all

  vars_files:
    - vars/apps.yml

  tasks:

#    - include_role:
#        name: yatesr.timezone
#      vars:
#        timezone: UTC
#
#    - include_role:
#        name: geerlingguy.security
#      vars:
#        security_ssh_permit_root_login: "yes"
#        security_autoupdate_enabled: false
#        security_fail2ban_enabled: false
#
#    - include_role:
#        name: geerlingguy.nginx
#      vars:
#        nginx_remove_default_vhost: true
#
#    - include_role:
#        name: geerlingguy.docker
#      vars:
#        docker_users: '{{ apps | map(attribute="username") | list }}'

    - include_role:
        name: docker-app
      private: yes
      vars:
        username: '{{ app_item.username }}'
        ssh_keys: '{{ app_item.ssh_keys | default([]) }}'
        envs: '{{ app_item.envs | default({}) }}'
      with_items: '{{ apps }}'
      loop_control:
        loop_var: app_item