Add podman role and improve playbook organization

This PR adds a new podman role, see #18.

The playbook is merged into sections for each group of hosts that we
want to deploy to. To limit by role now, use tags, such as `-t
role::podman`.

1 files changed, 16 insertions, 0 deletions

diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml
index f8495cd..46ff3e9 100644
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -6,18 +6,24 @@
       - wireguard
       - wireguard-tools
       - linux-headers-{{ ansible_kernel }}
+  tags:
+    - role::wireguard
 
 - name: Generate WireGuard private key
   shell: set -o pipefail && wg genkey > /etc/wireguard/key.priv
   args:
     executable: /bin/bash
     creates: /etc/wireguard/key.priv
+  tags:
+    - role::wireguard
 
 - name: Generate WireGuard public key
   shell: set -o pipefail && cat /etc/wireguard/key.priv | wg pubkey > /etc/wireguard/key.pub
   args:
     executable: /bin/bash
     creates: /etc/wireguard/key.pub
+  tags:
+    - role::wireguard
 
 - name: Ensure file permissions for keys set correctly
   file:
@@ -28,16 +34,22 @@
   with_items:
     - /etc/wireguard/key.priv
     - /etc/wireguard/key.pub
+  tags:
+    - role::wireguard
 
 - name: Fetch private key for all hosts
   slurp:
     src: /etc/wireguard/key.priv
   register: wg_priv_key
+  tags:
+    - role::wireguard
 
 - name: Fetch public key for all hosts
   slurp:
     src: /etc/wireguard/key.pub
   register: wg_pub_key
+  tags:
+    - role::wireguard
 
 - name: Generate WireGuard configuration file
   template:
@@ -48,9 +60,13 @@
     owner: root
   notify:
     - reload wg-quick
+  tags:
+    - role::wireguard
 
 - name: Start and enable the WireGuard service
   service:
     name: wg-quick@wg0
     enabled: true
     state: started
+  tags:
+    - role::wireguard