---

- name: "Setup a GNU/Linux target with standards or defined tags"
  hosts: "{{ target if target is defined else 'planets' }}"

  roles:
    # --- Hardening ---
    # Basic rules or good practises to apply

    - { role: hardening-basic, tags: [hardening, ips, ids] }
    - { role: iptables-basic, tags: [firewall, ips, ids] }
    - { role: fail2ban-basic, tags: [hardening, fail2ban, ips, ids] }
    - { role: auditd, tags: [hardening, auditd] }
    - { role: iptables-webserver, tags: [firewall, webserver] }
    - { role: iptables-kdeconnect, tags: [firewall] }

    # --- Sysadmin ---
    - { role: sysadmin-tools, tags: [sysadmin] }
    - { role: wakeonlan, tags: [wol] }

    # --- Services ---
    # Role relative to services, applications and so on
    - { role: ipfs, tags: [ipfs] }
    - { role: yggdrasil, tags: [yggdrasil] }
    - { role: snort-community, tags: [snort, ips, ids] }
    - { role: dns-filter, tags: [dns_filter] }
    - { role: samba, tags: [samba, smb] }