---
- name: Deploy eom.dev one service at a time
  hosts: alpha-control-plane
  become: true
  pre_tasks:
    - name: Create issuer for letsencrypt staging
      k8s:
        state: present
        definition:
          apiVersion: cert-manager.io/v1
          kind: ClusterIssuer
          metadata:
            name: letsencrypt-staging
          spec:
            acme:
              email: eric@eom.dev
              server: https://acme-staging-v02.api.letsencrypt.org/directory
              privateKeySecretRef:
                name: letsencrypt-staging-issuer-account-key
              solvers:
              - http01:
                  ingress:
                    ingressClassName: nginx
    - name: Create issuer for letsencrypt production
      k8s:
        state: present
        definition:
          apiVersion: cert-manager.io/v1
          kind: ClusterIssuer
          metadata:
            name: letsencrypt-production
          spec:
            acme:
              email: eric@eom.dev
              server: https://acme-v02.api.letsencrypt.org/directory
              privateKeySecretRef:
                name: letsencrypt-production-issuer-account-key
              solvers:
              - http01:
                  ingress:
                    ingressClassName: nginx
  roles:
    - role: ericomeehan.eom.dev