Include security role in setup-hosts.yml

The openstack-ansible-security role is now included in the
setup-hosts.yml playbook but it still requires a deployer to
set apply_security_hardening to True for it to be applied.

Change-Id: I02324b15a4ddffa52b15a23bd381892d4dfd39fc
(cherry picked from commit 00207d3988)

doc/source/install-guide/configure-initial.rst

@@ -99,8 +99,8 @@ within ``user_variables.yml``:
 
     apply_security_hardening: true
 
-When the variable is set, the role will be applied by
-``scripts/run_playbooks.sh`` automatically during deployments.
+When the variable is set, the role will be applied by the ``setup-hosts.yml``
+playbook automatically during deployments.
 
 Deployers can apply security configurations to an existing environment or audit
 an environment using a playbook supplied with OpenStack-Ansible:

playbooks/security-hardening.yml

@@ -1,5 +1,5 @@
 ---
-# Copyright 2014, Rackspace US, Inc.
+# Copyright 2016, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 # As an additional safeguard, this playbook requires the
 # 'apply_security_hardening' boolean set to True for it to apply security
 # hardening standards to a system.
+
 - name: Apply security hardening configurations
   hosts: "{{ host_group|default('hosts') }}"
   user: root

playbooks/setup-hosts.yml

@@ -14,5 +14,6 @@
 # limitations under the License.
 
 - include: openstack-hosts-setup.yml
+- include: security-hardening.yml
 - include: lxc-hosts-setup.yml
 - include: lxc-containers-create.yml