tftp: Initial version of tftp server role

Currently this is role allows writing to data directory.

roles/tftp/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart tftpd
+  systemd:
+    name: tftp.socket
+    state: restarted

roles/tftp/tasks/main.yml

@@ -0,0 +1,65 @@
+---
+- name: install packages
+  package:
+    name: tftp-server
+    state: installed
+
+- name: create group tftpd
+  group:
+    name: tftpd
+    system: true
+
+- name: create user tftpd
+  user:
+    name: tftpd
+    comment: Service TFTP
+    createhome: false
+    group: tftpd
+    home: /var/empty
+    shell: /sbin/nologin
+    system: true
+
+- name: set selinxu context for data directory
+  sefcontext:
+    path: "/export/tftpboot(/.*)?"
+    setype: tftpdir_rw_t
+
+- name: create data directory
+  file:
+    path: /export/tftpboot
+    state: directory
+    mode: 0755
+    owner: root
+    group: "{{ ansible_wheel }}"
+ 
+- name: link data directory
+  file:
+    dest: /srv/tftpboot
+    src: /export/tftpboot
+    state: link
+    owner: root
+    group: "{{ ansible_wheel }}"
+    follow: false
+
+- name: create drop-in directory for service
+  file:
+    path: /etc/systemd/system/tftp.service.d
+    state: directory
+    mode: 0755
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: create service add-on config
+  copy:
+    dest: /etc/systemd/system/tftp.service.d/local.conf
+    content: |
+      [Service]
+      ExecStart=
+      ExecStart=/usr/sbin/in.tftpd -s /srv/tftpboot -u tftpd -c -v
+  notify: restart tftpd
+
+- name: enable service
+  systemd:
+    name: tftp.socket
+    enabled: true
+    state: started