---
- name: setup ansible custom facts
  ansible.builtin.file:
    dest: "{{ item }}"
    mode: 0755
    owner: root
    group: "{{ ansible_wheel }}"
    state: directory
  with_items:
    - /etc/ansible
    - /etc/ansible/facts.d

- name: add ansible_export fact
  ansible.builtin.copy:
    dest: /etc/ansible/facts.d/export.fact
    content: |
      #!/bin/sh
      if [ -d /export ]; then
          echo "true"
      else
          echo "false"
      fi
    mode: 0755
    owner: root
    group: "{{ ansible_wheel }}"

- name: reload facts
  ansible.builtin.setup:
    filter: ansible_local

- name: include os specific tasks
  ansible.builtin.include_tasks:
    file: "{{ ansible_os_family }}.yml"

- name: disable at from all users
  ansible.builtin.copy:
    content: "\n"
    dest: "/etc/at.allow"
    mode: 0600
    owner: root
    group: "{{ ansible_wheel }}"

- name: install basic roles
  ansible.builtin.include_role:
    name: "{{ role }}"
  with_items:
    - munin_node
    - network
    - pki
    - psacct
    - sshd
  loop_control:
    loop_var: role

- name: install roles for physical hardware
  ansible.builtin.include_role:
    name: "{{ role }}"
  with_items:
    - lm_sensors
    - smartd
  loop_control:
    loop_var: role
  when:
    - ansible_virtualization_role == "host"
    - ansible_virtualization_type != "vmm"