---
- block:
  - name: install packages
    package:
      name: tftp-server
      state: installed

  - name: create group tftpd
    group:
      name: tftpd
      system: true

  - name: create user tftpd
    user:
      name: tftpd
      comment: Service TFTP
      createhome: false
      group: tftpd
      home: /var/empty
      shell: /sbin/nologin
      system: true

  - name: set selinxu context for data directory
    sefcontext:
      path: "/export/tftpboot(/.*)?"
      setype: tftpdir_rw_t
  when: ansible_os_family != "OpenBSD"

- name: create data directory
  file:
    path: /export/tftpboot
    state: directory
    mode: 0755
    owner: root
    group: "{{ ansible_wheel }}"

- name: link data directory
  file:
    dest: /srv/tftpboot
    src: /export/tftpboot
    state: link
    owner: root
    group: "{{ ansible_wheel }}"
    follow: false

- block:
  - name: create drop-in directory for service
    file:
      path: /etc/systemd/system/tftp.service.d
      state: directory
      mode: 0755
      owner: root
      group: "{{ ansible_wheel }}"

  - name: create service add-on config
    copy:
      dest: /etc/systemd/system/tftp.service.d/local.conf
      content: |
        [Service]
        ExecStart=
        ExecStart=/usr/sbin/in.tftpd -s /srv/tftpboot -u tftpd -c -v
      mode: 0644
      owner: root
      group: "{{ ansible_wheel }}"
    notify: restart tftpd

  - name: enable service
    systemd:
      name: tftp.socket
      enabled: true
      state: started
  when: ansible_service_mgr == "systemd"

- name: enable service
  service:
    name: tftpd
    enabled: true
    state: started
    arguments: "-v /srv/tftpboot"
  when: ansible_service_mgr != "systemd"