ansible/roles/base/tasks/OpenBSD.yml

---
- name: configure mirror for packages and updates
  copy:
    dest: /etc/installurl
    content: "https://mirrors.foo.sh/openbsd\n"
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  when: ansible_datacenter == "home"

- name: install packages
  package:
    name: "{{ item }}"
    state: installed
  with_items:
    - bash--         # lots of scripts rely on this
    - curl--         # curl
    - rsync--        # rsync
    - vim--no_x11    # we need real vim

- name: disable nightly cron noise
  copy:
    dest: "{{ item }}"
    content: "VERBOSESTATUS=0\n"
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  with_items:
    - /etc/daily.local
    - /etc/weekly.local
    - /etc/monthly.local

- name: disable unused services
  service:
    name: sndiod
    enabled: false
    state: stopped

- name: do not run check_quotas on boot
  service:
    name: check_quotas
    enabled: false

- name: create /srv directory hierarcy
  file:
    name: /srv
    state: directory
    mode: 0755
    owner: root
    group: "{{ ansible_wheel }}"

- name: install os specific roles
  include_role:
    name: "{{ role }}"
  with_items:
    - opensmtpd
    - pf
    - syslogd
  loop_control:
    loop_var: role