ansible/roles/base/tasks/OpenBSD.yml

---
- name: Set correct hostname
  ansible.builtin.copy:
    dest: /etc/myname
    content: "{{ inventory_hostname }}\n"
    mode: "0644"
    owner: root
    group: "{{ ansible_wheel }}"

- name: Configure mirror for packages and updates
  ansible.builtin.copy:
    dest: /etc/installurl
    content: "https://mirrors.foo.sh/openbsd/\n"
    mode: "0644"
    owner: root
    group: "{{ ansible_wheel }}"
  when: ansible_datacenter == "home"

- name: Install packages
  ansible.builtin.package:
    name: "{{ item }}"
    state: installed
  with_items:
    - bash--         # lots of scripts rely on this
    - curl--         # curl
    - rsync--        # rsync
    - vim--no_x11    # we need real vim

- name: Disable nightly cron noise
  ansible.builtin.copy:
    dest: "{{ item }}"
    content: "VERBOSESTATUS=0\n"
    mode: "0644"
    owner: root
    group: "{{ ansible_wheel }}"
  with_items:
    - /etc/daily.local
    - /etc/weekly.local
    - /etc/monthly.local

- name: Disable unused services
  ansible.builtin.service:
    name: sndiod
    enabled: false
    state: stopped

- name: Do not run check_quotas on boot
  ansible.builtin.service:
    name: check_quotas
    enabled: false

- name: Create /srv directory hierarcy
  ansible.builtin.file:
    name: /srv
    state: directory
    mode: "0755"
    owner: root
    group: "{{ ansible_wheel }}"

- name: Install OS specific roles
  ansible.builtin.include_role:
    name: "{{ role }}"
  with_items:
    - opensmtpd
    - pf
    - syslogd
    - unwind
  loop_control:
    loop_var: role