ansible/roles/base/tasks/main.yml

---
- name: Group by domainname
  ansible.builtin.group_by:
    key: "{{ inventory_hostname.split('.')[1] }}"
  changed_when: false
  when: inventory_hostname | split('.') | length == 4

- name: Get ansible server name
  ansible.builtin.command:
    argv:
      - hostname
      - -f
  changed_when: false
  delegate_to: localhost
  register: result

- name: Store ansible server name
  ansible.builtin.set_fact:
    ansible_server: "{{ result.stdout }}"
    cacheable: false

- name: Setup ansible custom facts
  ansible.builtin.file:
    dest: "{{ item }}"
    mode: "0755"
    owner: root
    group: "{{ ansible_wheel }}"
    state: directory
  with_items:
    - /etc/ansible
    - /etc/ansible/facts.d

- name: Add ansible_export fact
  ansible.builtin.copy:
    dest: /etc/ansible/facts.d/export.fact
    src: export.fact.sh
    mode: "0755"
    owner: root
    group: "{{ ansible_wheel }}"

- name: Reload facts
  ansible.builtin.setup:
    filter: ansible_local

- name: Include os specific tasks
  ansible.builtin.include_tasks:
    file: "{{ ansible_os_family }}.yml"

- name: Disable at from all users
  ansible.builtin.copy:
    content: "\n"
    dest: "/etc/at.allow"
    mode: "0600"
    owner: root
    group: "{{ ansible_wheel }}"

- name: Install basic roles
  ansible.builtin.include_role:
    name: "{{ role }}"
  with_items:
    - network
    - pki
    - psacct
    - sshd
    - sshd_cert
    - node_exporter
  loop_control:
    loop_var: role

- name: Install roles for physical hardware
  ansible.builtin.include_role:
    name: "{{ role }}"
  with_items:
    - lm_sensors
    - smartd
  loop_control:
    loop_var: role
  when:
    - ansible_virtualization_role == "host"
    - ansible_virtualization_type != "vmm"