# ASC is not recommende need to dearmor file
- name: ansible setup | get key
  tags: ansible,ansible-setup
  get_url:
    url: "https://keyserver.ubuntu.com/pks/lookup?fingerprint=on&op=get&search=0x6125E2A8C77F2818FB7BD15B93C4A3FD7BB9C367" # required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
    dest: "/usr/share/keyrings/ansible-archive-keyring.asc"

- name: ansible setup | update repository
  tags: ansible,ansible-setup
  apt_repository:
    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.asc] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ ansible_distribution_release.ubuntu }} main"
    state: present
    update_cache: yes 
    filename:  ansible
  when: ansible_distribution == "Debian"

- name: ansible setup | update repository
  tags: ansible,ansible-setup
  apt_repository:
    repo: "deb [signed-by=/usr/share/keyrings/ansible-archive-keyring.asc] http://ppa.launchpad.net/ansible/ansible/ubuntu {{ ansible_distribution_release }} main"
    state: present
    update_cache: yes 
    filename:  ansible
  when: ansible_distribution == "Ubuntu"

- name: ansible setup | ensure ansible is the latest version
  tags: ansible,ansible-setup
  package:
    name: ansible
    state: latest

- name: ansible setup | install required packages
  tags: ansible,ansible-setup,packages
  package:
    name:
      - "{{ dconf_package }}"
      - "{{ python_psutil_package }}"

# Note: For Arch, the requirement is met by a dependency of systemd, only necessary on Debian-based
- name: ansible setup | install acl package
  tags: ansible,ansible-setup,packages
  package:
    name: acl
  when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]

- name: ansible:setup | create ansible log file
  tags: ansible,ansible-setup
  file:
    path: /var/log/ansible.log
    owner: rene
    group: ansible
    mode: 0664
    state: touch
  changed_when: False

- name: ansible setup | add logrotate config for ansible log file
  tags: ansible-setup
  copy:
    src: files/ansible-setup/logrotate
    dest: /etc/logrotate.d/ansible
    owner: root
    group: root
    mode: 0644

- name: ansible setup | remove default ansible directory (/etc/ansible) from host
  tags: ansible,ansible-setup
  file:
    path: /etc/ansible
    state: absent

- name: ansible setup | generate provision script from template
  tags: ansible,ansible-setup,scripts
  template:
    src: provision.sh.j2
    dest: /usr/local/bin/provision
    owner: root
    group: root
    mode: 0755