---
- name: Install Packages
  community.general.pkgng:
    state: present
    name: "{{ packages }}"

- name: Create program symlinks
  shell: "ln -sf /usr/local/bin/{{ item.program }} /usr/local/bin/{{ item.link }}"
  loop: "{{ versions }}"
    
# FIXME: remove the symlink in the next release snapshot
- name: Remove old home sym link
  shell: |
    rm /home
    touch /tmp/.ansible.home
  args:
    creates: "/tmp/.ansible.home"

- name: Remove original cron tab dir
  shell: |
    rm -rf /var/cron/tabs
    touch /tmp/.ansible.crontabs
  args:
    creates: "/tmp/.ansible.crontabs"
    
- name: Setup home volume partition
  shell: |
    gpart create -s GPT da1
    touch /tmp/.ansible.gpt
  args:
    creates: "/tmp/.ansible.gpt"

- name: Setup home fs type
  shell: |
    gpart add -t freebsd-zfs -l {{ storage.volume.name }} -a 1M {{ storage.volume.device }}
    touch /tmp/.ansible.add
  args:
    creates: "/tmp/.ansible.add"
  
- name: Create zpool using home volume
  shell: "zpool create -f {{ storage.volume.name }} {{ storage.volume.device }}"
  args:
    creates: "/{{ storage.volume.name }}"

- name: Create zfs home dataset
  loop: "{{ storage.mounts }}"
  shell: "zfs create -o mountpoint={{ item.mount }} {{ storage.volume.name }}{{ item.name }}"
  args:
    creates: "{{ item.mount }}"

- name: Change permissions
  loop: "{{ permissions }}"
  ansible.builtin.file:
    path: "{{ item.name }}"
    owner: "{{ item.owner }}" 
    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
    
- name: Change root password
  user:
    name: root
    password: "{{ root_password | password_hash('sha512') }}"

- name: Setup sysctls
  loop: "{{ kernel.sysctls | dict2items }}"
  ansible.posix.sysctl:
    name: "{{ item.key }}"
    value: "{{ item.value }}"
    sysctl_set: true
    state: present
    reload: true

- name: Install doas config
  copy:
    src: doas.conf
    dest: /usr/local/etc/doas.conf
    owner: root
    group: wheel
    mode: '0600'

- name: Install knot resolver config
  copy:
    src: kresd.conf
    dest: /usr/local/etc/knot-resolver/kresd.conf
    owner: root
    group: wheel
    mode: '0644'

- name: Install knot resolv.conf
  copy:
    src: resolv.conf
    dest: /etc/resolv.conf
    owner: root
    group: wheel
    mode: '0644'

- name: Install rctl rule set
  copy:
    src: rctl.conf
    dest: /etc/rctl.conf
    owner: root
    group: wheel
    mode: '0644'

- name: Install /etc/hosts file
  copy:
    src: hosts
    dest: /etc/hosts
    owner: root
    group: wheel
    mode: '0644'
    
- name: Install jlogin
  copy:
    src: jlogin
    dest: /usr/local/sbin/jlogin
    owner: root
    group: wheel
    mode: '0755'

- name: Symlink knot dig
  shell: "ln -sf /usr/local/bin/kdig /usr/local/bin/dig"
  args:
    creates: "/usr/local/bin/dig"

- name: disable unbound
  community.general.sysrc:
    name: local_unbound_enable
    value: "NO"
  notify: stop unbound

- name: enable knot resolver
  community.general.sysrc:
    name: kresd_enable
    value: "YES"
  notify: start kresd

- name: enable rctl
  community.general.sysrc:
    name: rctl_enable
    value: "YES"
  notify: start rctl