---
- name: add repositories
  ansible.builtin.yum_repository:
    name: "{{ item.name }}"
    description: "Ansible repositories"
    baseurl: "{{ item.baseurl }}"
    async: yes
    gpgkey: "{{ item.gpgkey }}"
  with_items:  "{{ redhat_required_repositories }}"  
  when: ansible_os_family == "RedHat"  

- name: Run Package tasks
  include_tasks:
    file: ./templates/packages.yml

- name: Create user account
  user: 
    name: "{{ username }}"
    password: "{{ userpassword }}"
    groups: sudo
    shell: /bin/bash
    state: present
    createhome: yes
  when: ansible_os_family == "Debian"   

- name: Create user account
  user: 
    name: "{{ username }}"
    password: "{{ userpassword }}"
    shell: /bin/bash
    groups: wheel
    state: present
    createhome: yes
  when: ansible_os_family == "RedHat"   
    
- name: Run SSH tasks
  include_tasks:
    file: ssh.yml

- name: Copy unattended-upgrades file
  copy: 
    src: files/10periodic
    dest: /etc/apt/apt.conf.d/10periodic 
    owner: root 
    group: root 
    mode: "0644"
    force: yes
  when: ansible_os_family == "Debian"      

- name: Remove undesirable packages
  package:
    name: "{{ unnecessary_software }}"
    state: absent
  when: ansible_os_family == "Debian"    

- name: Stop and disable unnecessary services
  service:
    name: "{{ item }}"
    state: stopped
    enabled: no
  with_items: "{{ unnecessary_services }}"
  ignore_errors: yes

- name: Set a message of the day
  copy:
    dest: /etc/motd
    src: files/motd
    owner: root
    group: root
    mode: 0644

- name: Set a login banner
  copy:
    dest: "{{ item }}"
    src: files/issue
    owner: root
    group: root
    mode: 0644
  with_items:
    - /etc/issue
    - /etc/issue.net

- name: set timezone
  shell: timedatectl set-timezone America/Chicago

- name: Enable cockpit
  systemd:
    name: cockpit
    daemon_reload: yes
    state: restarted
    enabled: yes
  when: ansible_os_family == "RedHat"