- name: Run Package tasks
  ansible.builtin.include_tasks:
    file: ./templates/packages.yml

- name: Create user account
  ansible.builtin.user:
    name: "{{ username }}"
    password: "{{ userpassword }}"
    groups: sudo
    shell: /bin/bash
    state: present
    createhome: true
  when: ansible_os_family == "Debian"

- name: Create user account
  ansible.builtin.user:
    name: "{{ username }}"
    password: "{{ userpassword }}"
    shell: /bin/bash
    groups: wheel
    state: present
    createhome: true
  when: ansible_os_family == "RedHat"

- name: Run SSH tasks
  ansible.builtin.include_tasks:
    file: ssh.yml

- name: Copy unattended-upgrades file
  ansible.builtin.copy:
    src: files/10periodic
    dest: /etc/apt/apt.conf.d/10periodic
    owner: root
    group: root
    mode: "0644"
    force: true
  when: ansible_os_family == "Debian"

- name: Remove undesirable packages
  ansible.builtin.package:
    name: "{{ unnecessary_software }}"
    state: absent
  when: ansible_os_family == "Debian"

- name: Stop and disable unnecessary services
  ansible.builtin.service:
    name: "{{ item }}"
    state: stopped
    enabled: false
  with_items: "{{ unnecessary_services }}"
  ignore_errors: "{{ ansible_check_mode }}"

- name: Set a message of the day
  ansible.builtin.copy:
    dest: /etc/motd
    src: files/motd
    owner: root
    group: root
    mode: 0644

- name: Set a login banner
  ansible.builtin.copy:
    dest: "{{ item }}"
    src: files/issue
    owner: root
    group: root
    mode: 0644
  with_items:
    - /etc/issue
    - /etc/issue.net

- name: Set timezone
  ansible.builtin.command: timedatectl set-timezone America/Chicago
  changed_when: my_output.rc != 0

- name: Enable cockpit
  ansible.builtin.systemd:
    name: cockpit
    daemon_reload: true
    state: restarted
    enabled: true
  when: ansible_os_family == "RedHat"