- name: Gerbolyze container setup playbook
  hosts: wendelstein
  tasks:
    - name: Set hostname
      hostname:
        name: wendelstein.jaseg.net

    - name: Install common admin tools
      dnf:
        name: htop,tmux,fish,mosh,neovim,sqlite
        state: latest

    - name: Install host requisites
      dnf:
          name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python
          state: latest

    - name: Disable password-based root login
      lineinfile:
        path: /etc/ssh/sshd_config
        regexp: '^PermitRootLogin'
        line: 'PermitRootLogin without-password'
      register: disable_root_pw_ssh

    - name: Restart sshd
      systemd:
          name: sshd
          state: restarted
      when: disable_root_pw_ssh is changed

    - name: Create containers
      include_tasks: setup_containers.yml
      vars:
        containers:
          - gerboweb
          - clippy

    - name: Setup web server
      include_tasks: setup_webserver.yml

    - name: Setup gerboweb
      include_tasks: setup_gerboweb.yml