---
- name: set_fact distro_setup
  set_fact:
    distro_setup: "{{ distro_settings[node_distro] }}"

- name: set_fact other distro settings
  set_fact:
    distro_user: "{{ distro_setup['user'] }}"
    distro_ssh_service: "{{ distro_setup['ssh_service'] }}"
    distro_extra_packages: "{{ distro_setup['extra_packages'] }}"

- name: Null-ify some linux tools to ease DIND
  file:
    src: "/bin/true"
    dest: "{{ item }}"
    state: link
    force: yes
  with_items:
    # DIND box may have swap enable, don't bother
    - /sbin/swapoff
    # /etc/hosts handling would fail on trying to copy file attributes on edit,
    # void it by successfully returning nil output
    - /usr/bin/lsattr
    # disable selinux-isms, sp needed if running on non-Selinux host
    - /usr/sbin/semodule

- name: Void installing dpkg docs and man pages on Debian based distros
  copy:
    content: |
      # Delete locales
      path-exclude=/usr/share/locale/*
      # Delete man pages
      path-exclude=/usr/share/man/*
      # Delete docs
      path-exclude=/usr/share/doc/*
      path-include=/usr/share/doc/*/copyright
    dest: /etc/dpkg/dpkg.cfg.d/01_nodoc
    mode: 0644
  when:
    - ansible_os_family == 'Debian'

- name: Install system packages to better match a full-fledge node
  package:
    name: "{{ item }}"
    state: present
  with_items: "{{ distro_extra_packages }} + [ 'rsyslog', 'openssh-server' ]"

- name: Start needed services
  service:
    name: "{{ item }}"
    state: started
  with_items:
    - rsyslog
    - "{{ distro_ssh_service }}"

- name: Create distro user "{{ distro_user }}"
  user:
    name: "{{ distro_user }}"
    uid: 1000
    # groups: sudo
    append: yes

- name: Allow password-less sudo to "{{ distro_user }}"
  copy:
    content: "{{ distro_user }} ALL=(ALL) NOPASSWD:ALL"
    dest: "/etc/sudoers.d/{{ distro_user }}"
    mode: 0640

- name: Add my pubkey to "{{ distro_user }}" user authorized keys
  authorized_key:
    user: "{{ distro_user }}"
    state: present
    key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"