---
# Some Debian based distros ship without Python installed

- name: Check if bootstrap is needed
  raw: which python3
  register: need_bootstrap
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false
  environment: {}
  tags:
    - facts

- name: Check http::proxy in apt configuration files
  raw: apt-config dump | grep -qsi 'Acquire::http::proxy'
  register: need_http_proxy
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false
  environment: {}
  when:
    - http_proxy is defined

- name: Add http_proxy to /etc/apt/apt.conf if http_proxy is defined
  raw: echo 'Acquire::http::proxy "{{ http_proxy }}";' >> /etc/apt/apt.conf
  become: true
  environment: {}
  when:
    - http_proxy is defined
    - need_http_proxy.rc != 0

- name: Check https::proxy in apt configuration files
  raw: apt-config dump | grep -qsi 'Acquire::https::proxy'
  register: need_https_proxy
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false
  environment: {}
  when:
    - https_proxy is defined

- name: Add https_proxy to /etc/apt/apt.conf if https_proxy is defined
  raw: echo 'Acquire::https::proxy "{{ https_proxy }}";' >> /etc/apt/apt.conf
  become: true
  environment: {}
  when:
    - https_proxy is defined
    - need_https_proxy.rc != 0

- name: Check Network Name Resolution configuration
  raw: grep '^DNSSEC=allow-downgrade' /etc/systemd/resolved.conf
  register: need_dnssec_allow_downgrade
  failed_when: false
  changed_when: false
  # This command should always run, even in check mode
  check_mode: false
  environment: {}
  when:
    - '"bionic" in os_release.stdout'

- name: Change Network Name Resolution configuration
  raw: sed -i 's/^DNSSEC=yes/DNSSEC=allow-downgrade/g' /etc/systemd/resolved.conf
  become: true
  environment: {}
  when:
    - '"bionic" in os_release.stdout'
    - need_dnssec_allow_downgrade.rc

- name: Restart systemd-resolved service
  raw: systemctl restart systemd-resolved
  become: true
  environment: {}
  when:
    - '"bionic" in os_release.stdout'
    - need_dnssec_allow_downgrade.rc

- name: Install python3
  raw:
    apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y python3-minimal
  become: true
  environment: {}
  when:
    - need_bootstrap.rc != 0

# Workaround for https://github.com/ansible/ansible/issues/25543
- name: Install dbus for the hostname module
  package:
    name: dbus
    state: present
    use: apt
  become: true