---
- name: "enable sshd"
  systemd:
    name: sshd
    enabled: yes

- name: "enable chronyd"
  systemd:
    name: chronyd
    enabled: yes

- name: "set chrony.conf"
  template:
    src: "{{ role_path }}/templates/chrony.conf.j2"
    dest: /usr/lib/tmpfiles.d/chrony.conf
  tags: template

- name: "disable ntpd"
  systemd:
    name: ntpd
    enabled: no

#Service Optimization
- name: "enable snmpd"
  systemd:
    name: snmpd
    enabled: yes

- name: "enable snmptrapd"
  systemd:
    name: snmptrapd
    enabled: yes

- name: "disenable abrt-ccpp"
  systemd:
    name: abrt-ccpp
    enabled: no

- name: "disenable abrt-oops"
  systemd:
    name: abrt-oops
    enabled: no

- name: "disenable abrtd"
  systemd:
    name: abrtd
    enabled: no

- name: "disenable dmraid-activation"
  systemd:
    name: dmraid-activation
    enabled: no

- name: "disenable postfix"
  systemd:
    name: postfix
    enabled: no

- name: "set sshd UseDns no"
  shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config

- name: "update initramfs"
  shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64
  when: runtime_env != 'TSG-X-P0906'

- name: "Export MLX5_GLUE_PATH"
  lineinfile:
     dest: /etc/profile
     line: 'export MLX5_GLUE_PATH=/opt/tsg/mrzcpd/lib'

- name: "Add 'MLX5_GLUE_PATH' to the list of environment variables preserved in sudoers"
  shell: echo "Defaults    env_keep += \"MLX5_GLUE_PATH\"" > /etc/sudoers.d/01-mrzcpd

- name: "Generate ansiblg.cfg after ansible upgrade in rockylinux8"
  shell: ansible-config init --disabled > /etc/ansible/ansible.cfg
  when: runtime_env == 'TSG-X-P0906'

- name: 'change ansible hash_behaviour value replace to merge'
  lineinfile:
    path: /etc/ansible/ansible.cfg
    backrefs: yes
    regexp: "^(.*hash_behaviour.*=.*replace.*)$"
    line: '\1\nhash_behaviour = merge'

- name: 'install psutil'
  shell: pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple psutil
  when:  runtime_env == 'TSG-X-P0906'

- name: "add sudo secure_path"
  lineinfile:
    path: /etc/sudoers
    backrefs: yes
    regexp: "^(.*Defaults    secure_path =.*)$"
    line: '\1:/opt/tsg/tsg-os-provision'

- name: "Comment /run/nologin create on system booting up"
  replace:
    path: /usr/lib/tmpfiles.d/systemd-nologin.conf
    regexp: '^(F! /run/nologin 0644*)'
    replace: '#\1'

- name: "Install python module"
  shell: pip2 install -i https://pypi.tuna.tsinghua.edu.cn/simple PrettyTable==0.7.2
  when: runtime_env == 'TSG-X-P0906'

- name: "copy  tsg-dign to dest"
  copy:
    src: "{{ role_path }}/files/99-tsg-dign.rules"
    dest: /usr/lib/udev/rules.d/99-tsg-dign.rules
    mode: 0644

- name: "Create dracut/modules.d/99overlaymount directory if it does not exist"
  file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  with_items:
    - /usr/lib/dracut/modules.d/99overlaymount
  when: runtime_env == 'TSG-X-P0906'

- name: "copy  dracut module-setup.sh to dest"
  copy:
    src: "{{ role_path }}/files/module-setup.sh"
    dest: /usr/lib/dracut/modules.d/99overlaymount/module-setup.sh
    mode: 0755
  when: runtime_env == 'TSG-X-P0906'

- name: "copy  overlaymount.sh to dest"
  copy:
    src: "{{ role_path }}/files/overlaymount.sh"
    dest: /usr/lib/dracut/modules.d/99overlaymount/overlaymount.sh
    mode: 0755
  when: runtime_env == 'TSG-X-P0906'

- name: "add dracut module to initramfs"
  shell: dracut --force -v /boot/initramfs-5.17.15-1.el8.x86_64.img  5.17.15-1.el8.x86_64
  when: runtime_env == 'TSG-X-P0906'

- name: "install python3 toml"
  shell: python3 -m pip install toml

- name: "install python3 sdnotify"
  shell: python3 -m pip install sdnotify