---
- name: server initial command
  hosts: 'fts'
  become: yes
  become_method: sudo
  become_user: root
  vars_files:
    - var/registry.yml
  tasks:
    # - name: set shecan dns
    #   copy:
    #     src: ../dns/resolv.conf
    #     dest: /etc/resolv.conf
    #     owner: root
    #     group: root
    #     mode: u=rwx,g=rwx,o=rwx
     
    # - name: disable ufw
    #   shell: ufw disable
    
    # - name: disable swap
    #   shell: swapoff -a

    # - name: sid swap off in fstab
    #   shell: sed -i '/swap/d' /etc/fstab 
    
    # - name: set timezone
    #   shell: timedatectl set-timezone Asia/Tehran
    
    # - name: apt-get update
    #   apt: update_cache=yes force_apt_get=yes cache_valid_time=3600

    # - name: add docker key  and add docker repo
    #   shell: |
    #     curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    #     sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
    
    # - name: installing docker dependencies
    #   apt:
    #     name: "{{item}}"
    #     state: present
    #     update_cache: yes
    #   with_items:
    #     - ca-certificates
    #     - curl
    #     - gnupg
    #     - lsb-release
  

        
    # - name: installing docker-ce and docker-ce-cli and
    #   apt:
    #     name: "{{item}}"
    #     state: present
    #     update_cache: yes
    #   with_items:
    #     - docker-ce
    #     - docker-ce-cli
    #     - containerd.io
    

    - name: start and enable docker and containerd
      service:
        name: "{{item}}"
        state: started
        enabled: yes
      with_items:
        - docker
        - containerd


    - name: installing nginx and certbot
      apt:
        name: "{{item}}"
        state: present
        update_cache: yes
      with_items:
        - nginx
        - letsencrypt
        - python3-certbot-nginx
    
    - name: create the docker user account
      user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
    
    - name: allow 'dockerman' to use sudo without needing a password
      lineinfile:
        dest: /etc/sudoers
        line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
        validate: 'visudo -cf %s'
    
    - name: add user to docker group
      user:
        name: dockerman
        groups: docker
        state: present

    - name: reset and enable docker 
      shell: |
        systemctl daemon-reload
        systemctl restart docker
        systemctl enable docker
    
    # add docker home to enviroment variable
    - name: login docker
      become: dockerman
      shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}
    
    - name: reboot
      shell: reboot
      ignore_errors: yes