---

- name: Install packages
  community.general.pacman:
    state: present
    name:
    - base-devel
    - borg
    - cronie
    - dfc
    - fail2ban
    - firejail
    - git
    - htop
    - iftop
    - inetutils
    - iotop
    - mlocate
    - mosh
    - neovim
    - nethogs
    - nftables
    - nginx
    - nmap
    - nsd
    - pacman-contrib
    - prometheus-node-exporter
    - sslh
    - strace
    - sudo
    - tinc
    - tmux
    - tree
    - uptimed
    - vim
    - vnstat
    - wget
    - zsh

- name: install fail2ban conf
  copy:
    dest: /etc/fail2ban/jail.d/local.conf
    src: local.conf

- name: Enable fail2ban
  systemd:
    enabled: true
    state: started
    name: fail2ban

- name: Enable cronie
  systemd:
    enabled: true
    state: started
    name: cronie

- name: Enable vnstat
  systemd:
    enabled: true
    state: started
    name: vnstat

- name: Enable uptimed
  systemd:
    state: started
    enabled: true
    name: uptimed

- name: Install default nftables conf
  copy:
    dest: /etc/nftables.conf
    src: nftables.conf
    force: no

- name: Enable nftables
  systemd:
    state: started
    enabled: true
    name: nftables

- name: Add paccache cron
  cron:
    name: paccache
    job: paccache -rk2
    hour: "1"
    minute: "30"

- name: Add pkg user
  user:
    name: pkg
    group: users
    create_home: yes

- name: Install sslh config
  copy:
    dest: /etc/sslh.cfg
    src: sslh.cfg
    force: no

- name: Enable sslh
  systemd:
    enabled: true
    state: started
    name: sslh-select

- include: yay.yml