Environment_Infrastructure/ansible/roles/base/tasks/main.yml

---
- name: Update all packages
  ansible.builtin.dnf:
    name: "*"
    state: latest
    update_cache: yes

- name: Install EPEL release
  ansible.builtin.dnf:
    name: epel-release
    state: present

- name: Install base packages
  ansible.builtin.dnf:
    name:
      - curl
      - wget
      - git
      - jq
      - tar
      - unzip
      - bash-completion
      - gettext
      - tree
      - ca-certificates
      - fail2ban
      - chrony
      - python3
      - python3-pip
      - python3-passlib
      - htop
      - btop
    state: present

- name: Set timezone
  community.general.timezone:
    name: "{{ timezone }}"

- name: Ensure chrony is running
  ansible.builtin.service:
    name: chronyd
    state: started
    enabled: yes

- name: Set hostname
  ansible.builtin.hostname:
    name: "{{ inventory_hostname }}"

- name: Get current keymap
  ansible.builtin.command: localectl status
  register: localectl_status
  changed_when: false

- name: Set keyboard layout to Turkish Q
  ansible.builtin.command: localectl set-keymap trq
  when: "'trq' not in localectl_status.stdout"

- name: Deploy Hetzner floating IP systemd service
  ansible.builtin.copy:
    dest: /etc/systemd/system/hetzner-floating-ip.service
    mode: "0644"
    content: |
      [Unit]
      Description=Hetzner Floating IP
      After=network.target

      [Service]
      Type=oneshot
      ExecStart=/sbin/ip addr replace {{ hetzner_floating_ip }}/32 dev {{ hetzner_primary_interface | default('eth0') }}
      RemainAfterExit=yes

      [Install]
      WantedBy=multi-user.target
  when: hetzner_floating_ip is defined

- name: Enable and start Hetzner floating IP service
  ansible.builtin.systemd:
    name: hetzner-floating-ip
    enabled: yes
    state: started
    daemon_reload: yes
  when: hetzner_floating_ip is defined