---
- name: Install defaults
  package:
    name:
    - zsh

- name: Download .zshrc from grml
  get_url:
    url: https://raw.githubusercontent.com/grml/grml-etc-core/v0.12.5/etc/zsh/zshrc
    dest: /etc/zsh/zshrc
    checksum: sha256:ad88c76951693c2f9c38773ed2602a9fd5c74431615c4a23aaff679b295919ce
    validate_certs: false

- name: Update SSH configuration
  notify: reload sshd
  replace:
    dest: /etc/ssh/sshd_config
    regexp: '^([\#\s]*)?{{ item.key }}\s+([\w_-]+)'
    replace: "{{item.key}} {{item.value}}"
  with_items:
  - key: PermitRootLogin
    value: without-password
  - key: PasswordAuthentication
    value: 'no'
  - key: ChallengeResponseAuthentication
    value: 'no'
  - key: PrintLastLog
    value: 'yes'
  - key: UseDNS
    value: 'no'

- name: Change shell of user root
  user:
    name: root
    shell: /usr/bin/zsh

- name: Enable sshd
  systemd:
    name: sshd
    enabled: yes
    state: started

- name: Configure Network
  notify: restart network
  when: ipv4 is defined or ipv6 is defined
  template:
    src: systemd.network
    dest: /etc/systemd/network/main.network
    owner: root
    mode: 644

- name: enable systemd-networkd
  notify: restart network
  systemd:
    name: systemd-networkd
    state: started
    enabled: yes

- name: disable networking
  systemd:
    name: networking
    state: stopped
    enabled: no

- name: start systemd-resolved
  systemd:
    name: systemd-resolved
    state: started
    enabled: yes

- name: symling /etc/resolve
  file:
    src: /run/systemd/resolve/stub-resolv.conf
    dest: /etc/resolv.conf
    state: link
    force: yes