- name: "Initialise network config, packages & user tanguy"
  hosts: roger-skyline-1
  become: yes
  become_user: root
  become_method: su
  tasks:
    - name: "Install necessary packages"
      apt:
        name: ['sudo', 'mailutils', 'fail2ban']
        update_cache: "yes"
        state: "present"
    - name: "Add tanguy to sudoers"
      user:
        name: "tanguy"
        groups: "sudo"
        append: yes
    - name: "Upload firewall config"
      copy:
        src: "files/firewall.conf"
        dest: "/etc/"
        owner: "root"
        group: "root"
    - name: "Apply firewall config"
      command: "iptables-restore /etc/firewall.conf"
    - name: "Upload public key for tanguy"
      authorized_key:
        user: "tanguy"
        state: "present"
        key: "{{ lookup('file', '/Users/tmaze/.ssh/id_rsa.pub') }}"
    - name: "Upload ssh config"
      copy:
        src: "files/sshd_config"
        dest: "/etc/ssh/"
        owner: "root"
        group: "root"
    - name: "Restart ssh service"
      service:
        name: "ssh"
        state: "restarted"
        enabled: yes