ansible/roles/container/tasks/main.yml

- name: Mask services
  file: src=/dev/null dest=/etc/systemd/system/{{ item }} state=link
  with_items: masked_services
- name: Stop services
  service: name={{ item }} state=stopped enabled=no
  with_items: masked_services

- user: name=root shell=/bin/bash
- name: Allow wheel group to use sudo
  lineinfile: "dest=/etc/sudoers state=present regexp='^%wheel' line='%wheel ALL=(ALL) NOPASSWD: ALL'"
- name: Write mirrorlist
  copy: src=sudoers dest=/etc/sudoers mode=0644
- user: name=admin shell=/bin/bash groups=wheel append=yes
- name: Create ~admin/.ssh
  file: path=/home/admin/.ssh state=directory
- name: SSH Keys
  copy: src=authorized_keys dest=/home/admin/.ssh/authorized_keys

- set_fact:
    admins: "{{ base_admins + additional_admins }}"

- name: deploy dotfiles
  copy: src="{{ item[0] }}" dest="{{ item[1].dest }}/.{{ item[0] }}" owner="{{ item[1].owner }}" group="{{ item[1].group }}"
  with_nested:
    - ['bashrc', 'dircolors', 'vimrc']
    - admins

- mount: name=/run/systemd/journal/ src=/mnt/journal fstype=none opts=bind,ro state=present

- name: backup directory
  file: path=/root/.vim.backupdir state=directory

- name: create link-dev-log.service
  copy: src=link-dev-log.service dest=/etc/systemd/system/link-dev-log.service mode=0644
- name: enable link-dev-log.service
  file: src=/etc/systemd/system/link-dev-log.service dest=/etc/systemd/system/multi-user.target.wants/link-dev-log.service state=link

- include: ssh.yml