---
- name: Update APT package cache
  apt:
    update_cache: true
    upgrade: dist

- name: Install debian packages
  apt:
    name: "{{ item }}"
    state: present
  with_items:
    - "unattended-upgrades"
    - "joe"
    - "fail2ban"

#- name: Download headscale .deb
#  get_url: 
#    url="https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_arm64.deb"
#    dest="/tmp/headscale.deb"

#- name: Install my_package
#  apt: deb="/tmp/headscale.deb"

- name: determine name of host
  ansible.builtin.set_fact:
    headscale_hostname: "{{ inventory_hostname }}"

- name: determine name of network
  ansible.builtin.set_fact:
    headscale_base_domain: "{{ headscale_hostname | regex_replace('^[\\w-]+\\.', '') }}"

- name: generate config
  template:
    src: "config.yaml"
    dest: "/etc/headscale/config.yaml"

- name: ensure directories are present
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  with_items: 
    - /var/lib/headscale
    - /var/lib/headscale/cache

- name: Enable systemd service
  ansible.builtin.systemd:
    name: headscale.service
    state: started
    enabled: true

# Exit node:
#    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
#    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list
# apt-get update
# apt-get install tailscale
# tailscale up --advertise-exit-node --login-server https://headscale.wolkige.abgruen.de
#