---
- name: Gathering facts
  hosts: all
  gather_facts: true
  tags: always

- name: Sanity checks
  hosts: all
  tags: always
  tasks:
    - name: Check user ID
      fail:
        msg: This playbook should only be run as 'root'
      when: ansible_real_user_id != 0
    - name: Import list of accepted values for defined variables
      include_vars:
        name: accepted_values
        file: ./requirements/accepted_variables.yml
    - name: Check defined values of top-level variables
      fail:
        msg: 'Variable `{{ item }}` needs to be 1 of {{ accepted_values[item] }}'
      when: not vars[item] in accepted_values[item]
      loop: '{{ accepted_values | flatten }}'

- name: Setup the system
  hosts: all
  # Hard-coded variables that shouldn't be configured
  vars:
    # elogind needs polkit to function
    use_polkit: '{{ (seat_manager == "elogind") | ternary("True", polkit) }}'
  roles:
    - role: essential
      tags: essential
    - role: devd
      tags: devd
    - role: acpi
      tags: acpi
    - role: seat
      tags: seat
    - role: fstab
      tags: fstab
    - role: nftables
      tags: nftables
    - role: apparmor
      tags: apparmor
    - role: cron
      tags: cron
    - role: grub
      tags: grub
      when: bootloader == 'grub'
    - role: networking
      tags: networking
    - role: libvirt
      tags: libvirt
    - role: tlp
      tags: [laptop, tlp]
    - role: dns
      tags: dns
    - role: usbguard
      tags: usbguard
    - role: zram
      tags: zram
    - role: earlyoom
      tags: earlyoom
    - role: user
      tags: user
    - role: waydroid
      tags: [waydroid, never]