---
- hosts: ns2
  remote_user: root
  tasks:
    - name: Installation des paquets de base
      yum: name={{ item }} state=present
      with_items:
        - aide
        - bind
        - emacs-nox
        - iotop
        - ipset
        - nmap
        - postfix
        - powertop
        - yum-plugin-fastestmirror
        - yum-plugin-verify
        - screen
        - ntp
        - dovecot-mysql
        - dovecot-pigeonhole

    - name: Installation de la clé ssh pour l'utilisateur root
      authorized_key: user=root key="{{lookup('file', 'files/id_rsa.pub') }}" manage_dir=yes

    - name: Configuration du démon SSH
      lineinfile: dest=/etc/ssh/sshd_config state=present backrefs=yes regexp="^PasswordAuthentication yes"
                  line="PasswordAuthentication no"
      notify: restart sshd

    - name: Configuration yum affichage historique
      lineinfile: dest=/etc/yum.conf create=yes state=present insertafter="installonly_limit"
                  line="history_list_view=cmds"

    - name: Configuration yum clean on remove
      lineinfile: dest=/etc/yum.conf create=yes state=present insertafter="history_list_view=cmds"
                  line="clean_requirements_on_remove=1"

    - name: Root bashrc
      copy: src="files/bashrc" dest=/root/.bashrc mode=644

    - name: Root emacs rc
      copy: src="files/emacs.rc" dest=/root/.emacs mode=644

    - name: Configure la variable EDITOR
      lineinfile: dest=/root/bin/setvars create=yes state=present
                  line="export EDITOR=emacs"

    - name: Serveurs NTP 0.centos.pool.ntp.org désactivé
      lineinfile: dest=/etc/ntp.conf state=present backrefs=yes regexp="^server 0.centos.pool.ntp.org"
                  line="#server 0.centos.pool.ntp.org"

    - name: Serveurs NTP 1.centos.pool.ntp.org désactivé
      lineinfile: dest=/etc/ntp.conf state=present backrefs=yes regexp="^server 1.centos.pool.ntp.org"
                  line="#server 1.centos.pool.ntp.org"

    - name: Serveurs NTP 2.centos.pool.ntp.org désactivé
      lineinfile: dest=/etc/ntp.conf state=present backrefs=yes regexp="^server 2.centos.pool.ntp.org"
                  line="#server 2.centos.pool.ntp.org"

    - name: Serveurs NTP 3.centos.pool.ntp.org désactivé
      lineinfile: dest=/etc/ntp.conf state=present backrefs=yes regexp="^server 3.centos.pool.ntp.org"
                  line="#server 3.centos.pool.ntp.org"

    - name: Configuration serveur NTP actif
      lineinfile: dest=/etc/ntp.conf create=yes state=present insertafter="#server 3.centos.pool.ntp.org"
                  line="server ntp1.casperlefantom.net iburst"
      notify: restart ntpd

    - name: Transfert de mon certificat racine
      copy: src=files/root.pem dest=/root/root.pem mode=444

    - name: État du service named
      service: name=named state=started enabled=yes

    - name: État du service ntpd
      service: name=ntpd state=started enabled=yes



  handlers:
    - name: restart sshd
      service: name=sshd state=restarted

    - name: restart ntpd
      service: name=ntpd state=restarted