- name: Install packages
  package:
    name:
      - iwd
    state: present

- name: Create directories
  file:
    name: "{{ item }}"
    state: directory
    mode: 0755
    owner: root
    group: wheel
  loop:
    - /etc/systemd/resolved.conf.d

- name: Copy files
  copy:
    src: "files/{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: 0644
    owner: root
    group: wheel
  loop:
    - src: mullvad_dns_over_tls.conf
      dest: /etc/systemd/resolved.conf.d/mullvad_dns_over_tls.conf
    - src: main.conf
      dest: /etc/iwd/main.conf
    - src: 10-wired.network
      dest: /etc/systemd/network/10-wired.network

- name: Configure sysctls
  sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
    state: present
    sysctl_file: /etc/sysctl.d/{{ item.file }}
  loop:
    # Enable IPv6 Privacy Extensions
    - name: net.ipv6.conf.all.use_tempaddr
      value: 2
      file: 40-ipv6.conf
    # Enable IPv6 Privacy Extensions
    - name: net.ipv6.conf.default.use_tempaddr
      value: 2
      file: 40-ipv6.conf
    # Enable IPv6 Privacy Extensions
    # - name: net.ipv6.conf.nic.use_tempaddr
    #   value: 2
    #   file: 40-ipv6.conf

- name: Enable services
  systemd:
    enabled: yes
    name: "{{ item }}"
    daemon_reload: yes
  loop:
    - iwd.service
    # - systemd-networkd.service
    - systemd-resolved.service

- name: Install scripts
  copy:
    src: "files/{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: 0755
    owner: root
    group: wheel
  loop:
    - src: next_hop_linux.bash
      dest: /usr/local/bin/next_hop