---
- name: Remove apt-config-file derived from preseeding
  ansible.builtin.file:
    path: /etc/apt/apt.conf
    state: absent
  when: ("baremetal" in group_names)
- name: Create apt-proxy config file
  ansible.builtin.template:
    src: apt-proxy_01proxy.j2
    dest: /etc/apt/apt.conf.d/01proxy
  when: ("DMZ" not in group_names)
- name: Remove apt-config-file only for aptproxy
  ansible.builtin.file:
    path: /etc/apt/apt.conf.d/01proxy
    state: absent
  when: ("aptproxy" in inventory_hostname)
- name: Copy apt-unattended-upgrades config file
  ansible.builtin.copy:
    src: apt-unattended-upgrades_10periodic
    dest: /etc/apt/apt.conf.d/10periodic
- name: Update and upgrade apt packages
  ansible.builtin.apt:
    update_cache: true
    upgrade: true
    autoremove: true
- name: Install core-packages
  ansible.builtin.apt:
    pkg:
      - sudo
      - gnupg
      - htop
      - ncdu
      - vim
      - tmux
      - gnupg2
      - nethogs
      - iftop
      - rsync
      - ripgrep
      - nnn
      #- duf
- name: Install core-packages for bare-metal-server
  ansible.builtin.apt:
    pkg:
      - inxi
  when: ("baremetal" in group_names)
- name: Install core-packages for server in DMZ
  ansible.builtin.apt:
    pkg:
      - fail2ban
  when: ("DMZ" in group_names)