---
  - name: Disable SELinux
    lineinfile: dest="/etc/selinux/config" line="SELINUX=disabled" regexp="^SELINUX=.*" state=present
    register: selinux
    tags: selinux

  - name: Reboot is needed to effectively disable SELinux !
    command: /bin/false
    when: selinux.changed
    tags: selinux

  - name: Install the 32 bits library (if needed)
    yum: name=glibc.i686 state=installed
    when: "ansible_architecture == 'x86_64'"

  - name: Tell SSHD not to use DNS
    lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *UseDNS +" line="UseDNS no"
    notify: restart sshd
    tags: config

  - name: Tell SSHD to forbid root accesses
    lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *PermitRootLogin +" line="PermitRootLogin no"
    notify: restart sshd
    tags: config

  - name: Tell SSHD to forbid password accesses
    lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *PasswordAuthentication +" line="PasswordAuthentication no"
    notify: restart sshd
    tags: config

  - name: Install VIM
    yum: name=vim-enhanced state=installed

  - name: Install Screen
    yum: name=screen state=installed

  - name: Install OpenLDAP clients
    yum: name=openldap-clients state=installed

  - name: Install unzip
    yum: name=unzip state=installed

  - name: Install tcpdump
    yum: name=tcpdump state=installed

  - name: Install telnet
    yum: name=telnet state=installed

  - name: Install strace
    yum: name=strace state=installed

  - name: Install man-pages
    yum: name=man-pages state=installed

  - name: Install man
    yum: name=man state=installed

  - name: Install iptraf
    yum: name=iptraf state=installed

  - name: Install wget
    yum: name=wget state=installed

  - name: Compute short hostname
    set_fact:
      shortname: "{{ inventory_hostname | regex_replace('([^.]+)\\..*', '\\\\1') }}"
    tags: config

  - name: Persist the hostname
    lineinfile: dest=/etc/sysconfig/network regexp="^HOSTNAME=" line="HOSTNAME={{ shortname }}"
    notify: update hostname
    tags: config

  - name: Edit /etc/hosts
    template: src=etc_hosts dest=/etc/hosts owner=root group=root mode=0644
    tags: config

  - name: Ensure consistent locale across systems (1/2)
    lineinfile: dest=/etc/sysconfig/i18n regexp="^LANG=" line="LANG=en_US.utf8"

  - name: Ensure consistent locale across systems (2/2)
    lineinfile: dest=/etc/sysconfig/i18n line="LC_CTYPE=en_US.utf8"

  - name: Install createrepo
    yum: name=createrepo state=installed

  - name: Create the "sources" dir in /opt
    file: dest={{ sources_dir }} state=directory

  - name: Create the "rpms" dir in /opt/sources
    file: dest={{ sources_dir }}/rpms state=directory
    register: rpmsdir

  - name: Initialize the RPM repository
    command: createrepo {{ sources_dir }}/rpms
    when: rpmsdir.changed

  - name: Install the RPM repository in yum config
    template: src=local.repo dest=/etc/yum.repos.d/local.repo

  - name: Install the OpenSSH clients
    yum: name=openssh-clients state=installed

  - name: Configure all network interfaces with the same config
    template: src=ifcfg-ethX dest=/etc/sysconfig/network-scripts/ifcfg-{{ item }}
    with_items:
      - eth0
      - eth1
      - eth2
      - eth3
      - eth4
      - eth5
      - eth6
      - eth7
      - eth8
      - eth9
    tags: config

  - name: Install the custom banner script
    template: src=rc.local dest=/usr/local/etc/rc.local mode=0755
    tags: config

  - name: Run the custom banner script at startup
    lineinfile: dest=/etc/rc.d/rc.local line="/usr/local/etc/rc.local" state=present insertafter=EOF