---
- name: 'Configure base system parameters'
  hosts: all

  vars_files:
    - vars/ports.yml
    - vars/vars.yml

  vars:
    apt_packages:
      - acl
      - curl
      - fuse
      - git
      - htop
      - jq
      - make
      - python3-pip

  tasks:

    - name: 'Install additional apt packages'
      ansible.builtin.apt:
        name: '{{ apt_packages }}'
        update_cache: true

    - name: 'Configure timezone'
      ansible.builtin.import_role:
        name: yatesr.timezone
      vars:
        timezone: UTC
      tags:
        - skip_ansible_lint

    - name: 'Configure security settings'
      ansible.builtin.import_role:
        name: geerlingguy.security
      vars:
        security_ssh_permit_root_login: "yes"
        security_autoupdate_enabled: "no"
        security_fail2ban_enabled: "yes"