---
- hosts: all
  become: true
  tasks:

    - name: Update Server
      apt:
        upgrade: 'False'
        update-cache: 'True'
        cache_valid_time: 3600
      tags:
        - pkgs

    - name: Install Core Server Utils
      apt:
        pkg:
          - curl
          - python3
          - ufw
          - samba
          - smbclient
          - cifs-utils
          - apt-transport-https
          - ca-certificates
          - curl
          - software-properties-common
          - python3-pip
          - virtualenv
          - python3-setuptools
          - rsync
          - intel-opencl-icd # Added 1/13/2025 per Jellyfin
          - intel-gpu-tools # Added to monitor Intel QuickSync
          - screen
          - hdparm

        state: present
#        update_cache: true
        cache_valid_time: 3600
      tags:
        - pkgs

    - name: Add Docker GPG apt Key
      apt_key:
        url: https://download.docker.com/linux/ubuntu/gpg
        state: present

    - name: Add Docker Repository
      apt_repository:
        repo: deb https://download.docker.com/linux/ubuntu focal stable
        state: present

    - name: Update apt and install docker-ce
      apt:
        name:
          - docker-ce
          - containerd.io
          - docker-compose
        state: latest
#        update_cache: true
#
#    - name: Install Docker Containers
#      community.docker.docker_container:
#        name: portainer
#        image: portainer/portainer-ce

    - name: Create Portainer Directory
      file:
        path: /home/mike/docker/portainer
        state: directory
      become_user: mike

    - name: Create UFW directory
      file:
        path: /home/mike/ufw/applications.d
        state: directory
      become_user: mike

    - name: Sync Portainer docker-compose file
      synchronize:
        src: docker-compose.yml
        dest: /home/mike/docker/portainer
      become_user: mike

    - name: Install UFW config files
      synchronize:
        src: TG-portainer
        dest: /home/mike/ufw/applications.d
      become_user: mike

    - name: Move UFW files to proper directory
      command: mv /home/mike/ufw/applications.d/TG-portainer /etc/ufw/applications.d/TG-portainer
       ### Need to change ownership to root ###

    - name: Start Portainer
      docker_compose:
        project_src: /home/mike/docker/portainer
        state: present

    - name: Configure UFW - allow OpenSSH, samba, and TG-portainer
      ufw:
        rule: allow
        name: "{{ item }}"
      with_items:
        - OpenSSH
        - samba
        - TG-portainer

    - name: Configure UFW - delete default allow 22
      ufw:
        rule: allow
        port: 22
        proto: tcp
        delete: yes

    - name: Configure UFW - deny all else
      ufw:
        state: enabled
        policy: deny