ansible/linux/compliance_Alpine.yaml

---
## Checks/deploys an Alpine Linux system to be managed with Ansible.

- name: Alpine - Install standard packages if not already installed.
  # Looking at you LXCs. >.>
  ansible.builtin.package:
    name:
      - doas
      - curl
      - net-tools
      - wget
      - util-linux
      - python3
      - iftop
    state: present

# Give ansible doas rights with no password required.
- name: Alpine - Add doas rights with no password for deployment user
  lineinfile:
    dest: /etc/doas.conf
    regexp: '^ansible'
    line: 'permit keepenv nopass :ansible'
    state: present
    validate: 'doas -C %s'

- name: Alpine - Add nhadmin to wheel group.
  user:
    name: nhadmin
    groups: wheel
    append: yes
  # when: "'wheel' in ansible_facts.getent_group"