# Bootstrap virgin system
# 1. Create the ansible user with correct pubkey access
# 2. Install python-apt module
- hosts: all
  tasks:
    - name: Install basic packages
      apt: name='{{ item }}' state=latest
      with_items:
      - sudo
      - python-apt
    - include: roles/common/tasks/ansible-user.yml
    - name: Disallow root SSH access
      lineinfile: dest=/etc/ssh/sshd_config
                  regexp="^PermitRootLogin"
                  line="PermitRootLogin no"
                  state=present
      notify: ssh-restart
  handlers:
    - name: ssh-restart
      service: name=ssh state=restarted