---
- name: "Download and install APK static into the host system."
  shell: "cd / && curl http://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/main/x86_64/apk-tools-static-{{ apk_version }}.apk | tar -xvzf - sbin/apk.static"
  args:
    creates: "/sbin/apk.static"
- name: "Perform installation in a mostly secure way.  First install keys insecurely."
  shell: "apk.static -X http://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/main --root /mnt --arch x86_64 --initdb --allow-untrusted add alpine-keys"
  args:
    creates: "/mnt/etc/apk/keys"
- name: "Enable repositories."
  template:
    src: "templates/etc/apk/repositories.j2"
    dest: "/mnt/etc/apk/repositories"
    mode: "0600"
- name: "Install packages with signature verification.  Update if already present."
  shell: "apk.static --root /mnt --arch x86_64 add {{ item }}"
  loop: "{{ packages }}"
- name: "Tell Alpine how to mount partitions after boot."
  template:
    src: "templates/etc/fstab.j2"
    dest: "/mnt/etc/fstab"
    mode: "0755"
- name: "Load modules on boot"
  template:
    src: "templates/etc/modules.j2"
    dest: "/mnt/etc/modules"
    mode: "0640"
- name: "And which features to include into initramfs."
  template:
    src: "templates/etc/mkinitfs/mkinitfs.conf.j2"
    dest: "/mnt/etc/mkinitfs/mkinitfs.conf"
    mode: "0750"
- name: "Copy SSH host keys from the live system."
  shell: "rm /mnt/etc/ssh/*_key* -f && cp -a /etc/ssh/*_key* /mnt/etc/ssh/"
  args:
    creates: "/mnt/etc/ssh/ssh_host_ed25519_key"
- name: "Copy SSH authorized keys from the live system.  First create the /root/.ssh directory."
  file:
    state: "directory"
    path: "/mnt/root/.ssh"
    owner: "root"
    group: "root"
    mode: "0700"
- name: "And then the authorized_keys file."
  shell: "install -m 600 -o root -g root /root/.ssh/authorized_keys /mnt/root/.ssh/authorized_keys"
  args:
    creates: "/mnt/root/.ssh/authorized_keys"
- name: "Install network configuration."
  template:
    src: "templates/etc/network/interfaces.j2"
    dest: "/mnt/etc/network/interfaces"
- name: "And DNS resolvers."
  template:
    src: "templates/etc/resolv.conf.j2"
    dest: "/mnt/etc/resolv.conf"
    mode: "644"
- name: "Set hostname."
  template:
    src: "templates/etc/hostname.j2"
    dest: "/mnt/etc/hostname"
    mode: "644"