- name: "Virtualization server with KVM"
  hosts:      localhost
  connection: local

  tasks:

  - name: "Install packages"
    package:
      name:
        - qemu-base
        - iptables-nft
        - dnsmasq and
        - dmidecode
        - bridge-utils
        - openbsd-netcat
      state:        present
      update_cache: true

  - name: "Configure udev rules for bridge"
    copy:
      dest:    /etc/udev/rules.d/99-bridge.rules
      owner:   root
      group:   root
      mode:    0644
      content: |
        ACTION=="add", SUBSYSTEM=="module", KERNEL=="br_netfilter", RUN+="/sbin/sysctl -p /etc/sysctl.d/bridge.conf"

  - name: "Configure sysctl for bridge"
    copy:
      dest:    /etc/sysctl.d/bridge.conf
      owner:   root
      group:   root
      mode:    0644
      content: |
        net.bridge.bridge-nf-call-ip6tables=0
        net.bridge.bridge-nf-call-iptables=0
        net.bridge.bridge-nf-call-arptables=0

  - name: "Configure libvirtd"
    copy:
      dest:    /etc/libvirt/libvirtd.conf
      owner:   root
      group:   root
      mode:    0644
      src:     ./lib/etc/libvirt/libvirtd.conf

  - name: "Create groups"
    group:
      name:   '{{ item }}'
      state:  present
      system: true
    with_items:
      - libvirt

  - name: "Use systemd-timesyncd"
    service:
      name:    systemd-timesyncd
      state:   started
      enabled: yes