# Copyright 2019 The Kubernetes Authors.

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

# http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Define file modes
  set_fact:
    last_log_mode:   "0664"
    machine_id_mode: "0644"

- name: apt-mark all installed packages
  shell: dpkg-query -f '${binary:Package}\n' -W | xargs apt-mark hold

- name: Remove extra repos
  file:
    path: "/etc/apt/sources.list.d/{{ item | basename }}"
    state: absent
  loop: "{{ extra_repos.split() }}"
  when: remove_extra_repos and extra_repos != ""

- name: Find disabled repo files
  find:
    depth: 1
    paths:
      - /etc/apt
      - /etc/apt/sources.list.d
    patterns: '*.list.disabled'
  register: repo_files
  when: disable_public_repos|default(false)|bool and reenable_public_repos|default(true)|bool

- name: Enable repos
  command: "mv {{ item.path }} {{ item.path | regex_replace('.disabled') }}"
  loop: "{{ repo_files.files }}"
  when: disable_public_repos|default(false)|bool and reenable_public_repos|default(true)|bool

- name: Remove templated apt.conf.d/90proxy used for http(s)_proxy support
  file:
    path: etc/apt/apt.conf.d/90proxy
    state: absent
  when: http_proxy is defined or https_proxy is defined

- name: Stop auditing
  service:
    name: rsyslog
    state: stopped

- name: Remove apt package caches
  apt:
    autoclean: yes
    autoremove: yes
    force_apt_get: yes

- name: Remove apt package lists
  file:
    state: "{{ item.state }}"
    path: "{{ item.path }}"
    owner: root
    group: root
    mode: "{{ item.mode }}"
  loop:
  - { path: /var/lib/apt/lists, state: absent,    mode: "0755" }
  - { path: /var/lib/apt/lists, state: directory, mode: "0755" }

- name: Disable apt-daily services
  systemd:
    name: "{{ item }}"
    state: stopped
    enabled: false
  loop:
  - apt-daily.timer
  - apt-daily-upgrade.timer

- name: Get installed packages
  package_facts:

- name: Disable unattended upgrades if installed
  systemd:
    name: unattended-upgrades
    state: stopped
    enabled: false
  when: "'unattended-upgrades' in ansible_facts.packages"

- name: Reset network interface IDs
  file:
    state: absent
    path: /etc/udev/rules.d/70-persistent-net.rules