3 changed files with 65 additions and 65 deletions
--- a/roles/bootstrap/defaults/main.yml
+++ b/roles/bootstrap/defaults/main.yml
@ -1,25 +1,12 @@
 ---
-bootstrap_default_pkgs:
+DEFAULT_PKGS:
  common:
  - sudo
  - vim
  RedHat:
    - python3-rpm
    - python3-dnf
  AlmaLinux: &CENT
    - epel-release
    - python3-rpm
    - python3-dnf
  Rocky: *CENT
  Fedora:
  - vim-default-editor
-    - kitty-terminfo
+UNWANTED_PKGS:
 # removal assumes no need to sort by os_family, unlike the installation requests
 bootstrap_unwanted_pkgs:
  - earlyoom
  - power-profiles-daemon
  - nano-default-editor
  - nano
  - nano-default-editor
  - systemd-oomd-defaults
  - zram-generator-defaults
--- a/roles/bootstrap/tasks/main.yml
+++ b/roles/bootstrap/tasks/main.yml
@ -1,42 +1,54 @@
 ---
- name: Bootstrap/common tasks
+- block:
  tags:
    - bootstrap
  block:
-    - name: Gather service facts
+    - name: Gather package facts
-      ansible.builtin.service_facts:
+      ansible.builtin.package_facts:
-      tags: ['always']  # ensure this runs if tasks are selected w/ tags (may provide required info)
+        manager: auto
-    - name: Remove unwanted packages  # before installation; may be required for conflicts
+    - name: Check if atomic
      ansible.builtin.stat:
        path: /run/ostree-booted
      register: ostree
    - name: Check for cloud.cfg
      ansible.builtin.stat:
        path: /etc/cloud/cloud.cfg
      register: cloudcfg
    - name: Set fact (atomic state)
      ansible.builtin.set_fact:
        is_atomic: "{{ ostree.stat.exists }}"
    - name: Set fact (cloud.cfg state)
      ansible.builtin.set_fact:
        is_cloudy: "{{ cloudcfg.stat.exists }}"
    - name: Include dnf tasks
      include_tasks: dnf.yml
      when: (ansible_distribution in ["Fedora"] and not is_atomic) or (ansible_distribution in ["RedHat", "Red Hat Enterprise Linux", "CentOS"] and ansible_distribution_major_version is version('8', '>='))
    - name: Remove unwanted packages
      become: true
      ansible.builtin.package:
        name: "{{ item }}"
        state: absent
-      with_items: "{{ bootstrap_unwanted_pkgs }}"
+      when: "(item in ansible_facts.packages)"
      with_items: "{{ UNWANTED_PKGS }}" # see roles/bootstrap/defaults/main.yml
    - name: Install prereqs
      become: true
      ansible.builtin.package:
-        name: "{{ bootstrap_default_pkgs['common'] + bootstrap_default_pkgs[ansible_distribution] }}"
+        name: "{{ DEFAULT_PKGS | difference(ansible_facts.packages) }}"
-        state: present
+        state: installed
-        update_cache: true
+      when: (ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "RedHat", "Fedora"] and not is_atomic)
      when: (not ansible_local.os.is_atomic)  # skip if an ostree/atomic host, unhandled
-    - name: Include dnf tasks
+    - name: Disable fastestmirror (fedora - non-atomic)
      ansible.builtin.include_tasks: dnf.yml
      when:
        - ansible_os_family in ["RedHat"]
        - not ansible_local.os.is_atomic  # see 'custom-facts' role
        - ansible_distribution_major_version is version('8', '>=')  # don't use on EL6/7, as rare as they are anymore
    - name: Disable fastestmirror (Fedora - non-atomic)
      become: true
      ansible.builtin.lineinfile:
        path: /etc/dnf/dnf.conf
        regexp: "^fastestmirror="
        line: "fastestmirror=False"
-      when: ansible_distribution in ["Fedora"] and not ansible_local.os.is_atomic
+      when: ansible_distribution in ["Fedora"] and not is_atomic
    - name: Remove update_etc_hosts from cloud.cfg
      become: true
@ -44,19 +56,18 @@
        line: ' - update_etc_hosts'
        path: /etc/cloud/cloud.cfg
        state: absent
-      when: ansible_local.os.is_cloudy
+      when: is_cloudy|bool
-#    - name: Add all hosts to /etc/hosts
+    - name: Add all hosts to /etc/hosts
-#      become: true
+      become: true
-#      ansible.builtin.lineinfile:
+      ansible.builtin.lineinfile:
-#        path: /etc/hosts
+        path: /etc/hosts
-#        state: present
+        state: present
-#        line: "{{ hostvars[item].ip | default('127.0.0.1') }} {{ hostvars[item].ansible_hostname }}"
+        line: "{{ hostvars[item].ip | default('127.0.0.1') }} {{ hostvars[item].ansible_hostname }}"
-#        regexp: "^{{ hostvars[item].ip | default('127.0.0.1') }}.*{{ hostvars[item].ansible_hostname }}$"
+        regexp: "^{{ hostvars[item].ip | default('127.0.0.1') }}.*{{ hostvars[item].ansible_hostname }}$"
-#      with_items: "{{ groups.all }}"
+      with_items: "{{ groups.all }}"
    - name: Set hostname to match inventory
      become: true
      ansible.builtin.hostname:
        name: "{{ inventory_hostname }}"
      register: hostname_change
@ -73,36 +84,31 @@
      ansible.builtin.rpm_key:
        state: present
        key: https://getfedora.org/static/fedora.gpg
-      when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not ansible_local.os.is_atomic
+      when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic
    - name: Install EPEL (dist pkg)
      become: true
      ansible.builtin.package:
        name: epel-release
        state: present
-      when: ansible_distribution in ['CentOS'] and not ansible_local.os.is_atomic
+      when: ansible_distribution in ['CentOS'] and not is_atomic
    - name: Install EPEL (upstream pkg)
      become: true
      ansible.builtin.package:
        name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
        state: present
-      when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not ansible_local.os.is_atomic
+      when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic
-    - name: Disable NetworkManager phoning home (on Fedora, when enabled)
+    - name: Disable NetworkManager phoning home on Fedora
      become: true
      tags: ['phone', 'phoning']
      ansible.builtin.file:
        path: /etc/NetworkManager/conf.d/20-connectivity-fedora.conf
        access_time: preserve # make this properly idempotent, register no change when file exists
        modification_time: preserve # ^
        state: touch
        mode: '0644'
-      when:
+      when: (ansible_distribution in ['Fedora'] and not is_atomic) and ('NetworkManager' in ansible_facts.packages)
        - ansible_distribution in ['Fedora']
        - not ansible_local.os.is_atomic
        - "'NetworkManager.service' in ansible_facts.services"
        - ansible_facts.services['NetworkManager.service'].status in ['enabled']
    - name: Ensure systemd-oomd service and socket are disabled and stopped
      become: true
@ -113,7 +119,7 @@
      with_items:
        - systemd-oomd.service
        - systemd-oomd.socket
-      when: (ansible_distribution in ['Fedora'] and not ansible_local.os.is_atomic)
+      when: (ansible_distribution in ['Fedora'] and not is_atomic)
    - name: Ensure systemd-oomd service and socket are masked
      become: true
@ -123,4 +129,13 @@
      with_items:
        - systemd-oomd.service
        - systemd-oomd.socket
-      when: (ansible_distribution in ['Fedora'] and not ansible_local.os.is_atomic)
+      when: (ansible_distribution in ['Fedora'] and not is_atomic)
    - name: Ensure systemd-oomd-defaults package is removed
      become: true
      ansible.builtin.package:
        name: systemd-oomd-defaults
        state: absent
  tags:
    - bootstrap
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -2,13 +2,11 @@
 # depends on create-user role / create_username var
 - name: "Install Docker"
  become: true
  ansible.builtin.package:
    name: "{{ docker_pkgs[ansible_distribution] }}"
    state: present
 - name: Enable/start docker
  become: true
  ansible.builtin.service:
    name: docker
    state: started