---
- name: Gather package facts
  ansible.builtin.package_facts:
    manager: auto
  become: true

- name: Include Tailscale tasks
  ansible.builtin.import_tasks: tasks/global/tailscale.yml
  become: true
  when: "'microsoft-standard-WSL2' not in ansible_kernel"

- name: Include Docker tasks
  ansible.builtin.import_tasks: tasks/global/docker.yml
  become: true
  when: "'microsoft-standard-WSL2' not in ansible_kernel"

- name: Include Ollama tasks
  ansible.builtin.import_tasks: tasks/global/ollama.yml
  become: true
  when: "'microsoft-standard-WSL2' not in ansible_kernel"

- name: Include OpenSSH Server tasks
  ansible.builtin.import_tasks: tasks/global/openssh-server.yml
  become: true
  when: "'microsoft-standard-WSL2' not in ansible_kernel"

- name: Ensure common packages are installed on Arch-based systems
  ansible.builtin.package:
    name:
      - git
      - vim
      - curl
      - wget
      - httpie
      - python
      - python-pip
      - python-pipx
      - python-pylint
      - go
    state: present
  become: true
  when: ansible_pkg_mgr == 'pacman'

- name: Ensure common packages are installed on non-Arch systems
  ansible.builtin.package:
    name:
      - git
      - vim
      - curl
      - wget
      - httpie
      - python3
      - python3-pip
      - python3-venv
      - pylint
      - black
      - pipx
      - nala
      - golang
    state: present
  become: true
  when: ansible_pkg_mgr != 'pacman'

- name: Configure performance optimizations
  ansible.builtin.sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
    state: present
    reload: true
  become: true
  loop:
    - { name: "vm.max_map_count", value: "16777216" }

# --- PBinCLI via pipx ---
- name: Ensure pbincli is installed with pipx
  ansible.builtin.command: pipx install pbincli
  args:
    creates: ~/.local/bin/pbincli
  environment:
    PIPX_DEFAULT_PYTHON: /usr/bin/python3
  become: false

- name: Ensure ~/.config/pbincli directory exists
  ansible.builtin.file:
    path: "{{ ansible_env.HOME }}/.config/pbincli"
    state: directory
    mode: "0755"

- name: Configure pbincli to use custom server
  ansible.builtin.copy:
    dest: "{{ ansible_env.HOME }}/.config/pbincli/pbincli.conf"
    content: |
      server=https://bin.mvl.sh
    mode: "0644"

- name: Include WSL2 tasks
  ansible.builtin.import_tasks: tasks/global/wsl.yml
  when: "'microsoft-standard-WSL2' in ansible_kernel"

- name: Include Utils tasks
  ansible.builtin.import_tasks: tasks/global/utils.yml
  become: true
  tags: utils

- name: Ensure ~/.hushlogin exists
  ansible.builtin.stat:
    path: ~/.hushlogin
  register: hushlogin_stat

- name: Create ~/.hushlogin if it does not exist
  ansible.builtin.file:
    path: ~/.hushlogin
    state: touch
    mode: "0644"
  when: not hushlogin_stat.stat.exists

# Ensure pwfeedback is enabled in sudoers for better password UX
- name: Ensure pwfeedback is present in Defaults env_reset line in /etc/sudoers
  ansible.builtin.replace:
    path: /etc/sudoers
    regexp: '^Defaults\s+env_reset(?!.*pwfeedback)'
    replace: "Defaults        env_reset,pwfeedback"
    validate: "visudo -cf %s"
  become: true
  tags: sudoers