- name: include operating system sensible task
  include_tasks: "_{{ ansible_distribution | lower }}.yml"
  tags: sysconf

- name: generate doas configuration
  lineinfile:
    path: /etc/doas.conf
    regexp: "^permit persist keepenv {{ ws_user }} as root"
    line: "permit persist keepenv {{ ws_user }} as root"
    create: true
    mode: "0644"
    owner: 0
    group: 0

- name: allow reboot/shutdown/hibernate with doas
  lineinfile:
    path: /etc/doas.conf
    regexp: "^permit nopass {{ ws_user }} as root cmd {{ item }}"
    line: "permit nopass {{ ws_user }} as root cmd {{ item }}"
  loop:
    - zzz
    - ZZZ
    - reboot
    - shutdown

- name: start and enable pcscd service
  service:
    name: pcscd
    state: started
    enabled: true

- name: check sudo binary path
  shell: which sudo
  register: result
  failed_when: false

- name: uninstall sudo binary
  package:
    name: sudo
    state: absent
  when: result.rc == 0
  register: sudo
  ignore_errors: true