- name: Install packagesfor freeradiusotp
  apt:
    name: "{{ item }}"
    state: present
  with_items:
    - freeradius
    - freeradius-ldap
    - libpam-google-authenticator
    - python3-qrcode
    - zip
    - mutt
- name: Create a symbolic link
  ansible.builtin.file:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: freerad
    group: freerad
    state: link
    force: yes
  loop:
    - { src: '{{ freeradius_mods_available_folder }}ldap', dest: '{{ freeradius_mods_enabled_folder }}ldap' }
    - { src: '{{ freeradius_mods_available_folder }}pam', dest: '{{ freeradius_mods_enabled_folder }}pam' }
- name: config default file
  ansible.builtin.template:
    src: default.j2
    dest: "{{ freeradius_default_config }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
- name: Copy LDAP file
  copy:
    src: ldap
    dest: "{{ freeradius_mod_ldap }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
- name: Add password to LDAP file
  lineinfile:
    dest: "{{ freeradius_mod_ldap }}"
    regexp: "{{item.regexp}}"
    line: "{{item.line}}"
    state: present
  with_items: 
    - regexp: "^	password ="
      line: "	password = {{ radius_ldap_password }}"
- name: Config dictionary file
  ansible.builtin.template:
    src: dictionary.j2
    dest: "{{ freeradius_dictionary_config }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
- name: Config clients.conf file
  ansible.builtin.template:
    src: clients.j2
    dest: "{{ freeradius_clients_config }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
- name: Config filter file
  ansible.builtin.template:
    src: filter.j2
    dest: "{{ freeradius_filter_config }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
- name: Config radius.conf file
  ansible.builtin.template:
    src: radiusd.j2
    dest: "{{ freeradius_base_config }}"
    owner: freerad
    group: freerad
    mode: '0640'
    backup: yes
  notify: restart freeradius
- name: Config pam radiusd file
  ansible.builtin.template:
    src: radiusdpam.j2
    dest: "{{ freeradius_pam_config }}"
    owner: root
    group: root
    mode: '0644'
- name: Config freeradius systemd service file
  ansible.builtin.template:
    src: freeradiusservice.j2
    dest: "{{ freeradius_service_config }}"
    owner: root
    group: root
    mode: '0644'
- name: Just force systemd to reread configs (2.4 and above)
  ansible.builtin.systemd_service:
    daemon_reload: true