main.yml

- hosts: all

  gather_facts: False
  pre_tasks:
  - name: install python 2 for ansible
    become: true
    raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
    changed_when: False
  - setup: # aka gather_facts

  tasks:
  - name: Update and upgrade apt packages
    become: true
    apt:
      upgrade: yes
      update_cache: yes
      cache_valid_time: 86400 #One day

  - name: Install list of packages
    become: true
    apt: name={{item}} state=installed
    with_items:
         - tor 
         - git
         - x11vnc
         - xserver-xorg-core
         - xserver-xorg-input-all
         - xserver-xorg-video-fbdev
         - xserver-xorg-legacy
         - build-essential
         - automake
         - xinit
         - libx11-dev
         - libxft-dev
         - libxinerama-dev
         - libfreetype6-dev
         - x11-xserver-utils
         - plymouth
         - locales
         - gpredict
         - firefox-esr

  - user:
      name: xorg 
      shell: /bin/bash
    become: true

  - synchronize:
      src: dwm/
      dest: /home/pi/dwm/

  - copy:
      src: xorg/xorg.service
      dest: /etc/systemd/system/xorg.service
      owner: root
      group: root
      mode: 0655
    become: yes

  - copy:
      src: xorg/.xinitrc
      dest: /home/xorg/.xinitrc
      owner: xorg
      group: xorg
      mode: 0500
    become: yes

  - copy:
      src: xorg/autostart.sh
      dest: /home/xorg/autostart.sh
      owner: xorg 
      group: xorg
      mode: 0500
    become: yes

  - make:
      chdir: /home/pi/dwm/
      target: install
    become: yes

  - lineinfile:
      path: /etc/X11/Xwrapper.config
      regexp: '^allowed_users='
      line: 'allowed_users=anybody'
    become: yes

  - lineinfile:
      path: /etc/X11/Xwrapper.config
      line: 'needs_root_rights=yes'
    become: yes

  - locale_gen:
      name: en_US.UTF-8
      state: present
    become: yes

  - lineinfile:
      path: /etc/default/locale
      state: present
      line: 'LANG=en_US.UTF-8'
    become: yes

  - lineinfile:
      path: /etc/default/locale
      state: present
      line: 'LC_ALL=en_US.UTF-8'
    become: yes

  - lineinfile:
      path: /etc/ssh/sshd_config
      state: present
      line: 'PasswordAuthentication no'
    become: yes
    
  - name: enable service xorg and ensure it is not masked
    systemd:
      name: ssh
      enabled: yes
      masked: no
      state: restarted
    become: yes

  - name: enable service xorg and ensure it is not masked
    systemd:
      name: xorg
      enabled: yes
      masked: no
      state: restarted
    become: yes
    
  - copy:
      src: tor/torrc
      dest: /etc/tor/torrc 
      owner: root
      group: root
      mode: 644
    become: yes

  - name: enable service xorg and ensure it is not masked
    systemd:
      name: tor
      enabled: yes
      masked: no
      state: restarted
    become: yes
    
  - name: Run a command using a templated variable (always use quote filter to avoid injection)
    become: yes
    raw: cat /var/lib/tor/ssh/hostname

  - debug: msg="{{ details.stdout_lines | quote }}"