---
- name: set homepage
  lineinfile:
    dest: /etc/firefox-esr/firefox-esr.js
    line: pref("browser.startup.homepage", "https://www.startpage.com");

    #- name: enable pam_umask
    #  lineinfile:
    #    dest: /etc/pam.d/common-session
    #    line: "session optional	pam_umask.so usergroups"

- name: set capabilities (wireshark)
  capabilities:
    path: /usr/bin/dumpcap
    capability: cap_net_raw,cap_net_admin+eip
    state: present


############## extra data partition ###############
- name: mount data partition
  mount:
    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
    path: /home/data
    fstype: ext4
    state: mounted
  register: data_mounted
  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
  loop:
    - sdb
    - sde

- name: set sticky bit on data directory
  file:
    path: /home/data
    state: directory
    mode: '1777'
  when: data_mounted.changed

################# from kiosk.yml ##################
- name: grub timeout
  lineinfile:
    dest: /etc/default/grub
    regexp: '^(GRUB_TIMEOUT=).*'
    line: '\g<1>1'
    backrefs: yes
  notify: update grub

- name: keyboard compose key
  lineinfile:
    dest: /etc/default/keyboard
    regexp: '^(XKBOPTIONS=).*'
    line: '\1"compose:caps"'
    backrefs: yes

- name: tmp on tmpfs
  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
  args:
    creates: /etc/systemd/system/tmp.mount
  notify: enable tmp.mount