---
- name: Set up systemd networking
  ansible.builtin.import_tasks:
    file: systemd_networking.yml
  tags: systemd_networking

- name: Set up devices
  ansible.builtin.import_tasks:
    file: systemd_networking_devices.yml
  tags: devices

- name: Shut down legacy networking
  ansible.builtin.import_tasks:
    file: legacy_networking.yml
  tags: legacy_networking

# Deploy hostapd configuration
- name: Deploy hostapd configuration
  ansible.builtin.template:
    src: hostapd.conf.j2
    dest: /etc/hostapd/hostapd.conf
    mode: "0644"
  notify: Restart hostapd

# Start hostapd
- name: Enable and start hostapd
  ansible.builtin.systemd:
    name: hostapd
    enabled: true
    state: started

# Create /etc/nftables.d
- name: Create /etc/nftables.d
  ansible.builtin.file:
    path: /etc/nftables.d
    state: directory
    mode: "0755"
    owner: root
    group: root

# Set up NAT
- name: Install custom NAT masquerading rule
  ansible.builtin.template:
    dest: /etc/nftables.d/10-ham-hotspot-nat.nft
    src: ham-hotspot-nat.nft.j2
    mode: "0644"
  notify: Restart nftables

# Install ham-hotspot-nat.service
- name: Install ham-hotspot-nat.service
  ansible.builtin.template:
    dest: /etc/systemd/system/ham-hotspot-nat.service
    src: ham-hotspot-nat.service.j2
    mode: "0644"
  notify: Reload systemd

# Enable and start ham-hotspot-nat.service
- name: Enable and start ham-hotspot-nat.service
  ansible.builtin.systemd:
    name: ham-hotspot-nat.service
    enabled: true
    state: started