- name: ensure pxeadmins group exists
  group:
    name: pxeadmins
    state: present
  tags:
  - group

- name: ensure pxeadmins can write to tftpboot directory
  acl:
    path: /var/lib/tftpboot
    entity: pxeadmins
    etype: group
    permissions: rwX
    recursive: True
    default: '{{ item == "default" }}'
    state: present
  loop:
  - default
  - current
  tags:
  - permissions

- name: ensure pxeadmins can write to nbd directory
  acl:
    path: /var/lib/nbd
    entity: pxeadmins
    etype: group
    permissions: rwX
    recursive: True
    default: '{{ item == "default" }}'
    state: present
  loop:
  - default
  - current
  tags:
  - permissions

- name: ensure kickstart www directory exists
  file:
    path: /var/www/html/kickstart
    owner: root
    group: root
    mode: u=rwx,go=rx
    state: directory
  tags:
  - kickstart
- name: ensure pxeadmins can write to kickstart directory
  acl:
    path: /var/www/html/kickstart
    entity: pxeadmins
    etype: group
    permissions: rwX
    recursive: True
    default: '{{ item == "default" }}'
    state: present
  loop:
  - default
  - current
  tags:
  - kickstart
  - permissions