configpolicy/roles/pikvm/tasks/main.yml

- name: ensure sshd is configured for pikvm
  copy:
    src: sshd_config
    dest: /etc/ssh/sshd_config.d/pikvm.conf
    owner: root
    group: root
    mode: u=rw,go=
  notify:
  - reload sshd

- name: ensure kvmd-webterm is disabled
  service:
    name: kvmd-webterm
    state: stopped
    enabled: false
  tags:
  - service

- name: ensure pikvm users are configured
  htpasswd:
    name: '{{ item.username }}'
    password: '{{ item.password }}'
    path: /etc/kvmd/htpasswd
    hash_scheme: ldap_salted_sha512
    state: present
  loop: '{{ pikvm_users }}'
  loop_control:
    label: '{{ item.username }}'
  tags:
  - htpasswd

- name: ensure pikvm admin user is removed
  htpasswd:
    name: admin
    path: /etc/kvmd/htpasswd
    state: absent
  tags:
  - htpasswd

- name: ensure pikvm meta info is set
  copy:
    content: '{{ pikvm_meta | to_nice_yaml(indent=2) }}'
    dest: /etc/kvmd/meta.yaml
    owner: root
    group: root
    mode: u=rw,go=r
  tags:
  - config