- name: Define keys for pacman
  set_fact:
    keys:
      - 1EDDE2CDFC025D17F6DA9EC0ADAE6AD28A8F901A  # Sublime Text
      - 9D5F1C051D146843CDA4858BDE64825E7CBC0D51  # ArchStrike

- name: Install pacman config
  template:
    src: ./files/pacman.conf
    dest: /etc/pacman.conf
    mode: 0644

- name: Add keys to pacman
  shell: pacman-key -r {{ item }}
  loop: "{{ keys }}"

- name: Sign keys in pacman
  shell: pacman-key --lsign-key {{ item }}
  loop: "{{ keys }}"

- name: Add keys to local keyring
  shell: gpg --recv-keys {{ item }}
  become: true
  become_user: "{{ user }}"
  loop: "{{ keys }}"

- name: Add tor browser key
  shell: gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
  become: true
  become_user: "{{ user }}"

- name: Create aur_builder user
  user:
    name: aur_builder
    group: wheel
    password_lock: true
    shell: /usr/bin/nologin

- name: Allow aur_builder user to run pacman as root
  lineinfile:
    path: /etc/sudoers.d/11-install-aur_builder
    line: "aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman"
    create: true
    validate: visudo -cf %s

- name: Get installed packages
  shell: pacman -Qq
  become: true
  become_user: aur_builder
  register: installed_packages


- name: Install yay
  aur:
    skip_installed: true
    name: yay
  become: true
  become_user: aur_builder

- name: Install additional repo keyrings
  aur:
    skip_installed: true
    name: "{{ item }}"
  become: true
  become_user: aur_builder
  when: item not in installed_packages.stdout_lines
  loop:
    - archstrike-keyring

- name: Install ccache
  aur:
    skip_installed: true
    name: ccache
  become: true
  become_user: aur_builder

- name: Install makepkg tools
  aur:
    skip_installed: true
    name: "{{ item }}"
  become: true
  become_user: aur_builder
  when: item not in installed_packages.stdout_lines
  loop:
    - pbzip2
    - zstd

- name: Install makepkg config
  template:
    src: ./files/makepkg.conf
    dest: /etc/makepkg.conf
    mode: 0644

- name: Install Reflector
  aur:
    skip_installed: true
    name: reflector
  become: true
  become_user: aur_builder

- name: Install Reflector service
  template:
    src: ./files/reflector.service
    dest: /etc/systemd/system/reflector.service
    mode: 0644
    owner: root
    group: root

- name: Enable Reflector services
  systemd:
    name: reflector
    enabled: true