---
# Common role - Base system configuration

- name: Update apt cache
  apt:
    update_cache: true
    cache_valid_time: 3600
  when: ansible_os_family == "Debian"
  tags: ['packages']

- name: Install common packages
  apt:
    name: "{{ common_packages }}"
    state: present
  tags: ['packages']

- name: Set timezone
  timezone:
    name: "{{ timezone }}"
  tags: ['system']

- name: Create admin users
  user:
    name: "{{ item.name }}"
    groups: "{{ item.groups }}"
    shell: "{{ item.shell }}"
    create_home: true
    state: present
  loop: "{{ admin_users }}"
  tags: ['users']

- name: Configure SSH
  lineinfile:
    path: /etc/ssh/sshd_config
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    state: present
  loop:
    - { regexp: '^#?PasswordAuthentication', line: 'PasswordAuthentication no' }
    - { regexp: '^#?PermitRootLogin', line: 'PermitRootLogin no' }
    - { regexp: '^#?Port', line: 'Port {{ ssh_port }}' }
  notify: restart sshd
  tags: ['ssh', 'security']

- name: Display completion
  debug:
    msg: "✅ Common configuration completed"