- name: Install tor
  apt:
    name: tor
    update_cache: yes

- name: Set torrc file
  template:
    src: torrc.j2
    dest: /etc/tor/torrc

- name: Install iptables-persistent
  apt:
    name: iptables-persistent
    state: present

- name: Template & copy iptables script
  template:
    src: iptables.sh.j2
    dest: iptables.sh

- name: Execute iptables script
  become: yes
  shell: bash iptables.sh

- name: set nameserver to localhost
  copy:
    content: "nameserver 127.0.0.1"
    dest: /etc/resolv.conf

- name: Restart systemd-resolved
  service:
    name: systemd-resolved
    state: restarted
    daemon_reload: yes

- name: Ensure log file exists
  file:
    path: "{{ tor_logfile_path }}"
    state: touch
    owner: debian-tor
    mode: 0644

- name: (Re)start and enable tor service
  service:
    name: tor
    state: restarted
    enabled: yes
    daemon_reload: yes