chef-recipes/roles/cockpit/tasks/main.yml

# code: language=ansible

- name: Install base packages
  become: true
  ansible.builtin.package:
    name:
      - cockpit
      - cockpit-bridge
      - cockpit-machines
      - cockpit-packagekit
      - cockpit-podman
      - cockpit-storaged
      - cockpit-system
      - cockpit-ws
    state: present

- name: Enable cockpit
  become: true
  ansible.builtin.systemd:
    name: cockpit.socket
    enabled: true
    state: started

- name: Copy cockpit configuration
  become: true
  ansible.builtin.template:
    src: cockpit.conf.j2
    dest: /etc/cockpit/cockpit.conf
    owner: root
    group: root
    mode: "0644"

# https://cockpit-project.org/faq.html#error-message-about-being-offline
- name: Allow NetworkManager to manage network interfaces
  become_user: root
  become: true
  ansible.builtin.copy:
    src: files/10-globally-managed-devices.conf
    dest: /etc/NetworkManager/conf.d/
    owner: root
    group: root
    mode: "0644"

- name: Set-up a dummy network interface faking internet connection
  ansible.builtin.command: "nmcli con add type dummy con-name fake ifname fake0 ip4 1.2.3.4/24 gw4 1.2.3.1"

- name: Permit traffic from any IP to cockpit socket
  become: true
  community.general.ufw:
    direction: in
    from_ip: any
    proto: tcp
    to_port: 9090
    rule: allow

# - name: Reboot
#   become: true
#   ansible.builtin.reboot: