---
- name: Bootstrap ansible
  become: true
  shell: scripts/bootstrap-ansible.sh
  args:
    chdir: /opt/openstack-ansible/
    creates: /etc/ansible/
  tags:
    - bootstrap

- name: Deploy and setup configuration
  block:
    - name: Copy template to etc
      ansible.builtin.copy:
        remote_src: yes
        src: /opt/openstack-ansible/etc/openstack_deploy/
        dest: /etc/openstack_deploy
        directory_mode: yes
        force: no

    - name: Copy distributed openstack configs
      ansible.builtin.copy:
        src: "files/{{ item }}.yml"
        dest: /etc/openstack_deploy/
        mode: '0644'
      with_items:
        - openstack_user_config

    - name: Create secrets
      become: true
      ansible.builtin.shell:
        cmd: /opt/openstack-ansible/scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
      tags: secrets
      args:
        creates: /etc/openstack_deploy/user_secrets.yml.tar
  when: aio_install is undefined | default(false)

- import_tasks: tasks/python3-lxc.yml

- name:
  copy:
    content: ""
    dest: /usr/share/lxc/config/rockylinux.common.conf
    mode: '0644'
    owner: root
    group: root

  tags: python3-lxc

- name: "[AIO] Deploy and setup configuration / bootstrap"
  when: aio_install | default('false') | bool
  block:
    - name: Debug - Running AIO bootstrap
      debug:
        var: aio_install

    - name: Run bootstrap aio with included args
      ansible.builtin.shell: scripts/bootstrap-aio.sh
      become: true
      args:
        chdir: /opt/openstack-ansible/
        creates: /etc/openstack_deploy/
      environment:
        SCENARIO: "{{ SCENARIO | default('aio_metal') }}"
      tags:
        - bootstrap
        - aio

          #- name: Create volume group for cinder
          #  lvg:
          #    pv_options: --metadatasize=2048
          #    pvs: "{{ cinder_pv_device | default('/dev/vdb') }}"
          #    vg: cinder-volumes

- name: Copy common openstack configs
  ansible.builtin.copy:
    src: "files/{{ item }}.yml"
    dest: /etc/openstack_deploy/
    mode: '0644'
  with_items:
    - user_lxc
    - user_galera
    - user_debug
  tags: config

- name: manually patch lxc_hosts role to bring in powertools repo
  ansible.builtin.copy:
    src: "files/{{ item }}.yml"
    dest: /etc/ansible/roles/lxc_hosts/tasks/
    mode: '0644'
  with_items:
    - lxc_install_dnf
  tags: config,patch

- name: manually patch os_nova role to kill powervmtools and futures== requiresments
  ansible.builtin.copy:
    src: "files/{{ item }}"
    dest: /tmp/
    mode: '0644'
  with_items:
    - os_nova.patch
  tags: config,patch

- name: patch the thing
  args:
    chdir: /etc/ansible/roles/os_nova/
    creates: /etc/ansible/roles/os_nova/.patched
  ansible.builtin.shell: 'patch -p1 < /tmp/os_nova.patch && touch .patched'


- name: Disable SSH Agent Forwarding
  lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^.*AllowAgentForwarding'
    line: 'AllowAgentForwarding no'
  tags: services
  notify:
    - restart_sshd

- name: Check playbooks
  tags: syntax
  become: true
  ansible.builtin.shell:
    cmd: "openstack-ansible --syntax-check setup-{{ item }}.yml"
  args:
    chdir: /opt/openstack-ansible/playbooks/
  loop:
    - hosts
    - infrastructure
    - openstack
  register: playbooks_res
...