# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Find reachable hosts
  hosts: node_inventory
  gather_facts: false
  ignore_unreachable: true
  ignore_errors: true
  tasks:
    - name: Check for reachable nodes
      command: ping -c1 {{ inventory_hostname }}
      delegate_to: localhost
      register: ping_result
      ignore_errors: yes
      changed_when: false

    - name: Refresh ssh keys
      command: ssh-keygen -R {{ inventory_hostname }}
      delegate_to: localhost
      changed_when: false

    - name: Group reachable hosts
      group_by:
        key: "reachable"
      when: "'100% packet loss' not in ping_result.stdout"

- name: Get provision password
  hosts: localhost
  connection: local
  gather_facts: false
  tasks:
    - name: Include vars file of inventory role
      include_vars: ../vars/main.yml

    - name: Check if omnia config file is encrypted
      command: "cat {{ omnia_config_file }}"
      changed_when: false
      register: config_content
      no_log: true

    - name: Decrpyt omnia_config.yml
      command: >-
        ansible-vault decrypt "{{ omnia_config_file }}"
        --vault-password-file "{{ omnia_config_vault_file }}"
      when: "'$ANSIBLE_VAULT;' in config_content.stdout"

    - name: Include vars file of inventory role
      include_vars: "{{ omnia_config_file }}"

- name: Set hostname for reachable nodes and gather facts
  hosts: reachable
  gather_facts: False
  ignore_unreachable: true
  remote_user: "{{ host_username }}"
  vars:
    ansible_password: "{{ host_password }}"
    ansible_become_pass: "{{ host_password }}"
    ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
    mapping_file_present: ""
  tasks:
    - name: Setup
      setup:
       filter: ansible_*

    - name: Check hostname of server
      command: hostname
      register: hostname_check
      changed_when: false
      ignore_errors: true
      
    - name: Check if IP is present in mapping file
      command: grep "{{ inventory_hostname }}" ../../provision_cobbler/files/new_host_mapping_file.csv
      delegate_to: localhost
      register: file_present
      when: mapping_file | bool == true
      ignore_errors: true

    - name: Set fact if mapping file is present
      set_fact:
        mapping_file_present: "{{ file_present.stdout }}"
      when: mapping_file | bool == true
      ignore_errors: true

    - name: Get the static hostname from mapping file
      shell: awk -F',' '$3 == "{{ inventory_hostname }}" { print $2 }' ../../provision_cobbler/files/new_host_mapping_file.csv
      delegate_to: localhost
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout ) 
        - ( mapping_file_present != "" ) 
        - ( mapping_file | bool == true )
      register: host_name
      ignore_errors: true

    - name: Set the hostname from mapping file
      command: hostnamectl set-hostname "{{ host_name.stdout + '.' + hostvars['localhost']['domain_name'] }}"
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout ) 
        - ( mapping_file_present != "" ) 
        - ( mapping_file | bool == true )
      ignore_errors: true

    - name: Set the hostname if hostname not present mapping file
      command: hostnamectl set-hostname "compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] + '.' + hostvars['localhost']['domain_name'] }}"
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout )
        - ( file_present.rc is defined ) 
        - ( file_present.rc != 0 ) 
        - ( mapping_file | bool == true )
      ignore_errors: true

    - name: Set the system hostname if mapping file not present
      command: hostnamectl set-hostname "compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1]+'.'+ hostvars['localhost']['domain_name'] }}"
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout ) 
        - ( mapping_file | bool == false )
      ignore_errors: true

    - name: Add new hostname to /etc/hosts from mapping file
      lineinfile:
        dest: /etc/hosts
        line: "{{ inventory_hostname }} {{ host_name.stdout + '.' + hostvars['localhost']['domain_name'] }}"
        state: present
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout ) 
        - ( mapping_file_present != "" ) 
        - ( mapping_file | bool == true )
      ignore_errors: true

    - name: Add new hostname to /etc/hosts if hostname not present mapping file
      lineinfile:
        dest: /etc/hosts
        line: "{{ inventory_hostname }} compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1]+'.'+ hostvars['localhost']['domain_name'] }}"
        state: present
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout )
        - ( file_present.rc is defined ) 
        - ( file_present.rc != 0 ) 
        - ( mapping_file | bool == true )
      ignore_errors: true

    - name: Add new hostname to /etc/hosts if mapping file not present
      lineinfile:
        dest: /etc/hosts
        line: "{{ inventory_hostname }} compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] +'.'+ hostvars['localhost']['domain_name'] }}"
        state: present
      when: 
        - ( hostname_check.stdout is defined )
        - ( 'localhost' in hostname_check.stdout ) 
        - ( mapping_file | bool == false )
      ignore_errors: true

    - name: Initialize service tag
      set_fact:
        service_tag: "Not Found"

    - name: Install dmidecode package
      package:
        name: dmidecode
        state: present

    - name: Get service tag
      shell: >
          set -o pipefail && \
          dmidecode -t 1 | grep Serial
      changed_when: false
      failed_when: false
      register: service_tag_details
      when: hostname_check.stdout is defined

    - name: Set fact service tag
      set_fact:
        service_tag: "{{ service_tag_details.stdout.split(':')[1].strip() }}"
      when: service_tag_details.stdout is defined

- name: Update inventory
  hosts: reachable
  connection: local
  gather_facts: false
  tasks:
    - name: Encrypt omnia_config.yml file
      command: >-
        ansible-vault encrypt "{{ hostvars['localhost']['omnia_config_file'] }}"
        --vault-password-file "{{ hostvars['localhost']['omnia_config_vault_file'] }}"
      changed_when: false
      delegate_to: localhost
      run_once: true

    - name: Update omnia_config.yml permissions
      file:
        path: "{{ hostvars['localhost']['omnia_config_file'] }}"
        mode: "{{ hostvars['localhost']['file_perm'] }}"
      delegate_to: localhost
      run_once: true

    - name: Check if tower_config_file file is encrypted
      command: cat "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
      changed_when: false
      no_log: true
      register: tower_config_content
      delegate_to: localhost
      run_once: true

    - name: Decrypt tower_config_file
      command: >-
        ansible-vault decrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
        --vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key"
      changed_when: false
      when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout"
      delegate_to: localhost
      run_once: true

    - name: Change file permissions - tower_config_file
      file:
        path: "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
        mode: "{{ hostvars['localhost']['file_perm'] }}"
      delegate_to: localhost
      run_once: true

    - name: Fetch awx host
      command: grep "host:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
      register: fetch_awx_host
      changed_when: false
      delegate_to: localhost
      run_once: true

    - name: Fetch awx username
      command: grep "username:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
      register: fetch_awx_username
      changed_when: false
      run_once: true
      delegate_to: localhost
      run_once: true

    - name: Fetch awx password
      command: grep "password:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
      register: fetch_awx_password
      changed_when: false
      run_once: true
      delegate_to: localhost
      run_once: true

    - name: Set awx variables
      set_fact:
        awx_host: "{{ fetch_awx_host.stdout | regex_replace('host: ','') }}"
        awx_username: "{{ fetch_awx_username.stdout | regex_replace('username: ','') }}"
        awx_password: "{{ fetch_awx_password.stdout | regex_replace('password: ','') }}"
      no_log: true

    - name: Encrypt tower_config_file
      command: >-
        ansible-vault encrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
        --vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key"
      changed_when: false
      when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout"
      run_once: true
      delegate_to: localhost
      run_once: true

    - name: Change file permissions - tower_config_file
      file:
        path: "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
        mode: "{{ hostvars['localhost']['file_perm'] }}"
      delegate_to: localhost
      run_once: true

    - name: Fetch facts and add new hosts
      include_tasks: add_host.yml