#################################################
# DO Community Playbooks: Docker
#################################################
---
- hosts: all
  become: true
  vars_files:
    - vars/pies.yml

  tasks:
    # - name: Check if LCD Rotated
    #   shell: grep -c "lcd_rotate=2" /boot/config.txt || true
    #   register: lcd_rotate_test

    # - name: rotate the lcd
    #   lineinfile:
    #     dest: /boot/config.txt
    #     line: lcd_rotate=2
    #   when: lcd_rotate_test.stdout == "0"

    - name: Update the hostname file
      replace:
        path: /etc/hostname
        regexp: '(\s*)raspberrypi(\s+.*)?$'
        replace: "\\1{{ hostname }}\\2"
        backup: yes

    - name: Update the hosts file
      replace:
        path: /etc/hosts
        regexp: '(\s+)raspberrypi(\s+.*)?$'
        replace: "\\1{{ hostname }}\\2"
        backup: yes

    - name: Ensure SSH Directory exists
      file:
          path: "/home/{{ user }}/.ssh"
          state: directory
          group: "{{ user }}"
          owner: "{{ user }}"
          mode: 0700

    - name: Ensure authorized_keys file exists
      copy:
        content: ""
        dest: "/home/{{ user }}/.ssh/authorized_keys"
        force: no
        group: "{{ user }}"
        owner: "{{ user }}"
        mode: 0644

    - name: Check Terminus public key
      shell: "grep -c \"{{ terminus_key }}\" /home/{{ user }}/.ssh/authorized_keys || true"
      register: terminuskey_test

    - name: Add Terminus public key
      lineinfile:
        dest: "/home/{{ user }}/.ssh/authorized_keys"
        line: "{{ terminus_key }}"
      when: terminuskey_test.stdout == "0"

    - name: Check rohan public key
      shell: "grep -c \"{{ rohan_key }}\" /home/{{ user }}/.ssh/authorized_keys || true"
      register: rohankey_test

    - name: Add Rohan public key
      lineinfile:
        dest: "/home/{{ user }}/.ssh/authorized_keys"
        line: "{{ rohan_key }}"
      when: rohankey_test.stdout == "0"

    - name: Check Anjin public key
      shell: "grep -c \"{{ anjin_key }}\" /home/{{ user }}/.ssh/authorized_keys || true"
      register: anjin_key_test

    - name: Add Anjin public key
      lineinfile:
        dest: "/home/{{ user }}/.ssh/authorized_keys"
        line: "{{ anjin_key }}"
      when: anjin_key_test.stdout == "0"

    - name: Update the sshd config file to disable password logins
      replace:
        path: /etc/ssh/sshd_config
        regexp: '(\s+)#PasswordAuthentication yes(\s+.*)?$'
        replace: "\\1PasswordAuthentication no\\2"
        backup: yes

    - name: Check if .ssh config file exists
      stat:
        path: "/home/{{ user }}/.ssh/config"
      register: config_status

    - name: No need to upload the .ssh config
      when: config_status.stat.exists == true
      debug:
        msg: No need to upload the .ssh config as it already exists.

    - name: Upload the .ssh config file
      when: config_status.stat.exists == false
      template:
        src: "files/config"
        dest: "/home/{{ user }}/.ssh/config"
        group: "{{ user }}"
        owner: "{{ user }}"
        mode: 0644

    - name: Check if ed25519 key exists
      stat:
        path: "/home/{{ user }}/.ssh/id_ed25519"
      register: key_status

    - name: No need to generate new ed25519 key
      when: key_status.stat.exists == true
      debug:
        msg: No need to generate new ed25519 key as it already exists.

    - name: Generate new id_ed25519 key
      when: key_status.stat.exists == false
      become: yes
      become_user: "{{ user }}"
      shell: ssh-keygen -t ed25519 -q -f "/home/{{ user }}/.ssh/id_ed25519" -C "{{ user }}@{{ hostname }} $(date '+%Y.%m.%d')" -N ""

    - name: Install Docker
      shell: curl -sSL https://get.docker.com | sh

    - name: Install matchbox-keyboard
      package:
        name: matchbox-keyboard
        state: latest

    - name: Install python3-docker
      package:
        name: python3-docker
        state: latest

    - name: adding user to group docker
      user:
        name: "{{ user }}"
        groups: docker
        append: yes

    - name: adding user to group lp (line printers)
      user:
        name: "{{ user }}"
        groups: lp
        append: yes

    - name: install rohan-redis-tunnel systemd unit file
      template:
        src: "files/rohan-redis-tunnel.service"
        dest: "/etc/systemd/system/rohan-redis-tunnel.service"

    - name: enable service rohan-redis-tunnel and ensure it is not masked
      systemd:
        name: rohan-redis-tunnel
        enabled: yes
        masked: no

    - name: Make sure rohan-redis-tunnel service is running
      systemd:
        state: started
        name: rohan-redis-tunnel

    - name: install leardal systemd unit file
      template:
        src: "files/leardal.service"
        dest: "/etc/systemd/system/leardal.service"

    - name: enable service leardal and ensure it is not masked
      systemd:
        name: leardal
        enabled: yes
        masked: no

    - name: Make sure leardal service is running
      systemd:
        state: started
        name: leardal