---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Generate apt keys from LXC host for the container cache
  shell: apt-key exportall > /root/repo.keys
  changed_when: False
  when:
    - ansible_pkg_mgr == 'apt'
  tags:
    - lxc-cache
    - lxc-cache-apt-keys

# TODO(evrardjp): replace this with a copy with remote_src: True
# when ansible2.0 will be supported
- name: Rsyncing files from the LXC host to the container cache
  shell: |
    if [[ -e "{{ item }}" ]]; then
      rsync -av "{{ item }}" "/var/lib/lxc/LXC_NAME/rootfs{{ item }}"
    fi
  args:
    executable: "/bin/bash"
  with_items: "{{ lxc_cache_map.copy_from_host }}"
  tags:
    - lxc-cache
    - skip_ansible_lint

- name: Copy files from deployment host to the container cache
  copy:
    src: "{{ item.src }}"
    dest: "/var/lib/lxc/LXC_NAME/rootfs{{ item.dest | default(item.src) }}"
    owner: "{{ item.owner | default('root') }}"
    group: "{{ item.group | default('root') }}"
    mode: "{{ item.mode | default('0644') }}"
  with_items: "{{ lxc_container_cache_files }}"
  tags:
    - lxc-cache
    - lxc-cache-copy-files

- name: Cached image preparation script
  copy:
    content: |
      #!/usr/bin/env bash
      set -e -x
      {{ lxc_cache_map.cache_prep_commands }}
    dest: "/var/lib/lxc/LXC_NAME/rootfs/usr/local/bin/cache-prep-commands.sh"
    mode: "0755"
  tags:
    - lxc-cache
    - lxc-cache-update

# This task runs several commands against the cached image to speed up the
# lxc_container_create playbook.
- name: Prepare cached image setup commands
  command: "chroot /var/lib/lxc/LXC_NAME/rootfs /usr/local/bin/cache-prep-commands.sh"
  changed_when: false
  tags:
    - lxc-cache
    - lxc-cache-update

- name: Adjust sshd configuration in container
  lineinfile:
    dest: "/var/lib/lxc/LXC_NAME/rootfs/etc/ssh/sshd_config"
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    state: present
  with_items: "{{ lxc_cache_sshd_configuration }}"
  tags:
    - lxc-cache
    - lxc-cache-update

- name: Obtain the deploy system's ssh public key
  set_fact:
    lxc_container_ssh_key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
  when: lxc_container_ssh_key is not defined
  tags:
    - lxc-cache
    - lxc-cache-update

- name: Deploy ssh public key into the cached image
  lineinfile:
    dest: "/var/lib/lxc/LXC_NAME/rootfs/root/.ssh/authorized_keys"
    line: "{{ lxc_container_ssh_key }}"
    create: true
  tags:
    - lxc-cache
    - lxc-cache-update

- name: Remove generated apt keys from LXC host
  file:
    path: /root/repo.keys
    state: absent
  when:
    - ansible_pkg_mgr == 'apt'
  changed_when: False
  tags:
    - lxc-cache
    - lxc-cache-apt-keys

- name: Remove requiretty for sudo on centos
  template:
    dest: "/var/lib/lxc/LXC_NAME/rootfs/etc/sudoers.d/openstack-ansible"
    owner: root
    group: root
    mode: "0440"
    src: sudoers.j2
  when:
    - ansible_pkg_mgr == 'yum'