---
# Copyright 2016, Rackspace US, Inc.
# Copyright 2017, SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

lxc_hosts_external_repo:
  - name: "OBS:Virtualization:containers"
    uri: "{{ lxc_hosts_opensuse_mirror_obs_url }}/repositories/Virtualization:/containers/openSUSE_Leap_{{ ansible_distribution_version }}/"

system_config_dir: "/etc/sysconfig"
systemd_utils_prefix: "/usr/lib/systemd"

# Required rpm packages.
lxc_hosts_distro_packages:
  - apparmor-parser
  - apparmor-profiles
  - apparmor-utils
  - aria2
  - bridge-utils
  - btrfsprogs
  - dnsmasq
  - git-core
  - libseccomp2
  - lxc
  - liblxc-devel
  - xz

lxc_xz_bin: xz

lxc_cache_map:
  distro: opensuse
  arch: amd64
  release: "{{ ansible_distribution_version }}"
  copy_from_host:
    - /etc/environment
    - /etc/localtime
    - /etc/zypp/repos.d/repo-oss.repo
    - /etc/zypp/repos.d/repo-update.repo
  cache_prep_commands: |
    {{ lxc_cache_prep_pre_commands }}
    mkdir -p /etc/ansible/facts.d/
    if [ -a /etc/resolv.conf ]; then
      mv /etc/resolv.conf /etc/resolv.conf.org
    fi
    {% for resolver in lxc_cache_prep_dns %}
    echo "nameserver {{ resolver }}" >> /etc/resolv.conf
    {% endfor %}
    # We have (tried to!) copied repo-oss and repo-update from the host so wipe everything else.
    find /etc/zypp/repos.d/ -type f ! -name "repo-oss.repo" -a ! -name "repo-update.repo" -delete
    zypper lr | grep -q 'repo-oss' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/distribution/leap/{{ ansible_distribution_version }}/repo/oss repo-oss
    zypper lr | grep -q 'repo-update' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/update/leap/{{ ansible_distribution_version }}/oss/ repo-update
    # Disable recommended packages. Only update what's really needed
    if ! fgrep -qx "solver.onlyRequires = true" /etc/zypp/zypp.conf; then
        echo -e "\n\n## Disable recommended packages\nsolver.onlyRequires = true" >> /etc/zypp/zypp.conf
    fi
    # Update base distribution
    zypper --gpg-auto-import-keys -n dup --force-resolution -l
    zypper --gpg-auto-import-keys -n in --force-resolution -l {{ lxc_cache_distro_packages | join(' ') }}
    mkdir -p /var/backup
    echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
    chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
    if [ -a /etc/resolv.conf.org ]; then
      mv /etc/resolv.conf.org /etc/resolv.conf
    else
      rm -f /etc/resolv.conf
    fi
    # NOTE(hwoarang): Enable sshd which has been explicitely disabled in
    # https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba
    systemctl -q unmask sshd
    systemctl -q enable sshd
    {{ lxc_cache_prep_post_commands }}

_lxc_cache_distro_packages:
  - ca-certificates-mozilla
  - cronie
  - openssh
  - python
  - python-xml
  - rsync
  - sudo
  - tar
  - wget
  - which

lxc_cached_network_interfaces:
  - src: "lxc-net-suse-bridge.cfg.j2"
    dest: "/etc/sysconfig/network/ifcfg-{{ lxc_net_bridge }}"
  - src: "lxc-net-suseredhat-postdown.cfg.j2"
    dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}"
    mode: "0755"
    interface: "${1}"

lxc_container_default_interfaces: |
  STARTMODE=auto
  BOOTPROTO=dhcp