- name: check/create instance
  hosts: copr_pulp_dev_aws:copr_pulp_aws
  gather_facts: False

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

  tasks:
  # - import_tasks: "{{ tasks_path }}/persistent_cloud.yml"
  #   when: datacenter != 'aws'

  - import_tasks: "{{ tasks_path }}/aws_cloud.yml"
    when: datacenter == 'aws'

  # TODO Remove in favor of base/tasks/main.yml
  - name: install platform-python
    package: name={{ item }} state=present
    with_items:
    - platform-python
    become: true

  # TODO Remove in favor of base/tasks/main.yml
  - name: symlink /usr/bin/python to /usr/bin/python3
    alternatives:
      name: python
      link: /usr/bin/python
      path: /usr/bin/python3
    become: true

  # TODO Move this to base/tasks/main.yml
  - name: install iptables-services
    package: name=iptables-services state=present
    become: true

  # TODO Postfix should have probably been installed by base/tasks/main.yml
  # but it wasn't for this instance
  - name: install postfix
    package: name=postfix state=present
    become: true

  - name: Temporarily dump keys so we can add them to bitwarden
    copy:
      content: "{{ copr_dev_pulp_default_admin_password }}"
      dest: /tmp/pulp_default_admin_password
      mode: 000

- name: cloud basic setup
  hosts: copr_pulp_dev_aws:copr_pulp_aws
  become: true
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  tasks:
  - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
  - name: set hostname (required by some services, at least postfix need it)
    hostname: name="{{copr_hostbase}}.cloud.fedoraproject.org"
    when: datacenter != "aws"

- name: provision instance
  hosts: copr_pulp_dev_aws:copr_pulp_aws
  become: true
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - base
  - nagios_client
  - copr/copr-devel-server
  - copr/pulp


- name: Use pulp_installer collection
  hosts: copr_pulp_dev_aws:copr_pulp_aws
  become: true
  gather_facts: True

  collections:
    - pulp.pulp_installer

  roles:
    - pulp_all_services

  environment:
    DJANGO_SETTINGS_MODULE: pulpcore.app.settings

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  vars:
    pulp_settings:
      # Production key is `copr_pulp_secret_key`
      secret_key: "{{ copr_dev_pulp_secret_key }}"
      content_origin: "https://{{ ansible_fqdn }}"

    # Production key is `copr_pulp_default_admin_password`
    pulp_default_admin_password: "{{ copr_dev_pulp_default_admin_password }}"

    pulp_workers: 1
    # pulp_configure_firewall: none

    pulp_install_plugins:
      # galaxy-ng:
      # pulp-2to3-migration:
      # pulp-ansible:
      # pulp-certguard:
      # pulp-container:
      # pulp-cookbook:
      # pulp-deb:
      # pulp-file:
      # pulp-gem:
      # pulp-maven:
      # pulp-npm:
      # pulp-python:
      pulp-rpm:

    # We have some issue with
    # ModuleNotFoundError: No module named 'selinux'
    # and installing `python3-libselinux` or `selinux` inside of
    # `source /usr/local/lib/pulp/bin/activate` doesn't help
    pulp_install_selinux_policies: false