---
- name: Prepare physical machines
  hosts: hypervisors

  handlers:
    - name: enable interfaces
      command:
        cmd: ifup -a

  pre_tasks:
    - name: Delete externally managed environment file
      shell:
        cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"
      register: rm
      changed_when: "rm.rc == 0"
      failed_when: "false"

    - name: Set timezone
      timezone:
        name: Europe/Amsterdam

    - name: Create data directory
      file:
        path: /data
        state: directory
        mode: og=rwx

    - name: Copy interfaces configuration
      template:
        src: dmz.conf.j2
        dest: /etc/network/interfaces.d/dmz.conf
      register: interfaces

    - name: Enable interfaces
      command:
        cmd: ifup -a
      when: interfaces.changed

  roles:
    - {role: setup_apt, tags: setup_apt}
    - {role: libvirt, tags: libvirt}

- name: Setup special services
  hosts: atlas

  pre_tasks:
    - name: Create terraform database
      include_role:
        name: postgresql_database
      vars:
        database_name: terraform_state
        database_user: terraform
        database_password: "{{ terraform_db_password }}"

  roles:
    - {role: ssh_ca, tags: ssh_ca}

- hosts: hypervisors

  roles:
    - {role: ssh_ca_known_hosts, tags: ssh_ca_known_hosts}
    - {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}

- name: Enable backups
  hosts: lewis
  roles:
    - {role: borg, tags: borg}

- hosts: lewis

  tasks:
    - name: Check if swap file exists
      stat:
        path: "{{ swapfile_loc }}"
      register: swapfile

    - name: Create swap file
      block:
        - name: Create file
          command:
            cmd: "dd if=/dev/zero of={{ swapfile_loc }} bs=1024 count=2M"

        - name: Format swap file
          command:
            cmd: "mkswap {{ swapfile_loc }}"
      when: not swapfile.stat.exists

    - name: Mount swap file
      mount:
        src: "{{ swapfile_loc }}"
        path: swap
        fstype: swap
        opts: sw
        state: present