---
- name: Step 003 - Create env key
  hosts: localhost
  connection: local
  gather_facts: false
  become: false
  tags:
  - step003
  - generate_env_keys
  tasks:
  - name: Generate SSH keys
    shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N ""
    args:
      creates: "{{output_dir}}/{{env_authorized_key}}"
    when: set_env_authorized_key | bool

  - name: fix permission
    file:
      path: "{{output_dir}}/{{env_authorized_key}}"
      mode: 0400
    when: set_env_authorized_key | bool

  - name: Generate SSH pub key
    shell: ssh-keygen -y -f "{{output_dir}}//{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub"
    args:
      creates: "{{output_dir}}/{{env_authorized_key}}.pub"
    when: set_env_authorized_key | bool

# Cloudformation template or equivalent should tag all hosts with Project:{{ env_type }}-{{ guid }}
- name: Configure all hosts with Repositories, Common Files and Set environment key
  hosts:
  - all:!windows
  become: true
  gather_facts: false
  tags:
  - step004
  - common_tasks
  roles:
  - { role: "set-repositories",       when: 'repo_method is defined' }
  - { role: "common",                 when: 'install_common | bool' }
  - { role: "set_env_authorized_key", when: 'set_env_authorized_key | bool' }

- name: Configuring Bastion Hosts
  hosts: bastions
  become: true
  tags:
  - step004
  - bastion_tasks
  roles:
  - { role: "bastion-lite",         when: 'install_bastion | bool' }
  - { role: "bastion-student-user", when: 'install_student_user | bool' }
  - { role: "bastion-opentlc-ipa",  when: 'install_ipa_client | bool' }

- name: Configuring Ruby on Bastion Hosts
  hosts: bastions
  become: true
  gather_facts: False
  tasks:
  - when: (install_ruby | bool) or (install_3scale | bool)
    include_role:
      name: ruby
    vars:
      rvm1_rubies: ['ruby-2.6.3']
      rvm1_install_flags: '--auto-dotfiles'  # Remove --user-install from defaults
      rvm1_install_path: /usr/local/rvm         # Set to system location
      rvm1_user: root                            # Need root account to access system location
  tags:
  - step004
  - ruby_tasks

- name: Configuring 3scale toolbox 
  hosts: bastions
  become: true
  tags:
  - step004
  - 3scale_toolbox_tasks
  roles:
  - { role: "bastion-3scale",         when: 'install_3scale | bool' }

- name: PreSoftware flight-check
  hosts: localhost
  connection: local
  gather_facts: false
  become: false
  tags:
  - flight_check
  tasks:
  - debug:
      msg: "Pre-Software checks completed successfully"