---
- name: server initial command
  hosts: 'new'
  become: yes
  become_method: sudo
  become_user: root
  vars_files:
    - var/registry.yml
  tasks:
    - name: set hosts file
      copy:
        src: hosts
        dest: /etc/hosts
        mode: '0644'

    - name: set shecan dns
      copy:
        src: ../dns/resolv.conf
        dest: /etc/resolv.conf
        owner: root
        group: root
        mode: u=rwx,g=rwx,o=rwx
     
    - name: disable ufw
      shell: ufw disable
    
    - name: disable swap
      shell: swapoff -a

    - name: sid swap off in fstab
      shell: sed -i '/swap/d' /etc/fstab 
    
    - name: set timezone
      shell: timedatectl set-timezone Asia/Tehran
    
    - name: apt-get update
      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600

    - name: add docker key  and add docker repo
      shell: |
        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
    
    
    - name: installing docker dependencies
      apt:
        name: "{{item}}"
        state: present
        update_cache: yes
      with_items:
        - ca-certificates
        - curl
        - gnupg
        - lsb-release
  

        
    - name: installing docker-ce and docker-ce-cli and
      apt:
        name: "{{item}}"
        state: present
        update_cache: yes
      with_items:
        - docker-ce
        - docker-ce-cli
        - containerd.io
    

    - name: start and enable docker and containerd
      service:
        name: "{{item}}"
        state: started
        enabled: yes
      with_items:
        - docker
        - containerd
    
    - name: create the docker user account
      user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
    
    - name: allow 'dockerman' to use sudo without needing a password
      lineinfile:
        dest: /etc/sudoers
        line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
        validate: 'visudo -cf %s'
    
    - name: add user to docker group
      user:
        name: dockerman
        groups: docker
        state: present

    - name: reset and enable docker 
      shell: |
        systemctl daemon-reload
        systemctl restart docker
        systemctl enable docker
    
    - name: Get active primary interface name
      shell: ip route | awk '/default/ { print $5 }'
      register: interface 
    
    - name: Get active primary interface IP
      shell: ip -o -4 addr show dev {{ interface.stdout_lines[0] }} | awk '{print $4}' | cut -d/ -f1
      register: ip_address
    
    # add docker home to enviroment variable
    - name: add docker home to enviroment variable
      shell: echo "export HOST_IP={{ ip_address.stdout_lines[0] }}" >> /home/dockerman/.bashrc
    
    - name: add docker home to enviroment variable
      shell: echo "export INT_NAME={{ interface.stdout_lines[0] }}" >> /home/dockerman/.bashrc

    - name: nfs common
      when: inventory_hostname in groups['workers']
      apt:
        name: nfs-common
        state: present
        update_cache: yes

    - name: login docker
      become: dockerman
      shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}

    - name: add enviroments to all servers
      shell: |
        echo "export ADMIN_USER=nerdguy" >> /etc/environment
        echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment
    
    - name: reboot
      shell: reboot
      ignore_errors: yes