cleanup hetzner cloud-install

3 files changed, 52 insertions, 40 deletions

diff --git a/roles/cloud/install/tasks/hcloud.yml b/roles/cloud/install/tasks/hcloud.yml
index 7e87c114..983b3dec 100644
--- a/roles/cloud/install/tasks/hcloud.yml
+++ b/roles/cloud/install/tasks/hcloud.yml
@@ -1,5 +1,7 @@
 ---
 - name: retrieve ssh key ids
+  delegate_to: localhost
+  check_mode: no
   uri:
     url: "https://api.hetzner.cloud/v1/ssh_keys"
     method: GET
@@ -7,9 +9,10 @@
       Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}"
     status_code: 200
   register: sshkeys
-  delegate_to: localhost
 
 - name: retrieve server id and check if rescue mode is already active
+  delegate_to: localhost
+  check_mode: no
   uri:
     url: "https://api.hetzner.cloud/v1/servers?name={{ install_cooked.cloud.server_name | default(inventory_hostname) }}"
     method: GET
@@ -17,17 +20,29 @@
       Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}"
     status_code: 200
   register: serverstatus
-  delegate_to: localhost
+
+- name: do not continue if we found no or multiple servers
+  when: (serverstatus.json.servers | length) != 1
+  fail:
+    msg: "hcloud API returned {{ serverstatus.json.servers | length }} servers"
 
 - name: do not continue in check mode
+  when: ansible_check_mode | bool
   fail:
     msg: "can not bootstrap new servers in check mode"
-  when: ansible_check_mode | bool
-  check_mode: no
+
+- name: display warning message
+  pause:
+    prompt: |
+      *** Danger ****
+      will be bootstraping host {{ inventory_hostname }} with main IP {{ serverstatus.json.servers[0].public_net.ipv4.ip }} ...
+      ALL DATA WILL BE LOST!!! press CTRL-C then A to abort.
+    seconds: 15
 
 ### TODO: for now we add all ssh keys that are installed for this project - this might not be a good idea!
 - name: activate rescue mode
   when: not serverstatus.json.servers[0].rescue_enabled
+  delegate_to: localhost
   uri:
     url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/enable_rescue"
     method: POST
@@ -36,21 +51,19 @@
       Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}"
       Content-Type: "application/json"
     status_code: 201
-  delegate_to: localhost
 
-## TODO: remove this once the task below is fixed
-- pause:
-    prompt: Please reset the server {{ install_cooked.cloud.server_name | default(inventory_hostname) }} and press enter...
+- name: wait for rescue mode activation
+  pause:
+    seconds: 5
 
-### TODO this does not work????
-# - name: do a hardware reset
-#   uri:
-#     url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/reset"
-#     method: POST
-#     headers:
-#       Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}"
-#     status_code: 201
-#   delegate_to: localhost
+- name: do a hardware reset
+  delegate_to: localhost
+  uri:
+    url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/reset"
+    method: POST
+    headers:
+      Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}"
+    status_code: 201
 
 ### TODO: would be nice to get the SSH host key from robot
 - name: completely ignore ssh host keys for now
@@ -63,7 +76,7 @@
     delay: 30
     timeout: 120
 
-- include_tasks: hetzner_installimage.yml
+- import_tasks: hetzner_installimage.yml
 
 - name: reboot
   shell: sleep 2 && shutdown -r now "triggered by ansible after running installimage"
diff --git a/roles/cloud/install/tasks/hetzner_installimage.yml b/roles/cloud/install/tasks/hetzner_installimage.yml
index 19f3a16f..5704b200 100644
--- a/roles/cloud/install/tasks/hetzner_installimage.yml
+++ b/roles/cloud/install/tasks/hetzner_installimage.yml
@@ -1,12 +1,12 @@
 ---
 - name: determine latest image name
+  check_mode: no
+  args:
+    executable: /bin/bash
   shell: |
     set -o pipefail
     shopt -s nocaseglob
     ls /root/.oldroot/nfs/images/{{ install_distro }}-*-{{ install_codename }}-64-minimal.tar.gz | sort -r | head -n 1
-  args:
-    executable: /bin/bash
-  check_mode: no
   changed_when: false
   register: latest_image
 
@@ -22,16 +22,16 @@
     mode: 0755
 
 - name: run installimage
-  command: /root/.oldroot/nfs/install/installimage -a -c installimage.conf -x postinst.sh
-  register: hetzner_installimage_cmd
   args:
     chdir: /root
+  command: /root/.oldroot/nfs/install/installimage -a -c installimage.conf -x postinst.sh
+  register: hetzner_installimage_cmd
 
 - name: print installimage output
   debug:
     msg: "{{ hetzner_installimage_cmd.stdout_lines + hetzner_installimage_cmd.stderr_lines }}"
 
 - name: check if installimage succeeded
+  when: "hetzner_installimage_cmd.rc != 0 or 'postinst.sh finished successfully' not in hetzner_installimage_cmd.stdout_lines"
   fail:
     msg: failed to run installimage
-  when: "hetzner_installimage_cmd.rc != 0 or 'postinst.sh finished successfully' not in hetzner_installimage_cmd.stdout_lines"
diff --git a/roles/cloud/install/tasks/hroot.yml b/roles/cloud/install/tasks/hroot.yml
index 9124f44a..b7d511a0 100644
--- a/roles/cloud/install/tasks/hroot.yml
+++ b/roles/cloud/install/tasks/hroot.yml
@@ -1,5 +1,7 @@
 ---
 - name: retrieve ssh key fingerprints
+  delegate_to: localhost
+  check_mode: no
   uri:
     url: "https://robot-ws.your-server.de/key"
     method: GET
@@ -8,18 +10,12 @@
     force_basic_auth: yes
     status_code: 200
   register: sshkeys
-  delegate_to: localhost
-  check_mode: no
-
-- name: do not continue in check mode
-  fail:
-    msg: "can not bootstrap new servers in check mode"
-  when: ansible_check_mode | bool
-  check_mode: no
 
 - when: hetzner_main_ip is not defined
   block:
   - name: retrieve server list from robot
+    delegate_to: localhost
+    check_mode: no
     uri:
       url: "https://robot-ws.your-server.de/server"
       method: GET
@@ -28,13 +24,16 @@
       force_basic_auth: yes
       status_code: 200
     register: servers
-    delegate_to: localhost
-    check_mode: no
 
   - name: extract server IP address from robot result
     set_fact:
       hetzner_main_ip: "{{ servers.json | hroot_extract_serverip(install_cooked.cloud.server_name | default(inventory_hostname)) }}"
 
+- name: do not continue in check mode
+  when: ansible_check_mode | bool
+  fail:
+    msg: "can not bootstrap new servers in check mode"
+
 - name: display warning message
   pause:
     prompt: |
@@ -44,6 +43,8 @@
     seconds: 15
 
 - name: check if rescue mode is already active
+  delegate_to: localhost
+  check_mode: no
   uri:
     url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue"
     method: GET
@@ -52,12 +53,11 @@
     force_basic_auth: yes
     status_code: 200
   register: rescuestatus
-  delegate_to: localhost
-  check_mode: no
 
 ### TODO: for now we add all ssh keys that are installed in the robot - this might not be a good idea!
 - name: activate rescue mode
   when: not rescuestatus.json.rescue.active
+  delegate_to: localhost
   uri:
     url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue"
     method: POST
@@ -68,13 +68,13 @@
     status_code: 200
     headers:
       Content-Type: "application/x-www-form-urlencoded"
-  delegate_to: localhost
 
-- name: wait for the rescue mode to become active
+- name: wait for rescue mode activation
   pause:
     seconds: 5
 
 - name: do a hardware reset
+  delegate_to: localhost
   uri:
     url: "https://robot-ws.your-server.de/reset/{{ hetzner_main_ip }}"
     method: POST
@@ -85,7 +85,6 @@
     status_code: 200
     headers:
       Content-Type: "application/x-www-form-urlencoded"
-  delegate_to: localhost
 
 ### TODO: would be nice to get the SSH host key from robot
 - name: completely ignore ssh host keys for now
@@ -98,7 +97,7 @@
     delay: 30
     timeout: 120
 
-- include_tasks: hetzner_installimage.yml
+- import_tasks: hetzner_installimage.yml
 
 - name: reboot
   shell: sleep 2 && shutdown -r now "triggered by ansible after running installimage"