---
- name: retrieve ssh key fingerprints
  delegate_to: localhost
  check_mode: no
  uri:
    url: "https://robot-ws.your-server.de/key"
    method: GET
    user: "{{ install.cloud.credentials.username }}"
    password: "{{ install.cloud.credentials.password }}"
    force_basic_auth: yes
    status_code: 200
  register: sshkeys

- when: hetzner_main_ip is not defined
  block:
  - name: retrieve server list from robot
    delegate_to: localhost
    check_mode: no
    uri:
      url: "https://robot-ws.your-server.de/server"
      method: GET
      user: "{{ install.cloud.credentials.username }}"
      password: "{{ install.cloud.credentials.password }}"
      force_basic_auth: yes
      status_code: 200
    register: servers

  - name: extract server IP address from robot result
    set_fact:
      hetzner_main_ip: "{{ servers.json | hroot_extract_serverip(install.cloud.server_name | default(inventory_hostname)) }}"

- name: do not continue in check mode
  when: ansible_check_mode | bool
  fail:
    msg: "can not bootstrap new servers in check mode"

- name: display warning message
  pause:
    prompt: |
      *** Danger ****
      will be bootstraping host {{ inventory_hostname }} with main IP {{ hetzner_main_ip }} ...
      ALL DATA WILL BE LOST!!! press CTRL-C then A to abort.
    seconds: 15

- name: check if rescue mode is already active
  delegate_to: localhost
  check_mode: no
  uri:
    url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue"
    method: GET
    user: "{{ install.cloud.credentials.username }}"
    password: "{{ install.cloud.credentials.password }}"
    force_basic_auth: yes
    status_code: 200
  register: rescuestatus

### TODO: for now we add all ssh keys that are installed in the robot - this might not be a good idea!
- name: activate rescue mode
  when: not rescuestatus.json.rescue.active
  delegate_to: localhost
  uri:
    url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue"
    method: POST
    user: "{{ install.cloud.credentials.username }}"
    password: "{{ install.cloud.credentials.password }}"
    force_basic_auth: yes
    body: "os=linux&arch=64&authorized_key[]={{ sshkeys.json | hroot_extract_ssh_key_fingerprints | join('&authorized_key[]=') }}"
    status_code: 200
    headers:
      Content-Type: "application/x-www-form-urlencoded"

- name: wait for rescue mode activation
  pause:
    seconds: 5

- name: do a hardware reset
  delegate_to: localhost
  uri:
    url: "https://robot-ws.your-server.de/reset/{{ hetzner_main_ip }}"
    method: POST
    user: "{{ install.cloud.credentials.username }}"
    password: "{{ install.cloud.credentials.password }}"
    force_basic_auth: yes
    body: "type=hw" ## type=sw -> CTRL-ALT-DEL, type=hw -> reset button
    status_code: 200
    headers:
      Content-Type: "application/x-www-form-urlencoded"

### TODO: would be nice to get the SSH host key from robot
- name: completely ignore ssh host keys for now
  set_fact:
    old_ansible_ssh_extra_args: "{{ ansible_ssh_extra_args | default('') }}"
    ansible_ssh_extra_args: "{{ ansible_ssh_extra_args | default('') }} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"

- name: wait for rescue system to start up
  wait_for_connection:
    delay: 30
    timeout: 300

- include_tasks: hetzner_installimage.yml

- name: reboot
  shell: sleep 2 && shutdown -r now "triggered by ansible after running installimage"
  async: 1
  poll: 0
  ignore_errors: True
  changed_when: True