---
- name: create user for dyndns
  user:
    name: dyndns
    home: /var/lib/dyndns
    system: yes
    shell: /bin/false
    generate_ssh_key: yes
    ssh_key_type: ed25519
    ssh_key_comment: "dyndns@{{ host_name }}.{{ host_domain }}"
  register: dyndns_user

- name: install ssh key on server
  delegate_to: "{{ dyndns.server }}"
  lineinfile:
    path: /var/lib/dyndns/.ssh/authorized_keys
    mode: 0600
    regexp: 'command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}"'
    line: 'no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding,no-user-rc,command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}" {{ dyndns_user.ssh_public_key }}'

- name: install ssh config
  template:
    src: ssh_config.j2
    dest: /var/lib/dyndns/.ssh/config
    owner: dyndns
    group: dyndns


  ## TODO: fix me!!!
- name: hack to make known_hosts work (1/2)
  command: "ssh-keyscan -p {{ hostvars[dyndns.server].ansible_port }} {{ hostvars[dyndns.server].host_name }}.{{ hostvars[dyndns.server].host_domain }}"
  args:
    creates: /var/lib/dyndns/.ssh/known_hosts
  check_mode: False
  register: dyndns_ssh_keyscan

- name: hack to make known_hosts work (1/2)
  when: dyndns_ssh_keyscan is changed
  copy:
    content: "{{ dyndns_ssh_keyscan.stdout }}"
    dest: /var/lib/dyndns/.ssh/known_hosts
    owner: dyndns
    group: dyndns
   # fix me


- name: install systemd units
  loop:
  - service
  - timer
  template:
    src: "dyndns.{{ item }}.j2"
    dest: "/etc/systemd/system/dyndns.{{ item }}"

- name: make sure the systemd timer is enabled and running
  systemd:
    daemon_reload: yes
    name: dyndns.timer
    enabled: yes
    state: started