#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Set up system for Ansible
  block:
  - name: Install Ansible-required packages via apt
    apt:
      name: "{{ packages }}"
    vars:
      packages:
      - python3-pip
      - python3-boto
      - python3-boto3
      - python3-botocore
      - python3-setuptools
      - python-pip
      - python-boto
      - python-boto3
      - python-botocore
      - python-setuptools
  - name: Install Ansible-required packages via pip
    pip:
      name: "{{ packages }}"
      state: latest
    vars:
      packages:
      - ansible
  - name: Create .aws directory for root
    file:
      path: ~/.aws
      state: directory
  - name: Copy AWS credentials
    copy:
      src: awscredentials
      dest: ~/.aws/credentials
      mode: "0600"
  - name: Copy Ansible private key
    copy:
      src: ansiblekey
      dest: ~/.ssh/ansible
      mode: "0600"
  - name: Copy Ansible password file
    copy:
      src: ansiblevaultpass
      dest: /root/ansiblevaultpass
      mode: "0600"
  - name: Create system copy of Ansible repo
    git:
      repo: https://gitlab.com/rehashedsalt/ansible
      dest: /opt/ansible-repo
  - name: Set up pull and run cronjob
    cron:
      minute: "0"
      hour: "*/12"
      name: ansible-pull
      job: "cd /opt/ansible-repo && HOME=/root /usr/local/bin/ansible-playbook ec2.yml --vault-password-file /root/ansiblevaultpass > /var/log/ansible-pull.log 2>&1"
  become: true