- name: Deploy terraform infrastructure.
  hosts: localhost
  gather_facts: false
  vars_files:
    - ../vault.yml
  tasks:
    - name: Reconfigure and plan.
      community.general.terraform:
        project_path: '../terraform'
        state: "planned"
        plan_file: plan.out
        # init_reconfigure: true
        backend_config: "{{ terraform.backend }}"
        variables: "{{ terraform.variables }}"
        complex_vars: true

    - name: Apply.
      community.general.terraform:
        project_path: '../terraform'
        state: "present"
        plan_file: plan.out
        backend_config: "{{ terraform.backend }}"
        variables: "{{ terraform.variables }}"
        complex_vars: true
      register: terraform_apply

    - name: Create secret directory.
      ansible.builtin.file:
        path: ../dist
        recurse: true
        mode: "0755"
        state: directory

    - name: Send outputs to file.
      ansible.builtin.copy:
        content: "{{ terraform_apply.outputs }}"
        dest: ../dist/terraform_outputs.yml
        mode: '0755'

- name: Update SSH config.
  hosts: localhost
  gather_facts: false
  tags: hosts
  vars_files:
    - ../vault.yml
    - ../dist/terraform_outputs.yml
    - ../variables.yml
  tasks:
    - name: Add Gitea host.
      community.general.ssh_config:
        host: "{{ variables.gitea_host }}"
        hostname: "{{ server_ip.value }}"
        remote_user: root
        forward_agent: true
        user: user
        port: 2222
        identity_file: "{{ secret.private_gitea_ssh_key_path }}"

    - name: Add Runner host.
      community.general.ssh_config:
        host: "{{ variables.runner_host }}"
        remote_user: root
        user: user
        identity_file: "{{ secret.private_runner_ssh_key_path }}"
        proxyjump: "{{ variables.gitea_host }}"
        hostname: 10.0.10.17