- name: Deploy terraform infrastructure.
  hosts: localhost
  gather_facts: false
  vars_files:
    - ../vault.yml
  tasks:
    - name: Reconfigure and plan.
      community.general.terraform:
        project_path: '../terraform'
        state: "planned"
        plan_file: plan.out
        init_reconfigure: true
        force_init: true
        backend_config: "{{ terraform.backend }}"
        variables: "{{ terraform.variables }}"
        complex_vars: true

    - name: Apply.
      community.general.terraform:
        project_path: '../terraform'
        state: "present"
        plan_file: plan.out
        backend_config: "{{ terraform.backend }}"
        variables: "{{ terraform.variables }}"
        complex_vars: true
      register: terraform_apply

    - name: Create secret directory.
      ansible.builtin.file:
        path: ../dist
        recurse: true
        mode: "0755"
        state: directory

    - name: Send outputs to file.
      ansible.builtin.copy:
        content: "{{ terraform_apply.outputs }}"
        dest: ../dist/terraform_outputs.yml
        mode: '0755'


- name: Update SSH config.
  hosts: localhost
  gather_facts: false
  tags: hosts
  vars_files:
    - ../vault.yml
    - ../dist/terraform_outputs.yml
    - ../variables.yml
  tasks:
    - name: Add proxy host.
      community.general.ssh_config:
        host: "{{ variables.proxy_host }}"
        hostname: "{{ proxy_ip.value }}"
        remote_user: root
        forward_agent: true
        user: user
        port: 22
        identity_file: "{{ secret.private_ssh_key_path }}"