---

- hosts: all
  tasks:

    - name: Update all caches to avoid errors due to missing remote archives
      apt:
        update_cache: yes

- hosts: helper
  tasks:

    - name: Install apt-cacher-ng
      apt:
        name: apt-cacher-ng
        state: installed

    - name: Set-up SSH directory
      file:
        path: /home/vagrant/.ssh/
        state: directory
        owner: vagrant
        group: vagrant
        mode: 0700

    - name: Deploy SSH client private keys
      copy:
        src: "{{ item.key }}"
        dest: "{{ item.value }}"
        owner: vagrant
        group: vagrant
        mode: 0600
      with_dict:
        "tests/data/ssh/clientkey1": "/home/vagrant/.ssh/clientkey1"
        "tests/data/ssh/clientkey2": "/home/vagrant/.ssh/clientkey2"
        "tests/data/ssh/clientkey3": "/home/vagrant/.ssh/clientkey3"

    - name: Deploy SSH client configuration
      copy:
        src: "tests/data/ssh/ssh_config"
        dest: "/home/vagrant/.ssh/config"
        owner: vagrant
        group: vagrant
        mode: 0600

- hosts: parameters-mandatory
  roles:
    - role: common

- hosts: parameters-optional
  roles:
    - role: common
      enable_backup: yes
      apt_proxy: "http://10.31.127.2:3142/"
      os_users:
        - name: user1
        - name: user2
          uid: 2001
          additional_groups:
            - group1
            - group2
          authorized_keys:
            - "{{ lookup('file', 'tests/data/ssh/clientkey1.pub') }}"
            - "{{ lookup('file', 'tests/data/ssh/clientkey2.pub') }}"
          password: "{{ 'user2' | password_hash('sha512') }}"
        - name: user3
          uid: 2002
          additional_groups:
            - group3
          authorized_keys:
            - "{{ lookup('file', 'tests/data/ssh/clientkey3.pub') }}"
          password: "{{ 'user3' | password_hash('sha512') }}"
      os_groups:
        - name: group1
        - name: group2
          gid: 3001
        - name: group3
          gid: 3002
      common_packages:
        - units
        - gnutls-bin
      ca_certificates:
        cacert1: "{{ lookup('file', 'tests/data/x509/ca1.cert.pem') }}"
        cacert2: "{{ lookup('file', 'tests/data/x509/ca2.cert.pem') }}"
      extra_backup_patterns:
        - /home/user1
        - /home/user2
      incoming_connection_limit: 5/second
      incoming_connection_limit_burst: 5/second
      prompt_colour: cyan
      prompt_id: test
      # From backup_client role meta dependency.
      backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/backup_encryption_key') }}"
      backup_server: backup-server
      backup_server_host_ssh_public_keys:
        - bougs-backup-server-key-1
        - bougs-backup-server-key-2
      backup_ssh_key: "bogus-backup-client-key"