- name: setup sshkeys
  gather_facts: no
  hosts: "{{target}}"
  become: "{{become_var}}"
  tasks:

  - name: generate ssh key pair
    ansible.builtin.shell:
      executable: /bin/bash
      cmd: ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -P ''
      creates: /root/.ssh/id_ed25519

  # need to define which nodes live in this cluster, in case we are calling
  # this playbook with a single target node
  - name: define nodes
    set_fact:
      nodes: "{{ groups[cluster] }}"
    run_once: true

  - debug: var=nodes
    run_once: true

  # check if run_once prevents to handle multiple clusters at once
  - name: bulk-grab cluster ssh pubkeys
    shell: ansible -i ../inventory/vmm-dnc {{cluster}} -m raw -a "cat /root/.ssh/id_ed25519.pub" | grep -vE '^$|CHANGED|^Shared | sort -k3 -V'
    register: pubkeys
    delegate_to: localhost
    run_once: true
    check_mode: false
    changed_when: false
    
  - debug: var=pubkeys.msg
    when: pubkeys.msg != ''

  # todo - add fingerprints to known hosts incl. node itself

  - name: nodes can reach each other
    ansible.builtin.blockinfile:
      content: "{{pubkeys.stdout}}"
      dest: /root/.ssh/authorized_keys

  - name: nodes static name resolution against each other
    blockinfile:
      content: |
        {% for host in groups['cluster1'] %}
        {{hostvars[host].cidr | regex_replace('/\d+$', '')}} {{host}}
        {% endfor %}
      dest: /etc/hosts

  - name: setup root env vars
    copy:
      content: |
        # CONFIGURED BY ANSIBLE
        export PATH=/root/dnc:$PATH
        export RCMD_CMD="ssh -o VisualHostKey=no"
        export RCP_CMD="scp -o VisualHostKey=no"
        export CLUSTER=$HOME/cluster.conf
      dest: /root/.profile

  # not sure why '\n' doesn't work here
  - name: setup clusterit cluster peers
    copy:
      content: |
        # CONFIGURED BY ANSIBLE
        GROUP:xen
        {% for node in nodes %}
        {{node}}
        {% endfor %}
      dest: /root/cluster.conf