---
- hosts: all
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  connection: local
  vars_files:
    - "{{ lookup('first_found', ['os_vars/' + (ansible_distribution | lower) + '.yml'], errors='ignore') }}"
  become: true
  vars:
    ansible_reboot_cooldown_minutes: 15 # Cooldown in Minuten
    ansible_pull_marker_file: /var/tmp/ansible_pull.last_run

  pre_tasks:
    - name: pre-run | get status of marker file
      stat:
        path: "{{ ansible_pull_marker_file }}"
      register: marker_file_stat
      tags: always

    - name: pre-run | check if last run was within cooldown period
      meta: end_play
      when:
        - marker_file_stat.stat.exists
        - (ansible_date_time.epoch | int) - (marker_file_stat.stat.mtime | int) < (ansible_reboot_cooldown_minutes | int * 60)
      tags: always

    - name: pre-run | set marker file path as a cached fact
      set_fact:
        ansible_pull_marker_file: "{{ ansible_pull_marker_file }}"
        cacheable: true
      tags: always

    - name: pre-run | update apt repository (debian, ubuntu, etc.) # noqa no-changed-when
      apt: update_cache=yes
      #changed_when: false
      when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
      ignore_errors: True
    - name: pre-run | update pacman repository (arch)
      pacman: update_cache=yes
      #changed_when: false
      when: ansible_distribution == 'Archlinux'
      ignore_errors: True
    - name: pre-run |update portage repository (gentoo)
      portage:
        sync: yes
      when: ansible_distribution == 'Gentoo'
      ignore_errors: True


- hosts: all:!database
  pre_tasks:
    - name: pre-run | upgrade system (debian, ubuntu, etc.)
      apt: upgrade=dist
      #changed_when: false
      when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
      ignore_errors: True
    - name: pre-run | upgrade system (arch)
      pacman: upgrade=true
      when: ansible_distribution == 'Archlinux'
      ignore_errors: True

# run roles
- hosts: all
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  tags: base
  become: true
  roles:
    - base

# - hosts: workstation
#   handlers:
#     - import_tasks: global_handlers/global_handlers.yml
#   tags: workstation
#   become: true
#   roles:
#     - workstation

- hosts: server
  tags: server
  become: true
  roles:
    - server
  handlers:
    - import_tasks: global_handlers/global_handlers.yml

- hosts: bastionhost
  tags: server,bastionhost
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  become: true
  roles:
    - bastionhost
  post_tasks:
    - name: Update AIDE database if changes were made
      include_role:
        name: bastionhost
        tasks_from: system_setup/aide_update.yml
      when: (aide_db_needs_update is defined and aide_db_needs_update) and (aide_db is defined and aide_db.stat.exists)

- hosts: nameserver
  tags: server,nameserver
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  become: true
  roles:
    - nameserver

- hosts: webservers
  tags: server,webservers
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - webservers

- hosts: mailserver
  tags: server,mailserver
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - mailserver

- hosts: database
  tags: server,database
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - database

# - hosts: dhcpserver
#   tags: server,dhcpserver
#   become: true
#   roles:
#     - dhcpserver

- hosts: docker
  tags: server,docker
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  become: true
  roles:
    - docker

- hosts: podman_servers
  tags: server,podman
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - podman

- hosts: drone
  tags: server,docker,drone
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - drone

# - hosts: fileserver
#   tags: server,fileserver
#   become: true
#   roles:
#     - fileserver

- hosts: mastodon
  tags: server,mastodon
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  become: true
  roles:
    - mastodon

# - hosts: printspooler
#   tags: server,printspooler
#   become: true
#   roles:
#     - printspooler

- hosts: jitsimeet
  tags: server,jitsimeet,webservers
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  become: true
  roles:
    - jitsimeet

- hosts: omada_controller
  tags: server,omada_controller
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - omada-controller

- hosts: backup
  tags: server,backup
  become: true
  handlers:
    - import_tasks: global_handlers/global_handlers.yml
  roles:
    - backup

# - hosts: proxyserver
#   tags: server,proxyserver
#   become: true
#   roles:
#     - proxyserver

# end of roles; cleanup and reporting
- hosts: all
  become: true
  post_tasks:
    - name: cleanup package cache (debian and ubuntu)
      tags: always
      apt:
        autoclean: yes
      changed_when: false
      when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]

    - name: autoremove orphan packages (debian and ubuntu)
      tags: always
      apt:
        autoremove: yes
        purge: yes
      when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]

    - name: post-run | update marker file timestamp on successful run
      file:
        path: "{{ ansible_pull_marker_file }}"
        state: touch
      tags: always
    # - name: send completion alert
    #   include_tasks: playbooks/send_completion_alert.yml
    #   tags: always
    #   when:
    #     - task_failed is not defined

    # - name: send failure alert
    #   include_tasks: playbooks/send_failure_alert.yml
    #   tags: always
    #   when:
    #     - task_failed is defined
    #     - task_failed == true

# vim: ts=2 sw=2 fdm=indent