##############################################################################
# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
---
- name: make sure ssh dir exist
  file:
    path: '{{ item.path }}'
    owner: '{{ item.owner }}'
    group: '{{ item.group }}'
    state: directory
    mode: 0755
  with_items:
    - path: /root/.ssh
      owner: root
      group: root

- name: write ssh config
  copy:
    content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no"
    dest: '{{ item.dest }}'
    owner: '{{ item.owner }}'
    group: '{{ item.group }}'
    mode: 0600
  with_items:
    - dest: /root/.ssh/config
      owner: root
      group: root

- name: generate ssh keys
  shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \
         then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \
         else echo "already gen ssh key!"; fi;

- name: fetch ssh keys
  fetch:
    src: /root/.ssh/id_rsa.pub
    dest: /tmp/ssh-keys-{{ ansible_hostname }}
    flat: "yes"

- authorized_key:
    user: root
    key: "{{ lookup('file', item) }}"
  with_fileglob:
    - /tmp/ssh-keys-*
    - /root/.ssh/id_rsa.pub

- name: change sources(yum) list
  copy:
    src: centos_base.repo
    dest: /etc/yum.repos.d/centos_base.repo

- name: Install yum packages
  yum:
    pkg: "{{ item }}"
    state: "present"
  with_items: "{{ yumpackages }}"

- name: add the appropriate kernel modules
  copy:
    src: modules
    dest: /etc/modules-load.d/openstack-ansible.conf

- name: restart ntp service
  shell: "systemctl enable ntpd.service && systemctl start ntpd.service"

- name: change the MaxSessions
  lineinfile:
    dest: /etc/ssh/sshd_config
    line: "MaxSessions 500"

- name: restart ssh service
  shell: service sshd restart