#-----------------------------------------------------------------------------------------------------------------------
#   Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
#  with the License. A copy of the License is located at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
#  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
#  and limitations under the License.
#-----------------------------------------------------------------------------------------------------------------------

# This Playbook installs Greengrass V2 Core Software(Nucleus) on an EC2 Instance running amazonlinux2 AMI
# Pre-reqs required: ansible agent installed on EC2 instance: Steps below
# > Sudo yum update
# > sudo amazon-linux-extras install epel
# > sudo yum install ansible
---
- hosts: all
  remote_user: ec2_user
  gather_facts: false
  become: yes
  vars:

    # signed urls for downloading the device certs
    iot_device_cred_zip_url: ""
    # All passed through extraVars passed through from CDF:Device-Patcher Module needs to be base64 decoded
    decoded_iot_device_cred_zip_url: "{{ iot_device_cred_zip_url | b64decode }}"

    # signed urls for downloading the device config yaml
    iot_device_config_url: ""
    # All passed through extraVars passed through from CDF:Device-Patcher Module needs to be base64 decoded
    decoded_iot_device_config_url: "{{ iot_device_config_url | b64decode }}"

    # Defaults, can be overridden through env vars if needed
    # Any of these overrides are passed through as extraVars through Device Patcher API these would need to be base64 decoded
    iot_root_ca_url: "https://www.amazontrust.com/repository/AmazonRootCA1.pem"
    iot_greengrass_core_software_url: "https://d2s8p88vqu9w66.cloudfront.net/releases/greengrass-nucleus-latest.zip"
    iot_root_ca_file_name: "AmazonRootCA1.pem"
    iot_greengrass_core_software_dir_name: "GreengrassCore"
    greengrass_root_dir: "/greengrass/v2"

    amazon_linux_extra_packages:
      - "corretto8"

    packages_to_install:
      - "java-1.8.0-amazon-corretto-devel"

  tasks:
    - name: 'Check mandatory variables are defined'
      assert:
        that:
          - iot_device_cred_zip_url != ""
          - iot_device_config_url != ""
        fail_msg: "Missing required envVars, verify the following envVars are passed [iot_device_cred_zip_url, iot_device_config_url]"
        success_msg: "Required Variables are defined"

    - name: Create greengrass root directory
      file:
        path: "{{ greengrass_root_dir }}"
        state: directory
        mode: 755

    - name: Create greengrass core software directory
      file:
        path: "{{ iot_greengrass_core_software_dir_name }}"
        state: directory

    - name: Download Root CA i.e. (default set to download amazon root CA 1)
      get_url:
        url: "{{ iot_root_ca_url }}"
        dest: "{{ greengrass_root_dir }}/{{ iot_root_ca_file_name }}"

    - name: Download Device Credential Zip file
      get_url:
        url: "{{ decoded_iot_device_cred_zip_url }}"
        dest: "{{ greengrass_root_dir }}/certs.zip"

    - name: Download Device Config File
      get_url:
        url: "{{ decoded_iot_device_config_url }}"
        dest: "{{ iot_greengrass_core_software_dir_name }}/config.yaml"

    - name: Extract certs zip
      ansible.builtin.unarchive:
        src: "{{ greengrass_root_dir }}/certs.zip"
        dest: "{{ greengrass_root_dir }}"
        remote_src: yes

    - name: copy certs into the greengrass root file
      copy:
        src: "{{ greengrass_root_dir }}/certs/"
        dest: "{{ greengrass_root_dir }}"
        remote_src: yes
        directory_mode: yes

    - name: Download & Unarchive the Greengrass Core software within a specified directory
      ansible.builtin.unarchive:
        src: "{{ iot_greengrass_core_software_url }}"
        dest: "{{ iot_greengrass_core_software_dir_name }}"
        remote_src: yes

    - name: Enable amazon-linux-extras packages
      shell: "amazon-linux-extras enable {{ item }}"
      become: yes
      with_items: "{{ amazon_linux_extra_packages }}"

    - name: Install packages i.e (java8)
      yum:
        name: "{{ packages_to_install }}"
        state: present

    - name: Install Greengrass Nucleus
      register: install_results
      become: yes
      shell: |
        java -Droot="{{ greengrass_root_dir }}" -Dlog.store=FILE \
          -jar ./{{ iot_greengrass_core_software_dir_name }}/lib/Greengrass.jar \
          --init-config ./{{ iot_greengrass_core_software_dir_name }}/config.yaml \
          --component-default-user ggc_user:ggc_group \
          --setup-system-service true

    - debug: msg="{{install_results.stdout_lines}}"

    - name: Verify Status of Greengrass System service
      become: yes
      register: svcstatus
      command:
        cmd: systemctl status greengrass.service

    - debug: msg="{{svcstatus.stdout_lines}}"