---

- set_fact:
    resource_group: "Algo_{{ region }}"

- name: Create a resource group
  azure_rm_resourcegroup:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    name: "{{ resource_group }}"
    location: "{{ region }}"
    tags:
      Environment: Algo

- name: Create a virtual network
  azure_rm_virtualnetwork:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    resource_group: "{{ resource_group }}"
    name: algo_net
    address_prefixes: "10.10.0.0/16"
    tags:
      Environment: Algo

- name: Create a security group
  azure_rm_securitygroup:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    resource_group: "{{ resource_group }}"
    name: AlgoSecGroup
    purge_rules: yes
    rules:
      - name: AllowSSH
        protocol: Tcp
        destination_port_range: 22
        access: Allow
        priority: 100
        direction: Inbound
      - name: AllowIPSEC500
        protocol: Udp
        destination_port_range: 500
        access: Allow
        priority: 110
        direction: Inbound
      - name: AllowIPSEC4500
        protocol: Udp
        destination_port_range: 4500
        access: Allow
        priority: 120
        direction: Inbound

- name: Create a subnet
  azure_rm_subnet:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    resource_group: "{{ resource_group }}"
    name: algo_subnet
    address_prefix: "10.10.0.0/24"
    virtual_network: algo_net
    security_group_name: AlgoSecGroup
    tags:
      Environment: Algo

- name: Create an instance
  azure_rm_virtualmachine:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    resource_group: "{{ resource_group }}"
    admin_username: ubuntu
    virtual_network: algo_net
    name: "{{ azure_server_name }}"
    ssh_password_enabled: false
    vm_size: Standard_D1
    tags:
      Environment: Algo
    ssh_public_keys:
      - { path: "/home/ubuntu/.ssh/authorized_keys", key_data: "{{ lookup('file', '{{ SSH_keys.public }}') }}" }
    image:
      offer: UbuntuServer
      publisher: Canonical
      sku: '16.04-LTS'
      version: latest
  register: azure_rm_virtualmachine

- set_fact:
    ip_address: "{{ azure_rm_virtualmachine.ansible_facts.azure_vm.properties.networkProfile.networkInterfaces[0].properties.ipConfigurations[0].properties.publicIPAddress.properties.ipAddress }}"
    networkinterface_name: "{{ azure_rm_virtualmachine.ansible_facts.azure_vm.properties.networkProfile.networkInterfaces[0].name }}"

- name: Ensure the network interface includes all required parameters
  azure_rm_networkinterface:
    secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}"
    tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}"
    client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}"
    subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}"
    name: "{{ networkinterface_name }}"
    resource_group: "{{ resource_group }}"
    virtual_network_name: algo_net
    subnet_name: algo_subnet
    security_group_name: AlgoSecGroup

- name: Add the instance to an inventory group
  add_host:
    name: "{{ ip_address }}"
    groups: vpn-host
    ansible_ssh_user: ubuntu
    ansible_python_interpreter: "/usr/bin/python2.7"
    ansible_ssh_private_key_file: "{{ SSH_keys.private }}"
    cloud_provider: azure
    ipv6_support: no

- set_fact:
    cloud_instance_ip: "{{ ip_address }}"

- name: Ensure the group azure exists in the dynamic inventory file
  lineinfile:
    state: present
    dest: configs/inventory.dynamic
    line: '[azure]'

- name: Populate the dynamic inventory
  lineinfile:
    state: present
    dest: configs/inventory.dynamic
    insertafter: '\[azure\]'
    regexp: "^{{ cloud_instance_ip }}.*"
    line: "{{ cloud_instance_ip }}"