---
- name: Algo VPN Setup
  hosts: localhost
  become: false
  tasks:
    - name: Playbook dir stat
      stat:
        path: "{{ playbook_dir }}"
      register: _playbook_dir

    - name: Ensure Ansible is not being run in a world writable directory
      assert:
        that: _playbook_dir.stat.mode|int <= 775
        msg: >
          Ansible is being run in a world writable directory ({{ playbook_dir }}), ignoring it as an ansible.cfg source.
          For more information see https://docs.ansible.com/ansible/devel/reference_appendices/config.html#cfg-in-world-writable-dir

    - name: Ensure the requirements installed
      debug:
        msg: "{{ '192.168.1.1' | ansible.utils.ipaddr }}"
      ignore_errors: true
      no_log: true
      register: ipaddr

    - name: Extract ansible version from pyproject.toml
      set_fact:
        ansible_requirement: "{{ lookup('file', 'pyproject.toml') | regex_search('ansible==[0-9]+\\.[0-9]+\\.[0-9]+') }}"

    - name: Parse ansible version requirement
      set_fact:
        required_ansible_version:
          op: "{{ ansible_requirement | regex_replace('^ansible\\s*([~>=<]+)\\s*.*$', '\\1') }}"
          ver: "{{ ansible_requirement | regex_replace('^ansible\\s*[~>=<]+\\s*(\\d+\\.\\d+(?:\\.\\d+)?).*$', '\\1') }}"
      when: ansible_requirement is defined

    - name: Get current ansible package version
      command: uv pip list
      register: uv_package_list
      changed_when: false

    - name: Extract ansible version from uv package list
      set_fact:
        current_ansible_version: "{{ uv_package_list.stdout | regex_search('ansible\\s+([0-9]+\\.[0-9]+\\.[0-9]+)', '\\1') | first }}"

    - name: Verify Python meets Algo VPN requirements
      assert:
        that: (ansible_python.version.major|string + '.' + ansible_python.version.minor|string) is version('3.11', '>=')
        msg: >
          Python version is not supported.
          You must upgrade to at least Python 3.11 to use this version of Algo.
          See for more details - https://trailofbits.github.io/algo/troubleshooting.html#python-version-is-not-supported

    - name: Verify Ansible meets Algo VPN requirements
      assert:
        that:
          - current_ansible_version is version(required_ansible_version.ver, required_ansible_version.op)
          - not ipaddr.failed
        msg: >
          Ansible version is {{ current_ansible_version }}.
          You must update the requirements to use this version of Algo.
          Try to run: uv sync

- name: Include prompts playbook
  import_playbook: input.yml

- name: Include cloud provisioning playbook
  import_playbook: cloud.yml

- name: Include server configuration playbook
  import_playbook: server.yml