---
- name: Create and provision LXC container on Proxmox
  hosts: node0
  gather_facts: no
  become: yes
  become_user: root
    
  vars:
    node_ip: "{{ hostvars['node0']['ansible_host'] }}"      
    mac_address: "8E:90:31:DE:31:36"

    container_id: 200
    container_template: "/var/lib/vz/template/cache/debian-13-standard_13.1-1_amd64.tar.zst"
    container_ostype: debian
    container_hostname: "{{ addc_hostname }}"
    container_password: 123456
    container_storage: local-lvm
    container_rootfs_size: 8G
    container_memory: 1024
    container_swap: 256
    container_cores: 2
    container_net: name=eth0,bridge=vmbr0,ip={{ addc_ansible_host }}/24,gw={{ location_gateway }},hwaddr={{ mac_address }}
    container_features: "keyctl=1,nesting=1,mount=cifs"
    container_description: default lxc
    container_onboot: 1
    container_protection: 0
    container_unprivileged: 1
    container_pubkey: "{{ ssh_public_keys[0] }}"
    container_tags: 
      - ansible_managed
      - test

  tasks:

    - name: Create LXC container {{ container_hostname }} with id {{ container_id }} using pct command on shell
      ansible.builtin.shell: |
        pct create {{ container_id }} {{ container_template }} \
          -ostype {{ container_ostype }} \
          -hostname {{ container_hostname }} \
          -password {{ container_password }} \
          -ssh-public-keys "{{ container_pubkey }}" \
          -cores {{ container_cores }} \
          -memory {{ container_memory }} \
          -swap {{ container_swap }} \
          -net0 {{container_net}} \
          -storage {{ container_storage }} \
          -description "{{ container_description }}" \
          -onboot {{ container_onboot }} \
          -protection {{ container_protection }} \
          -unprivileged {{ container_unprivileged }} \
          -tags "{{ container_tags | join(',') }}" \
          -features {{ container_features }}
      args:
        creates: "/etc/pve/lxc/{{ container_id }}.conf"
    
# -timezone: {{ localization_timezone }} \

    - name: Start the LXC container {{ container_hostname }}
      ansible.builtin.command:
        cmd: pct start {{ container_id }}
      register: start_result
      changed_when: "'started' in start_result.stdout or start_result.rc == 0"

    # - name: Wait for the container to get an IP address
    #   ansible.builtin.shell: "pct exec {{ container_id }} -- hostname -I"
    #   register: container_ip
    #   until: container_ip.stdout != ""
    #   retries: 10
    #   delay: 5

    # - name: Get container IP
    #   ansible.builtin.shell: "pct exec {{ container_id }} -- hostname -I | awk '{print $1}'"
    #   register: lxc_ip
    #   changed_when: false

    # - name: Add container to in-memory inventory
    #   ansible.builtin.add_host:
    #     name: "{{ container_hostname }}"
    #     ansible_host: "{{ lxc_ip.stdout }}"
    #     ansible_user: root

- name: Provision dc1 LXC
  hosts: dc1
  gather_facts: false
  become: true

  tasks:

  - name: Ensure SSH authorized keys are present
    ansible.posix.authorized_key:
      user: root
      key: "{{ item }}"
      state: present
    loop: "{{ ssh_public_keys }}"

  - name: Update and install useful packages
    ansible.builtin.package:
      name:
        - nano
        - tzdata
        - openssh-server
      state: present