init_env/aws/main.yml

---
# AWS specific initialization starts here
- name: "AWS specific initialization"
  hosts: build_control
  connection: local
  become: false
  vars_files:
    - "vars/aws_vars.yml"
    - "../../vars/main.yml"
    - "~/agof_vault.yml"
  vars:
    ec2_wait: true
  tasks:
    - name: collection final check
      block:
        - name: run AWS check setup if using AWS
          ansible.builtin.include_role:
            name: roles/aws_check_setup

      rescue:
        - name: Error with setup
          fail:
            msg: The provisioner has failed during initial check_setup, please scroll up to see exact error.

    - name: Provision network stuff
      ansible.builtin.include_role:
        name: roles/manage_ec2_infra

    - name: Include vars from previous runs
      ansible.builtin.include_vars:
        file: '{{ pattern_state_rootdir }}/{{ ec2_name_prefix }}/aws_state_vars.yml'
      ignore_errors: true
      when: save_aws_vars

    - name: Copy AMI image if needed
      block:
        - name: Check for AMI in ec2 region
          amazon.aws.ec2_ami:
            image_id: "{{ imagebuilder_ami }}"
            region: "{{ ec2_region }}"
          register: ami_query
          failed_when: ami_query.msg is search('InvalidAMIID.NotFound')
      rescue:
        - name: Copy image to desired region
          community.aws.ec2_ami_copy:
            source_region: "{{ ami_source_region }}"
            region: "{{ ec2_region }}"
            source_image_id: "{{ imagebuilder_ami }}"
            wait: true
          register: ami_copy

        - name: Set AMI ID now that we have a new one
          ansible.builtin.set_fact:
            copied_ami: "{{ ami_copy.image_id }}"
      when:
        - copied_ami is not defined
        - ami_source_region != ec2_region

    - name: Save variables for later if desired
      ansible.builtin.copy:
        content: |-
           ---
           ec2_name_prefix: '{{ ec2_name_prefix }}'
           ec2_region: '{{ ec2_region }}'
           ec2_vpc_id: '{{ ec2_vpc_id }}'
           ec2_vpc_subnet_id: '{{ ec2_vpc_subnet_id }}'

           pattern_dns_zone: '{{ pattern_dns_zone }}'

           {% if copied_ami is defined %}
           copied_ami: '{{ copied_ami }}'
           {% endif %}
           imagebuilder_ami: '{{ imagebuilder_ami }}'
        dest: '{{ pattern_state_rootdir }}/{{ ec2_name_prefix }}/aws_state_vars.yml'
      when: save_aws_vars

    - name: Build VMs and manage DNS entries
      ansible.builtin.include_role:
        name: roles/manage_ec2_instances
      vars:
        ami_id: "{{ copied_ami | default(imagebuilder_ami) }}"

- name: Ensure AWS nodes are ready for post-provisioning
  hosts: aws_nodes
  become: true
  gather_facts: false
  vars_files:
    - "vars/aws_vars.yml"
    - "~/agof_vault.yml"
  tasks:
    - name: "Wait for VM(s) to be ready for SSH"
      ansible.builtin.wait_for_connection:
        delay: 1
        timeout: 600

- name: Post-provisioning tasks
  hosts: aws_nodes
  become: true
  gather_facts: true
  vars_files:
    - "vars/aws_vars.yml"
    - "~/agof_vault.yml"
  vars:
    ec2_instances_built: "{{ hostvars['localhost']['ec2_instances_built'] }}"
    ipaclient_configure_dns_resolver: false
  tasks:
    - name: "Ensure remote tmp directory"
      ansible.builtin.file:
        path: '{{ aws_remote_tmp }}'
        mode: '0700'
        owner: '{{ ansible_user }}'
        recurse: true

    - name: 'Ensure hostname-setting can persist (thanks, cloud-init)'
      ansible.builtin.lineinfile:
        path: '/etc/cloud/cloud.cfg'
        regexp: '^\s*preserve_hostname:'
        line: 'preserve_hostname: true'

    - name: Set hostnames
      ansible.builtin.hostname:
        name: '{{ short_hostname }}.{{ pattern_domain }}'

    - name: Set /etc/hosts
      ansible.builtin.copy:
        content: |
          127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
          ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

          {% for ib in ec2_instances_built %}
          {{ ib.private_ip_address }}        {{ ib.tags.avpname }}.{{ pattern_domain }} {{ ib.tags.avpaliases }}
          {% endfor %}
        dest: /etc/hosts
        owner: root
        group: root
        mode: '0644'