---
- name: Select primary Network Interface
  when: hypervisor_type == "vmware"
  ansible.builtin.set_fact:
    environment_interface_name: >-
      {{
        (
          (ansible_facts.interfaces | default(ansible_facts['ansible_interfaces'] | default([])))
          | reject('equalto', 'lo')
          | list
          | first
        )
        | default('')
      }}

- name: Bring up network interface
  when:
    - hypervisor_type == "vmware"
    - environment_interface_name | default('') | length > 0
  ansible.builtin.command: "ip link set {{ environment_interface_name }} up"
  register: environment_link_result
  changed_when: environment_link_result.rc == 0

- name: Set IP-Address
  when:
    - hypervisor_type == "vmware"
    - system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
  ansible.builtin.command: >-
    ip addr replace {{ system_cfg.network.ip }}/{{ system_cfg.network.prefix }}
    dev {{ environment_interface_name }}
  register: environment_ip_result
  changed_when: environment_ip_result.rc == 0

- name: Set Default Gateway
  when:
    - hypervisor_type == "vmware"
    - system_cfg.network.gateway is defined and system_cfg.network.gateway | string | length > 0
    - system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
  ansible.builtin.command: "ip route replace default via {{ system_cfg.network.gateway }}"
  register: environment_gateway_result
  changed_when: environment_gateway_result.rc == 0

- name: Configure DNS resolvers
  when:
    - hypervisor_type == "vmware"
    - system_cfg.network.dns.servers | default([]) | length > 0
  ansible.builtin.copy:
    dest: /etc/resolv.conf
    content: |
      {% for server in system_cfg.network.dns.servers %}
      nameserver {{ server }}
      {% endfor %}
      {% if system_cfg.network.dns.search | default([]) | length > 0 %}
      search {{ system_cfg.network.dns.search | join(' ') }}
      {% endif %}
    mode: "0644"

- name: Synchronize clock via NTP
  ansible.builtin.command: timedatectl set-ntp true
  register: environment_ntp_result
  changed_when: environment_ntp_result.rc == 0

- name: Configure SSH for root login
  when:
    - hypervisor_type == "vmware"
    - hypervisor_cfg.ssh | default(false) | bool
    - system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
  block:
    - name: Allow login
      ansible.builtin.replace:
        path: /etc/ssh/sshd_config
        regexp: "{{ item.regexp }}"
        replace: "{{ item.replace }}"
      loop:
        - regexp: "^#?PermitEmptyPasswords.*"
          replace: "PermitEmptyPasswords yes"
        - regexp: "^#?PermitRootLogin.*"
          replace: "PermitRootLogin yes"
      loop_control:
        label: "{{ item.replace }}"

    - name: Reload SSH service to apply changes
      ansible.builtin.service:
        name: sshd
        state: reloaded

    - name: Switch to SSH connection
      ansible.builtin.set_fact:
        ansible_connection: ssh
        ansible_user: root
        ansible_password: ""
        ansible_host: "{{ system_cfg.network.ip }}"
        ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"

    - name: Reset connection for SSH switchover
      ansible.builtin.meta: reset_connection

    - name: Verify SSH connectivity
      ansible.builtin.wait_for_connection:
        timeout: 30
        delay: 2