# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
# localhost
---
- name: "DEBUG: ansible-gentoo_install tarball"
  debug:
    verbosity: 1
    msg: "DEBUG: ansible-gentoo_install tarball"
   
- name: test we are NOT in the chroot
  shell: |
    [ -n "{{AGI_NBD_MP}}" ] || exit 2
    [ -d "{{AGI_NBD_MP}}" ] || exit 3
  check_mode: false

- name: gpg keys system
  # Option --keyserver must be used to
  environment: "{{proxy_env}}"
  shell: |
    /usr/bin/gpg --list-keys | grep "{{ item.uid }}" || \
      /usr/bin/gpg --recv-keys \
          --keyserver "{{ AGI_GPG_SERVER }}" "{{ item.uid }}"
  with_items: "{{ agi_gpg_keys_system }}"
  when:
    - agi_gpg_keys_system|length > 0
    - BASE_ARE_CONNECTED|default('') != ''
  # FixMe:
  ignore_errors: true

- name: check files dir
  environment: "{{shell_env}}"
  shell: |
    AGI_NBD_FILES="{{AGI_NBD_FILES}}"
    [ -n "$AGI_NBD_FILES" ] || exit 1
    [ -d "$AGI_NBD_FILES" ] || exit 2

- name: determine latest stage tarball
  environment: "{{proxy_env}}"
  uri:
    url: "{{ AGI_install_baseurl }}{{ AGI_install_latest_stage_pointer }}"
    return_content: yes
    dest: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
    creates: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
  register: latest_stage

- name: read tarball
  environment: "{{shell_env}}"
  shell: |
    AGI_NBD_FILES="{{AGI_NBD_FILES}}"
    filename=$(grep ^stage "$AGI_NBD_FILES/latest-stage3-amd64-openrc.txt" | \
      sed -e 's/ .*//' ) ;
    suffix=$(echo $filename | sed -e 's/.*\././' );
    prefix=$(echo $filename | sed -e "s/$suffix//" );
    echo $filename
  register: tarball_out
 
- set_fact:
    latest_stage_tarball_url_suffix: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0] }}"
    latest_stage_tarball: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0].split('/')[1] }}"
  when:
    - not ansible_check_mode
    - false

- set_fact:
    latest_stage_tarball_url_suffix: "{{tarball_out.stdout}}"
    # there's not directory now
    latest_stage_tarball: "{{tarball_out.stdout}}"
    latest_portage_tarball: portage-20231223.tar.xz
  when:
    - not ansible_check_mode
    - tarball_out.rc|default(1) == 0
   
- name: fetch latest stage tarball
  environment: "{{proxy_env}}"
  delegate_to: localhost
  uri:
    url: "{{ item.url }}"
    dest: "{{ item.dest }}"
    creates: "{{ item.creates }}"
  with_items:
    -
      url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}"
      dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
      creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
    -
      url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}.sha256"
      dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
      creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
  when:
    - not ansible_check_mode

- name: check stage tarball
  environment: "{{shell_env}}"
  shell: |
    cd "{{AGI_NBD_FILES}}" || exit 1
    sha256sum "{{ latest_stage_tarball }}.sha256"
  when:
    - not ansible_check_mode
  
- name: extract stage tarball
  unarchive:
    src:  "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
    dest: "{{AGI_NBD_MP}}"
    remote_src: no
    creates: "{{AGI_NBD_MP}}/var"

- name: fetch latest portage tarball
  environment: "{{proxy_env}}"
  delegate_to: localhost
  uri:
    url: "{{ AGI_install_baseurl }}{{ latest_portage_tarball }}"
    dest: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
    creates: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"


- name: test portage tarball
  environment: "{{shell_env}}"
  shell: |
    cd "{{AGI_NBD_FILES}}"
    md5sum -c "{{ latest_portage_tarball }}.md5sum"

- name: test gpg not GENTOO
  environment: "{{shell_env}}"
  shell: |
    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
    [ -f /usr/local/share/openpgp-keys/gentoo-release.asc ] || exit 1
    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
      gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc || exit 2
  when:
    - "ansible_distribution != 'Gentoo'"

- name: test gpg GENTOO
  shell: |
    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
    [ -f  /usr/share/openpgp-keys/gentoo-release.asc ] || \
      emerge -v sec-keys/openpgp-keys-gentoo-release || exit 1
    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
      gpg --import /usr/share/openpgp-keys/gentoo-release.asc || exit 2
  when:
    - "ansible_distribution == 'Gentoo'"

- name: test portage tarball gpg our copy
  environment: "{{shell_env}}"
  shell: |
    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || exit 2
    gpg --verify "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}.gpgsig" \
        "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"  || exit 3$?

- name: extract portage tarball
  unarchive:
    src:  "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
    dest: "{{AGI_NBD_MP}}/usr"
    remote_src: no
    creates: "{{AGI_NBD_MP}}/usr/portage"