- name: Configure the server and install required software
  hosts: localhost
  gather_facts: false

  vars:
    zones:
      "1": "us-central1-a"
      "2": "us-central1-b"
      "3": "us-central1-c"
      "4": "us-central1-f"
      "5": "us-east1-b"
      "6": "us-east1-c"
      "7": "us-east1-d"
      "8": "europe-west1-b"
      "9": "europe-west1-c"
      "10": "europe-west1-d"
      "11": "asia-east1-a"
      "12": "asia-east1-b"
      "13": "asia-east1-c"

  vars_prompt:
  - name: "credentials_file"
    prompt: "Enter the local path to your credentials JSON file [ex: ~/gogle_cloud.json] (https://support.google.com/cloud/answer/6158849?hl=en&ref_topic=6262490#serviceaccounts):\n"
    private: no

  - name: "ssh_public_key"
    prompt: "Enter the local path to your SSH public key:\n"
    default: "~/.ssh/id_rsa.pub"
    private: no

  - name: "zone"
    prompt: >
      What zone should the server be located in?
        1. Central US       (Iowa A)
        2. Central US       (Iowa B)
        3. Central US       (Iowa C)
        4. Central US       (Iowa F)
        5. Eastern US       (South Carolina B)
        6. Eastern US       (South Carolina C)
        7. Eastern US       (South Carolina D)
        8. Western Europe   (Belgium B)
        9. Western Europe   (Belgium C)
        10. Western Europe  (Belgium D)
        11. East Asia       (Taiwan A)
        12. East Asia       (Taiwan B)
        13. East Asia       (Taiwan C)
      Please choose the number of your zone. Press enter for default (#8) zone.
    default: "8"
    private: no

  - name: "server_name"
    prompt: "Name the vpn server:\n"
    default: "algo"
    private: no

  - name: "dns_enabled"
    prompt: "Do you want to use a local DNS resolver to block ads while surfing? (Y or N):\n"
    default: "Y"
    private: no

  - name: "auditd_enabled"
    prompt: "Do you want to use auditd ? (Y or N):\n"
    default: "Y"
    private: no

  roles:
    - cloud-gce

- name: Post-provisioning tasks
  hosts: vpn-host
  gather_facts: false
  become: true
  vars_files:
    - config.cfg

  pre_tasks:
    - name: Install prerequisites
      raw: sudo apt-get update -qq && sudo apt-get install -qq -y python2.7
    - name: Configure defaults
      raw: sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1

  roles:
    - common
    - security
    - proxy
    - vpn
    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }
    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }