#!/bin/bash

set -ex

YUM_INSTALL="yum --setopt=skip_missing_names_on_install=False -y install"

# We deploy candlepin via ansible
$YUM_INSTALL epel-release

# Install dependencies
CANDLEPIN_DEPS="\
ansible \
git \
openssl \
"

$YUM_INSTALL $CANDLEPIN_DEPS

mkdir -p playbookdir; cd playbookdir;

mkdir -p roles
git clone https://github.com/candlepin/ansible-role-candlepin.git roles/candlepin

# Run the playbook
cat > inventory <<- EOF
[dev]
localhost
EOF

useradd -m admin
echo admin:foobar | chpasswd
echo 'admin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/admin

cat > playbook.yml <<- EOF
- hosts: dev

  environment:
    JAVA_HOME: /usr/lib/jvm/java-1.8.0/

  roles:
     - role: candlepin
       candlepin_git_pull: True
       candlepin_deploy_args: "-g -a -f -t"
       candlepin_user: admin
       candlepin_user_home: /home/admin
       candlepin_checkout: /home/admin/candlepin
EOF

ansible-playbook -i inventory -c local -v --skip-tags 'system_update' playbook.yml

rm -rf playbookdir

# reduce image size
yum clean all
/var/lib/testvm/zero-disk.setup

# Final tweaks

rm -rf /var/log/journal/*
echo "kernel.core_pattern=|/usr/lib/systemd/systemd-coredump %p %u %g %s %t %e" > /etc/sysctl.d/50-coredump.conf

# Audit events to the journal
rm -f '/etc/systemd/system/multi-user.target.wants/auditd.service'
rm -rf /var/log/audit/