From 75c2682befb679a998f53486e7287111c7bc26c0 Mon Sep 17 00:00:00 2001
From: "max.mehl" <max.mehl@fsfe.org>
Date: Thu, 3 Mar 2022 17:40:44 +0100
Subject: [PATCH] improve uninstallation mechanism and prevent accidental
 removal

---
 deploy.yml                  | 14 ++++++++++++++
 roles/client/tasks/main.yml | 13 +++++++++++--
 roles/server/tasks/main.yml | 13 +++++++++++--
 3 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/deploy.yml b/deploy.yml
index 1e67420..6d6701d 100644
--- a/deploy.yml
+++ b/deploy.yml
@@ -6,6 +6,20 @@
 - hosts: all
   remote_user: root
   tasks:
+    - pause:
+        prompt: "You are using a function to UNINSTALL innernet on the chosen hosts {{ play_hosts }}. Continue? (yes/no)?"
+      tags: [never, uninstall]
+      register: uninstall_confirm
+      delegate_to: localhost
+      run_once: yes
+
+    - fail:
+        msg: Aborted uninstallation of innernet.
+      tags: [never, uninstall]
+      when: not uninstall_confirm.user_input | bool
+      delegate_to: localhost
+      run_once: yes
+
     - name: Get innernet-server hostname from inventory groups
       set_fact:
         # Assuming that we only have one innernet server, we take the first
diff --git a/roles/client/tasks/main.yml b/roles/client/tasks/main.yml
index 45b185e..56977c9 100644
--- a/roles/client/tasks/main.yml
+++ b/roles/client/tasks/main.yml
@@ -18,7 +18,7 @@
     - ['-fsfe-be', '']
 
 - name: Gather which packages are installed on the client
-  tags: [update]
+  tags: [update, uninstall]
   package_facts:
     manager: auto
 
@@ -31,12 +31,21 @@
       - wireguard-tools
       - ufw
 
-- name: Remove existing innernet
+- name: Remove existing innernet configuration on client
   tags: [never, uninstall]
   expect:
     command: "innernet uninstall {{ network_name }}"
     responses:
       (?i)delete: "yes"
+  when: "'innernet' in ansible_facts.packages"
+
+- name: Remove innernet package on client
+  tags: [never, uninstall]
+  apt:
+    name: innernet
+    state: absent
+    purge: yes
+  when: "'innernet' in ansible_facts.packages"
 
 - name: Install innernet package on client
   tags: [update]
diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml
index 5be115e..5516077 100644
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@@ -4,7 +4,7 @@
 
 ---
 - name: Gather which packages are installed on the server
-  tags: [update]
+  tags: [update, uninstall]
   package_facts:
     manager: auto
 
@@ -18,12 +18,21 @@
       - wireguard-tools
       - ufw
 
-- name: Remove existing innernet
+- name: Remove existing innernet configuration
   tags: [never, uninstall]
   expect:
     command: "innernet-server uninstall {{ network_name }}"
     responses:
       (?i)delete: "yes"
+  when: "'innernet-server' in ansible_facts.packages"
+
+- name: Remove innernet package on server
+  tags: [never, uninstall]
+  apt:
+    name: innernet-server
+    state: absent
+    purge: yes
+  when: "'innernet-server' in ansible_facts.packages"
 
 - name: Install innernet package on server
   tags: [update]