# Copyright (c) 2015 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: "MySQL - Create database"
  mysql_db:
    login_user={{ mysql_username }}
    login_password={{ mysql_password }}
    name=inspector
    state=present
    encoding=utf8
  register: test_created_inspector_db
- name: "MySQL - Create user for inspector"
  mysql_user:
    login_user={{ mysql_username }}
    login_password={{ mysql_password }}
     name=inspector
     password={{ ironic_db_password }}
     priv=inspector.*:ALL
     state=present
- name: "Inspector - Ensure /etc/ironic-inspector/ exists"
  file:
    dest=/etc/ironic-inspector
    owner=ironic
    group=ironic
    mode=0755
    state=directory
- name: "Inspector - Place Configuration"
  template:
    src=ironic-inspector.conf.j2
    dest=/etc/ironic-inspector/inspector.conf
    owner=ironic
    group=ironic
    mode=0740
- name: "Inspector - create data folder"
  file:
    name="{{ inspector_data_dir }}"
    state=directory
    owner=ironic
    group=ironic
    mode=0755
- name: "Inspector - create log folder"
  file:
    name="{{ inspector_data_dir }}/log"
    state=directory
    owner=ironic
    group=ironic
    mode=0755
- name: "Upgrade inspector DB Schema"
  shell: ironic-inspector-dbsync --config-file /etc/ironic-inspector/inspector.conf upgrade
  become: true
  environment: "{{ bifrost_venv_env if enable_venv else '{}' }}"
- name: "Inspector - Get ironic-inspector install location"
  shell: echo $(dirname $(which ironic-inspector))
  register: ironic_install_prefix
  environment: "{{ bifrost_venv_env if enable_venv else '{}' }}"
- name: "Inspector - Place service"
  template: src={{ init_template }} dest={{ init_dest_dir }}{{item.service_name}}{{ init_ext }} owner=root group=root
  with_items:
    - { service_path: "{{ ironic_install_prefix.stdout }}", service_name: 'ironic-inspector', username: 'ironic', args: '--config-file /etc/ironic-inspector/inspector.conf'}
- name: "Inspector - Explicitly permit TCP/5050 for ironic-inspector callback"
  command: iptables -I INPUT -p tcp --dport 5050 -i {{network_interface}} -j ACCEPT