---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Gather variables for each operating system
  include_vars: "{{ lookup('first_found', params) }}"
  vars:
    params:
      files:
        - "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
        - "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
        - "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
        - "{{ ansible_facts['distribution'] | lower }}.yml"
        - "{{ ansible_facts['os_family'] | lower }}.yml"
      paths:
        - "{{ role_path }}/vars"
  tags:
    - always

- name: Allow the usage of local facts
  file:
    path: /etc/ansible/facts.d/
    state: directory
    mode: "0755"
  tags:
    - openstack_hosts-install

# Deploy the release file everywhere
- name: Importing openstack_release tasks
  import_tasks: openstack_release.yml
  tags:
    - openstack_hosts-install

# Proxy configuration applies to all nodes
- name: Add global_environment_variables to environment file
  blockinfile:
    dest: "/etc/environment"
    state: present
    marker: "# {mark} Managed by OpenStack-Ansible"
    insertbefore: EOF
    block: "{{ lookup('template', 'environment.j2') }}"
  tags:
    - openstack_hosts-config

- name: Ensure environement is applied during sudo
  lineinfile:
    path: /etc/pam.d/sudo
    line: "session    required   pam_env.so readenv=1 user_readenv=0"
    regexp: 'session\s+required\s+pam_env\.so'
    insertbefore: '^@include'
  when: ansible_facts['distribution'] | lower == 'debian'

- name: Create systemd global directory
  file:
    path: /etc/systemd/system.conf.d/
    state: directory
    owner: "root"
    group: "root"
    mode: "0755"

- name: Add DefaultEnvironment to systemd
  openstack.config_template.config_template:
    src: systemd-environment.j2
    dest: /etc/systemd/system.conf.d/osa-default-environment.conf
    owner: "root"
    group: "root"
    mode: "0644"
    config_overrides: "{{ openstack_systemd_global_overrides }}"
    config_type: ini
  notify: Systemd daemon reload

# Configure host files should apply to all nodes
- name: Configure etc hosts files
  include_tasks: openstack_update_hosts_file.yml
  args:
    apply:
      tags:
        - openstack_hosts-config
        - openstack_hosts-file
  when:
    - (openstack_host_manage_hosts_file | bool) or (openstack_host_manage_deploy_hosts_file | bool)
  tags:
    - always

- name: Remove the blacklisted packages
  package:
    name: "{{ openstack_hosts_package_list | selectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
    state: absent

# This allows to include this role to get all the distro
# specific configuration for all the nodes.
# It is also used for installing common packages to
# all nodes
- name: Apply package management distro specific configuration
  include_tasks: "openstack_hosts_configure_{{ ansible_facts['pkg_mgr'] | lower }}.yml"

# Configure bare metal nodes: Kernel, sysctl, sysstat, hosts files, metal packages
- name: Including configure_metal_hosts tasks
  include_tasks: configure_metal_hosts.yml
  args:
    apply:
      tags:
        - openstack_hosts-install
  when:
    - is_metal
  tags:
    - always

- name: Decreasing tcp_retries2 sysctl
  sysctl:
    name: "net.ipv4.tcp_retries2"
    value: "{{ keepalived_sysctl_tcp_retries | default(8) }}"
    sysctl_set: yes
    state: "{{ (keepalived_sysctl_tcp_retries | default(8) > 0) | ternary('present', 'absent') }}"
    reload: yes
  failed_when: false

- name: Install distro packages
  package:
    name: "{{ openstack_host_distro_packages }}"
    state: "{{ openstack_hosts_package_state }}"
  when:
    - openstack_host_distro_packages | length > 0
  register: install_packages
  until: install_packages is success
  retries: 5
  delay: 2

- name: Install user defined extra distro packages
  package:
    name: "{{ openstack_host_extra_distro_packages }}"
    state: "{{ openstack_hosts_package_state }}"
  when:
    - openstack_host_extra_distro_packages | length > 0
  register: install_packages
  until: install_packages is success
  retries: 5
  delay: 2

- name: Importing openstack_authorized_keys tasks
  import_tasks: openstack_authorized_keys.yml
  tags:
    - openstack_hosts-config

- name: Including PKI role
  include_role:
    name: pki
    tasks_from: main_ca_install.yml
  vars:
    pki_dir: "{{ openstack_pki_dir }}"
    pki_install_ca: "{{ openstack_pki_install_ca | default([]) + openstack_host_ca_certificates }}"
  tags:
    - always

- name: Including openstack_gitconfig tasks
  include_tasks: openstack_gitconfig.yml
  args:
    apply:
      tags:
        - openstack_hosts-config
  when: ansible_facts['hostname'] != 'aio1'

- name: Including openstack_hosts_systemd tasks
  include_tasks: openstack_hosts_systemd.yml
  args:
    apply:
      tags:
        - openstack_hosts-config
        - openstack_hosts-systemd
  when:
    - openstack_hosts_systemd_networkd_devices or
      openstack_hosts_systemd_networkd_networks or
      openstack_hosts_systemd_services or
      openstack_hosts_systemd_mounts
  tags:
    - always