---
- name: Setup repos, CA and networks on ceph nodes
  hosts: "{{ cifmw_ceph_target | default('ceph')  }}"
  gather_facts: true
  become: true
  vars:
    cifmw_adoption_osp_deploy_ntp_server: "pool.ntp.org"
    cifmw_adoption_osp_deploy_repos:
      - rhel-9-for-x86_64-baseos-eus-rpms
      - rhel-9-for-x86_64-appstream-eus-rpms
      - rhel-9-for-x86_64-highavailability-eus-rpms
      - openstack-17.1-for-rhel-9-x86_64-rpms
      - fast-datapath-for-rhel-9-x86_64-rpms
      - rhceph-7-tools-for-rhel-9-x86_64-rpms
    common_dns: ["2620:cf:cf:aaaa::1"]
    base_config: "/etc/os-net-config"
  tasks:
    - name: Setup repositories via rhos-release if needed
      ansible.builtin.import_role:
        name: repo_setup
        tasks_from: rhos_release.yml

    - name: Install custom CA if needed
      ansible.builtin.import_role:
        name: install_ca
    - name: Ensure needed logins
      ansible.builtin.import_role:
        name: adoption_osp_deploy
        tasks_from: login_registries.yml

    - name: Ensure repos are setup
      become: true
      community.general.rhsm_repository:
        name: "{{ cifmw_adoption_osp_deploy_repos }}"
        state: enabled
      register: repo_result
      until: repo_result is succeeded
      retries: 5
      delay: 30

    - name: Ensure os-net-config folder exists in ceph nodes
      become: true
      ansible.builtin.file:
        path: "/etc/os-net-config"
        state: directory
        mode: '0755'

    - name: Ensure os-net-config and openvswitch is installed in ceph nodes
      become: true
      ansible.builtin.dnf:
        name:
          - os-net-config
          - openvswitch
        state: present
      retries: 5
      delay: 30
      register: _ceph_pkgs_install
      until: _ceph_pkgs_install is success

    - name: Generate os-net-config YAML
      ansible.builtin.copy:
        dest: "{{ base_config }}/network-os-net-config.yaml"
        mode: '0644'
        content: |
          network_config:
          - type: ovs_bridge
            name: br-ex
            mtu: 1500
            use_dhcp: false
            dns_servers: {{ common_dns }}
            addresses:
            - ip_netmask: "{{ hostvars[inventory_hostname]['bridge_ip'] }}"
            routes: []
            members:
            - type: interface
              name: nic2
              mtu: 1500
              primary: true
              addresses:
              - ip_netmask: "{{ hostvars[inventory_hostname]['external_ip'] }}"
              routes: []
            - type: vlan
              vlan_id: 20
              addresses:
              - ip_netmask: "{{ hostvars[inventory_hostname]['internalapi_ip'] }}"
              routes: []
            - type: vlan
              vlan_id: 21
              addresses:
              - ip_netmask: "{{ hostvars[inventory_hostname]['storage_ip'] }}"
              routes: []
            - type: vlan
              vlan_id: 23
              addresses:
              - ip_netmask: "{{ hostvars[inventory_hostname]['storagemgmt_ip'] }}"
              routes: []
            - type: vlan
              vlan_id: 22
              addresses:
              - ip_netmask: "{{ hostvars[inventory_hostname]['tenant_ip'] }}"
              routes: []

    - name: Apply network configuration
      ansible.builtin.command: >
        os-net-config -c {{ base_config }}/network-os-net-config.yaml -v
      changed_when: true

    - name: Set net.ipv6.ip_nonlocal_bind
      ansible.posix.sysctl:
        name: net.ipv6.ip_nonlocal_bind
        value: '1'
        state: present