#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

- name: Collecting ansible python version
  shell:
    cmd: ansible --version | grep "python version" | cut -d ' ' -f 6
  register: ansible_python_version
  changed_when: false

- name: Saving management station os
  set_fact:
    mgmt_os: "{{ ansible_facts['distribution'] | lower }}"

- name: Verify the ansible and python versions installed
  fail:
    msg: "{{ ansible_python_version_status }}"
  when:
    - ansible_python_version.stdout != python_version_leap
    - ansible_python_version.stdout != python_version_support
  tags: install

- name: Verify whether ansible configuration file exists
  stat:
    path: "{{ default_ansible_config_file_path }}"
  register: file_exists

- name: Set omnia.log file
  replace:
    path: "{{ default_ansible_config_file_path }}"
    regexp: '#log_path = /var/log/ansible.log'
    replace: 'log_path = /var/log/omnia.log'
  when: file_exists.stat.exists
  tags: install

- name: Check OS support
  assert:
    that:
      - ( mgmt_os == os_supported_centos ) and ( ansible_distribution_version >= os_supported_centos_version ) or
        ( mgmt_os == os_supported_rocky ) and ( ansible_distribution_version >= os_supported_rocky_version ) or
        ( os_supported_leap in mgmt_os ) and ( ansible_distribution_version >= os_supported_leap_version )
    fail_msg: "{{ fail_os_status }}"
    success_msg: "{{ success_os_status }}"
  register: os_value
  tags: install

- block:
    - name: Fetch SElinux mode
      command: sestatus
      register: sestatus_current
      changed_when: false

    - name: Disable SElinux
      replace:
        path: /etc/sysconfig/selinux
        regexp: 'SELINUX=[a-z]+'
        replace: 'SELINUX=disabled'
      when: '"SELinux status: enabled" in sestatus_current.stdout_lines'
      tags: install

    - name: Status of SElinux
      fail:
        msg: "{{ selinux_status }}"
      when: '"SELinux status: enabled" in sestatus_current.stdout_lines'
      register: selinux_value
      tags: install
  when:
    - ( mgmt_os == os_supported_centos ) and ( ansible_distribution_version >= os_supported_centos_version ) or
      ( mgmt_os == os_supported_rocky ) and ( ansible_distribution_version >= os_supported_rocky_version )

- name: State of firewall
  service:
    name: firewalld
    state: started
    enabled: yes