#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

- name: Fetch hostname
  command: hostname
  register: loginnode_hostname
  changed_when: false

- name: Install freeipa client package
  package:
    name: "{{ ipa_client_package }}"
    state: present
  tags: install

- name: Set hostname of ipa server when manager node has ipa server installed
  set_fact:
    required_ipa_admin_pwd: "{{ hostvars['127.0.0.1']['kerberos_admin_password'] }}"
    required_server_hostname: "{{ hostvars[groups['manager'][0]]['server_hostname'] }}"
    required_domain_name: "{{ hostvars['127.0.0.1']['domain_name'] }}"
  when: not hostvars['127.0.0.1']['ipa_server_ms']
  no_log: true

- name: Set hostname of ipa server when MS has ipa server installed
  set_fact:
    required_ipa_admin_pwd: "{{ hostvars['127.0.0.1']['ms_ipa_admin_password'] }}"
    required_server_hostname: "{{ hostvars['127.0.0.1']['server_hostname'] }}"
    required_domain_name: "{{ hostvars['127.0.0.1']['server_domain'] }}"
    ms_ip_address: "{{ hostvars['127.0.0.1']['ipaddress'] }}"
  when: hostvars['127.0.0.1']['ipa_server_ms']
  no_log: true

- name: Add host name in hosts file
  lineinfile:
    dest: "{{ hosts_file_dest }}"
    line: "{{ ms_ip_address  }} {{ required_server_hostname }}"
    state: present
    create: yes
    mode: "{{ hosts_file_mode }}"
  when: hostvars['127.0.0.1']['ipa_server_ms']

- name: Uninstall client if already installed
  command: ipa-client-install --uninstall -U
  changed_when: false
  failed_when: false

- block:
    - name: Install ipa client in CentOS 7.9
      command: >-
        ipa-client-install --domain '{{ required_domain_name }}' --server '{{ required_server_hostname }}'
        --principal admin --password '{{ required_ipa_admin_pwd }}' --force-join --enable-dns-updates --force-ntpd -U
      changed_when: true
      no_log: true
      register: install_ipa_client
      when:
        - ( ansible_distribution | lower == os_centos )
        - ( ansible_distribution_version < os_version )

    - name: Install ipa client in Rocky 8
      command: >-
        ipa-client-install --domain '{{ required_domain_name }}' --server '{{ required_server_hostname }}'
        --principal admin --password '{{ required_ipa_admin_pwd }}' --force-join --enable-dns-updates --no-ntp -U
      changed_when: true
      no_log: true
      register: install_ipa_client
      when:
        - ( ansible_distribution | lower == os_centos ) or
          ( ansible_distribution | lower == os_rocky )
        - ( ansible_distribution_version >= os_version )
  rescue:
    - name: Install ipa client failed
      fail:
        msg: "Error: {{ install_ipa_client.stderr_lines }}"