#  Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

- name: Install nfs-utils
  package:
    name: nfs-utils
    state: present

- name: Install firewalld
  package:
    name: firewalld
    state: present

- name: Start and enable firewalld
  service:
    name: firewalld
    state: started
    enabled: yes

- name: Start and enable rpcbind and nfs-server service
  service:
    name: "{{ item }}"
    state: restarted
    enabled: yes
  with_items:
    - rpcbind
    - nfs-server

- name: Creating NFS share directory
  file:
    path: "{{ item }}"
    state: directory
    mode: "{{ nfs_share_dir_mode }}"
  with_items:
    - "{{ nfs_share_offline_repo }}"
    - "{{ nfs_share_awx }}"

- name: Adding NFS share entries in /etc/exports
  lineinfile:
    path: "{{ exports_file_path }}"
    line: "{{ item.path }} {{ item.ip }}(rw,sync,no_root_squash)"
  with_items:
    - { path: "{{ nfs_share_offline_repo }}", ip: "{{ mngmnt_network_ip }}" }
    - { path: "{{ nfs_share_offline_repo }}", ip: "{{ public_ip }}" }
    - { path: "{{ nfs_share_awx }}", ip: "{{ mngmnt_network_ip }}" }
    - { path: "{{ nfs_share_awx }}", ip: "{{ public_ip }}" }
    - { path: "{{ nfs_share_offline_repo }}", ip: "{{ mngmnt_network_subnet }}/{{ mngmnt_network_netmask }}" }

- name: Exporting the shared directories
  command: exportfs -r
  changed_when: true

- name: Configuring firewall
  firewalld:
    service: "{{ item }}"
    permanent: true
    state: enabled
  with_items:
    - "{{ nfs_services }}"

- name: Reload firewalld
  command: firewall-cmd --reload
  changed_when: true

- name: Stop and disable firewalld
  service:
    name: firewalld
    state: stopped
    enabled: no