---
# global/common requirement
- name: Stop nfs server service
  ansible.builtin.systemd:
    name: "{{ 'nfs-server' if ansible_facts['os_family'] == 'RedHat' else 'nfsserver' if ansible_facts['os_family'] == 'Suse' else 'nfs-kernel-server' if ansible_facts['os_family'] == 'Debian' }}"
    state: stopped
    enabled: false
  failed_when: false

- name: Include pre_requisite_non_container.yml
  ansible.builtin.include_tasks: pre_requisite_non_container.yml
  when: not containerized_deployment | bool

- name: Include pre_requisite_container.yml
  ansible.builtin.include_tasks: pre_requisite_container.yml
  when: containerized_deployment | bool

- name: Set_fact _rgw_hostname
  ansible.builtin.set_fact:
    _rgw_hostname: "{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}"

- name: Set rgw parameter (log file)
  ceph_config:
    action: set
    who: "client.rgw.{{ _rgw_hostname }}"
    option: "log file"
    value: "/var/log/ceph/{{ cluster }}-rgw-{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}.log"
  environment:
    CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
    CEPH_CONTAINER_BINARY: "{{ container_binary }}"
  loop: "{{ groups.get('nfss', []) }}"

- name: Include create_rgw_nfs_user.yml
  ansible.builtin.import_tasks: create_rgw_nfs_user.yml
  when: groups.get(mon_group_name, []) | length > 0

- name: Install nfs-ganesha-selinux on RHEL 8
  ansible.builtin.package:
    name: nfs-ganesha-selinux
    state: present
  register: result
  until: result is succeeded
  when:
    - not containerized_deployment | bool
    - inventory_hostname in groups.get(nfs_group_name, [])
    - ansible_facts['os_family'] == 'RedHat'
    - ansible_facts['distribution_major_version'] == '8'

# NOTE (leseb): workaround for issues with ganesha and librgw
- name: Add ganesha_t to permissive domain
  community.general.selinux_permissive:
    name: ganesha_t
    permissive: true
  failed_when: false
  when:
    - not containerized_deployment | bool
    - ansible_facts['os_family'] == 'RedHat'
    - ansible_facts['selinux']['status'] == 'enabled'

- name: Nfs with external ceph cluster task related
  when:
    - groups.get(mon_group_name, []) | length == 0
    - ceph_nfs_ceph_user is defined
  block:
    - name: Create keyring directory
      ansible.builtin.file:
        path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ item }}"
        state: directory
        owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
        group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
        mode: "0755"
      with_items:
        - "{{ ceph_nfs_ceph_user }}"
        - "{{ ansible_facts['hostname'] }}"

    - name: Set_fact rgw_client_name
      ansible.builtin.set_fact:
        rgw_client_name: "client.rgw.{{ ceph_nfs_ceph_user }}"

    - name: Get client cephx keys
      ansible.builtin.copy:
        dest: "{{ item.1 }}"
        content: "{{ item.0.content | b64decode }}"
        mode: "{{ item.0.item.get('mode', '0600') }}"
        owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
        group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
      with_nested:
        - "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] | default([]) }}"
        - ['/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ceph_nfs_ceph_user }}/keyring', "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring"]
      when:
        - not item.0.get('skipped', False)
        - item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name
      no_log: "{{ no_log_on_ceph_key_tasks }}"

- name: Include start_nfs.yml
  ansible.builtin.import_tasks: start_nfs.yml