---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Create base directories
  file:
    path: "{{ item }}"
    state: "directory"
    owner: "root"
    group: "root"
  with_items:
    - /etc/lxc
    - /usr/local/bin
    - /etc/network/interfaces.d
    - /etc/apparmor.d/lxc
    - /usr/share/lxc/templates
    - /openstack
    - /openstack/backup
    - "{{ lxc_container_directory }}"
    - "{{ lxc_container_cache_path }}"
  tags:
    - lxc-directories

- name: Ensure the lxc dnsmasq user exists
  user:
    name: "{{ lxc_net_dnsmasq_user }}"
    comment: "LXC dnsmasq"
    system: "yes"
    shell: "/bin/false"
    home: "/var/lib/lxc"
  tags:
    - lxc-dnsmasq-user

- name: Drop base config file(s)
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ item.owner|default('root') }}"
    group: "{{ item.group|default('root') }}"
    mode: "{{ item.mode|default('0644') }}"
  with_items:
    - { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" }
    - { src: lxc.default.j2, dest: "/etc/default/lxc-net", mode: "0644" }
    - { src: lxc-system-manage.j2, dest: "/usr/local/bin/lxc-system-manage", mode: "0755" }
    - { src: manual-init.override.j2, dest: "/etc/init/lxc-net.override" }
  tags:
    - lxc-files
    - lxc-config

- name: Drop irqbalance config
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ item.owner|default('root') }}"
    group: "{{ item.group|default('root') }}"
    mode: "{{ item.mode|default('0644') }}"
  with_items:
    - { src: irqbalance.j2, dest: "/etc/default/irqbalance" }
  notify:
    - Restart irqbalance
  tags:
    - lxc-files
    - lxc-irqbalance

- name: Drop lxc-openstack app armor profile
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ item.owner|default('root') }}"
    group: "{{ item.group|default('root') }}"
    mode: "{{ item.mode|default('0644') }}"
  with_items:
    - { src: lxc-openstack.apparmor.j2, dest: "/etc/apparmor.d/lxc/lxc-openstack" }
  notify:
    - Load lxc-openstack apparmor profile
    - Restart apparmor
  tags:
    - lxc-files
    - lxc-apparmor

# Ensure apparmor reindex runs before other things that may fail
- meta: flush_handlers