#!/bin/bash

set -eux

### --start_docs
## Prepare network for deploying the overcloud
## ==================================================

## Prepare Your Environment
## ------------------------

## * Source in the undercloud credentials.
## ::

source {{ working_dir }}/stackrc

{% if network_isolation|bool %}

## Setup Networking
## ----------------

## * Enable NAT for "external" network.
## ::
RULE="-s {{undercloud_external_network_cidr}} ! -d {{undercloud_external_network_cidr}} -j MASQUERADE"

if ! sudo iptables -t nat -C BOOTSTACK_MASQ $RULE; then
    sudo iptables -t nat -A BOOTSTACK_MASQ $RULE
    sudo sh -c 'iptables-save > /etc/sysconfig/iptables'
fi
{% endif %}

{% if network_isolation|bool and network_isolation_type in ['single-nic-vlans', 'single_nic_vlans', 'bond-with-vlans', 'bond_with_vlans'] %}

{% if network_isolation_type in ['single_nic_vlans', 'bond_with_vlans'] %}
# NOTE: 'bond_with_vlans' and 'single_nic_vlans' are deprecated
echo "Network isolation types 'bond_with_vlans' and 'single_nic_vlans' are deprecated"
echo "Please use 'single-nic-vlans' and 'bond-with-vlans'"
{% endif %}
{% for name, network in (undercloud_networks|default({})).items() if name == 'external' %}

{% if not overcloud_ipv6|bool and network.device_type == 'ovs' %}
sudo bash -c 'cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-vlan{{ network.tag }}
DEVICE=vlan{{ network.tag }}
ONBOOT=yes
DEVICETYPE={{ network.device_type }}
TYPE={{ network.type }}
BOOTPROTO=static
IPADDR={{ network.address }}
NETMASK={{ network.netmask }}
OVS_BRIDGE={{ network.ovs_bridge }}
OVS_OPTIONS={{ network.ovs_options }}
EOF'

sudo ifup ifcfg-vlan{{ network.tag }}

{% elif network.device_type == 'ethernet' %}

sudo bash -c 'cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-{{ network.device_name }}
DEVICE={{ network.device_name }}
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=static
IPADDR={{ network.address }}
NETMASK={{ network.netmask }}
EOF'

{% if overcloud_ipv6|bool %}

sudo bash -c 'cat <<EOF >> /etc/sysconfig/network-scripts/ifcfg-{{ network.device_name }}
IPV6ADDR={{ network.address6 }}
IPV6INIT=yes
EOF'

{%endif%}

sudo ifup ifcfg-{{ network.device_name }}

{%endif%}


{% endfor %}

{% elif not network_isolation|bool %}

## * Set the DNS server in the control plane network
## ::

    # Set DNS server for the overcloud nodes
    neutron subnet-update $(neutron net-list | awk '/ctlplane/{print $(NF-2) }') --dns-nameserver $(cat /etc/resolv.conf | grep nameserver | awk '{ print $2 }' | sed ':a;N;$!ba;s/\n/ --dns-nameserver /g')

{%endif%}

{% if enable_tls_everywhere|bool and overcloud_dns_servers and release not in ['mitaka', 'newton'] %}

## * Set the DNS server for the overcloud's ctlplane subnet. This will be used briefly before
##   os-net-config runs in the overcloud nodes, but for TLS-everywhere, we need it for discovery to
##   work in the FreeIPA enrollment.
## ::

CTLPLANE_SUBNET=$(openstack subnet show ctlplane-subnet -f value -c id)
neutron subnet-update $CTLPLANE_SUBNET \
    {% for nameserver in overcloud_dns_servers %} --dns-nameserver "{{ nameserver }}" {% endfor %}

{% endif %}

### --stop_docs