---
# file: roles/mariadb_cluster/tasks/main.yml

- name: Create variable of other members IPs to be included into the cluster
  set_fact: nodelist={%for host in groups['mariadb_cluster']|difference([inventory_hostname])%}{{hostvars[host].ansible_host}}{% if not loop.last %},{% endif %}{% endfor %}

- name: Install prereq packages
  package:
    name:
      - mariadb-server-galera
      - mariadb-server
      - galera
    state: latest
  tags: packages

- name: Update galera config
  template:
    src: "galera.cnf.j2"
    dest: "/etc/my.cnf.d/z-galera.cnf"
  notify: Bootstrap Galera

- name: Certificates tasks
  include_tasks: certificates.yml
  when: mariadb_cluster_ssl == true

- name: Update ssl config
  template:
    src: "ssl.cnf.j2"
    dest: "/etc/my.cnf.d/z-ssl.cnf"
  when: mariadb_cluster_ssl == true

- name: Enable firewall rule for MySQL access
  firewalld:
    port: 3306/tcp
    permanent: yes
    immediate: yes
    state: enabled
  notify: Reload firewalld
  when: mariadb_cluster_access_ip == ""

- name: "Enable firewall rule for MySQL access to Access IP"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ item }}" port port="3306" protocol="tcp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld
  loop: "{{ mariadb_cluster_access_ip }}"
  when: mariadb_cluster_access_ip != ""

- name: Setup access for other servers
  include_tasks: setup-server.yml
  loop: "{{ groups['mariadb_cluster']|difference([inventory_hostname]) }}"
  loop_control:
    extended: yes

- name: Place mariadb-fail script
  template:
    src: "mariadb-fail.j2"
    dest: "/usr/local/sbin/mariadb-fail"
    owner: root
    mode: 755

- name: Deploy mariadb-fail service
  template:
    src: mariadb-fail.service.j2
    dest: /etc/systemd/system/mariadb-fail.service
  notify: Daemon Reload

- name: Create directory for mariadb override
  file: 
    path: "/etc/systemd/system/mariadb.service.d"
    state: directory

- name: Deploy mariadb override
  template:
    src: mariadb-override.conf.j2
    dest: /etc/systemd/system/mariadb.service.d/override.conf
  notify: Daemon Reload

- name: Set selinux nis_enabled
  seboolean:
    name: nis_enabled
    state: true
    persistent: true

- name: Flush handlers
  meta: flush_handlers

- name: Start and enable mariadb
  service:
    name: mariadb
    state: started
    enabled: yes