# SPDX-License-Identifier: BSD-3-Clause
# get service facts, used in defaults/main.yml
---
- name: Ensure ansible_facts used by role
  include_tasks: tasks/set_facts.yml

- name: Print network provider
  debug:
    msg: "Using network provider: {{ network_provider }}"

- name: Abort applying the network state configuration if using the
    `network_state` variable with the initscripts provider
  fail:
    msg: Only the `nm` provider supports using the `network_state` variable
  when:
    - network_state != {}
    - network_provider == "initscripts"

- name: Abort applying the network state configuration if the system version
    of the managed host is below 8
  fail:
    msg: The `network_state` variable uses nmstate backend which is only
      supported since RHEL-8
  when:
    - network_state != {}
    - ansible_facts["distribution_major_version"] | int < 8

- name: Abort applying teaming configuration if the system version
    of the managed host is EL10 or later
  fail:
    msg: >-
      Teaming is not supported in
      {{ ansible_facts["distribution"] }}-{{ ansible_facts["distribution_major_version"] }} -
      use bonding instead
  when:
    - ansible_facts["distribution_major_version"] | int > 9
    - ansible_facts["distribution"] in __network_rh_distros
    - network_connections | selectattr("type", "defined") |
      selectattr("type", "match", "^team$") | list | length > 0 or
      network_state.get("interfaces", []) | selectattr("type", "defined") |
      selectattr("type", "match", "^team$") | list | length > 0

- name: Check if updates for network packages are available through the DNF
    package manager due to wireless or team interfaces
  dnf:
    update_cache: true
    name: "{{ network_packages }}"
    state: latest  # noqa package-latest
  register: dnf_package_update_info
  check_mode: true
  when:
    - ansible_facts["distribution"] == 'Fedora' or
      ansible_facts["distribution_major_version"] | int > 7
    - __network_wireless_connections_defined
      or __network_team_connections_defined
    - not __network_is_ostree

- name: Check if updates for network packages are available through the YUM
    package manager due to wireless or team interfaces
  yum:
    update_cache: true
    name: "{{ network_packages }}"  # noqa package-latest
    state: latest
  register: yum_package_update_info
  check_mode: true
  when:
    - ansible_facts["distribution_major_version"] | int < 8
    - __network_wireless_connections_defined
      or __network_team_connections_defined
    - not __network_is_ostree

- name: Ask user's consent to restart NetworkManager due to wireless or team
    interfaces
  fail:
    msg: NetworkManager needs to be restarted to be able to proceed
      because wireless and team interfaces are defined. This might
      disturb the connectivity of the managed system. Please set
      `network_allow_restart` to `true` if you are prepared for this.
      Notice that the necessary action is to install NetworkManager-wifi or
      NetworkManager-team plugin and to restart NetworkManager.
  register: __network_service_restart_requested
  when:
    - __network_wireless_connections_defined
       or __network_team_connections_defined
    - network_provider == "nm"
    - not network_allow_restart
    - dnf_package_update_info is changed or yum_package_update_info is changed

# Depending on the plugins, checking installed packages might be slow
# for example subscription manager might slow this down
# Therefore install packages only when rpm does not find them
- name: Install packages
  package:
    name: "{{ network_packages }}"
    state: present
    use: "{{ (__network_is_ostree | d(false)) |
      ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
  when:
    - not network_packages is subset(ansible_facts.packages.keys())
  register: __network_package_install
  until: __network_package_install is success
  retries: 6
  delay: 10

- name: Install NetworkManager and nmstate when using network_state variable
  package:
    name:
      - NetworkManager
      - nmstate
    state: present
    use: "{{ (__network_is_ostree | d(false)) |
      ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
  when:
    - network_state != {}
    - ansible_facts["distribution"] == 'Fedora' and
      ansible_facts["distribution_major_version"] | int > 27 or
      ansible_facts["distribution"] != 'Fedora' and
      ansible_facts["distribution_major_version"] | int > 7

- name: Install python3-libnmstate when using network_state variable
  package:
    name:
      - python3-libnmstate
    state: present
    use: "{{ (__network_is_ostree | d(false)) |
      ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
  when:
    - network_state != {}
    - ansible_facts["distribution"] == 'Fedora' and
      ansible_facts["distribution_major_version"] | int > 34 or
      ansible_facts["distribution"] != 'Fedora' and
      ansible_facts["distribution_major_version"] | int > 8

# If network packages changed and wireless or team connections are specified,
# NetworkManager must be restarted, and the user needs to explicitly consent
# to restart NetworkManager by setting `network_allow_restart` to `true`
- name: Restart NetworkManager due to wireless or team interfaces
  service:
    name: NetworkManager
    state: restarted
  when:
    - __network_wireless_connections_defined
       or __network_team_connections_defined
    - network_provider == "nm"
    - network_allow_restart
    # ansible-lint wants this to be a handler, but this is not appropriate as
    # NetworkManager must be restarted prior to the connections being created.
    # see (https://docs.ansible.com/ansible-lint/rules/default_rules.html)
    - __network_package_install.changed  # noqa no-handler

- name: Enable and start NetworkManager
  service:
    name: "{{ network_service_name }}"
    state: started
    enabled: true
  when:
    - network_provider == "nm" or network_state != {}
  no_log: true

# If any 802.1x connections are used, the wpa_supplicant
# service is required to be running
- name: Enable and start wpa_supplicant
  service:
    name: wpa_supplicant
    state: started
    enabled: true
  when:
    - network_provider == "nm"
    - __network_wpa_supplicant_required

- name: Enable network service
  service:
    name: "{{ network_service_name }}"
    enabled: true
  when:
    - network_provider == "initscripts"
  no_log: true

- name: Ensure initscripts network file dependency is present
  copy:
    dest: /etc/sysconfig/network
    content: "# Created by network system role"
    mode: "0644"
    force: false
  when:
    - network_provider == "initscripts"

- name: Configure networking connection profiles
  network_connections:
    provider: "{{ network_provider | mandatory }}"
    ignore_errors: "{{ network_ignore_errors | default(omit) }}"
    force_state_change: "{{ network_force_state_change | default(omit) }}"
    connections: "{{ network_connections | default([]) }}"
    __debug_flags: "{{ __network_debug_flags | default(omit) }}"
    __header: "{{ __lsr_ansible_managed }}"
  vars:
    __lsr_ansible_managed: "{{ lookup('template', 'get_ansible_managed.j2') }}"
  register: __network_connections_result

- name: Configure networking state
  network_state:
    desired_state: "{{ network_state }}"
  register: __network_state_result
  when: network_state != {}

- name: Show stderr messages for the network_connections
  debug:
    var: __network_connections_result.stderr_lines

- name: Show debug messages for the network_connections
  debug:
    var: __network_connections_result
    verbosity: 1

- name: Show debug messages for the network_state
  debug:
    var: __network_state_result
    verbosity: 1
  when: network_state != {}

- name: Re-test connectivity
  ping: