/home/zuul/src/opendev.org/openstack/openstack-ansible-rabbitmq_server/tasks/rabbitmq_post_install.yml
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Create rabbitmq systemd service config dir
  file:
    path: "/etc/systemd/system/rabbitmq-server.service.d"
    state: "directory"
    group: "root"
    owner: "root"
    mode: "0755"
  tags:
    - rabbitmq-config

- name: Create rabbitmq config
  register: rabbit_config
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  with_items:
    - { src: "rabbitmq.config.j2", dest: "/etc/rabbitmq/rabbitmq.config" }
    - { src: "rabbitmq-server.j2", dest: "/etc/default/rabbitmq-server" }
    - { src: "rabbitmq-env.j2", dest: "/etc/rabbitmq/rabbitmq-env.conf" }
  tags:
    - rabbitmq-config

- name: Apply resource limits (systemd)
  template:
    src: "limits.conf.j2"
    dest: "/etc/systemd/system/rabbitmq-server.service.d/limits.conf"
  register: rabbit_resource_limit
  tags:
    - rabbitmq-config

- name: Add automatic restart on failure
  template:
    src: systemd-restart-on-failure.conf.j2
    dest: "/etc/systemd/system/rabbitmq-server.service.d/systemd-restart-on-failure.conf"
  register: rabbit_restart_on_failure
  tags:
    - rabbitmq-config

- name: Reload the systemd daemon
  systemd:
    daemon_reload: yes
  when:
    - rabbit_resource_limit is changed
    - rabbit_restart_on_failure is changed
  tags:
    - rabbitmq-config
    # don't trigger ANSIBLE0016
    - skip_ansible_lint

- name: Configure rabbitmq plugins
  rabbitmq_plugin:
    names: "{{ item.name }}"
    state: "{{ item.state }}"
  with_items: "{{ rabbitmq_plugins }}"
  register: rabbitmq_plugin
  tags:
    - rabbitmq-config

- include_tasks: rabbitmq_restart.yml
  when: rabbit_config is changed or rabbitmq_plugin is changed or cookie_set is changed or rabbitmq_upgrade | bool

- name: Apply rabbitmq policies
  rabbitmq_policy:
    node: "rabbit@{{ ansible_hostname }}"
    name: "{{ item.name }}"
    pattern: "{{ item.pattern }}"
    priority: "{{ item.priority | default(0) }}"
    tags: "{{ item.tags }}"
  register: rabbitmq_policy
  loop: "{{ (rabbitmq_apply_openstack_policies | bool) | ternary(rabbitmq_openstack_policies + rabbitmq_policies, rabbitmq_policies) }}"
  tags:
    - rabbitmq-config
    - rabbitmq-cluster

- include_tasks: rabbitmq_restart.yml
  when: rabbitmq_policy is changed

# This is being done because the rabbitctl command used by the module
# is not very effective at returning proper status codes for failure
# and the module does not error detection. until we can go upstream
# to fix this issue this task being being done in two parts to ensure
# that the "guest" user is eradicated.
- name: Ensure default rabbitmq guest user is removed
  rabbitmq_user:
    node: "rabbit@{{ ansible_hostname }}"
    user: guest
    state: absent
  when: inventory_hostname == groups[rabbitmq_host_group][0]
  tags:
    - rabbitmq-user

- name: Ensure default rabbitmq guest user is removed
  rabbitmq_user:
    node: "rabbit@{{ ansible_hostname }}"
    user: guest
    state: absent
  when: inventory_hostname != groups[rabbitmq_host_group][0]
  tags:
    - rabbitmq-user