---        
- name: check if Keepalived is installed
  package_facts:
    manager: "auto"

- name: install EPEL Repository
  yum:
    name: epel-release
    state: latest
  when:
    - ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
    - ansible_facts['distribution_major_version'] == '7'
  ignore_errors: yes
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"

- name: Creates log directory
  file:
    path: "{{keepalived_path_logs}}"
    state: directory

- name: Copy keepalived configuration for rsyslog.
  template:
    src: rsyslog.conf.j2
    dest: /etc/rsyslog.d/50-keepalived.conf
    mode: 0644
  notify: restart rsyslog

- name: Install the latest version of Keepalived
  package:
    name:
      - keepalived
      - psmisc
    state: present
  when: "'keepalived' not in ansible_facts.packages"
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"


- name: Ensure group "keepalived_script" exists
  group:
    name: keepalived_script
    state: present
    system: yes
    
    
- name: Add the user 'keepalived_script' 
  user:
    name: keepalived_script
    comment: User for keepalived_script
    group: keepalived_script
    shell: /sbin/nologin
    create_home: no
    system: yes

  
- name: Copy keepalived configuration in place.
  template:
    src: keepalived.conf.j2
    dest: /etc/keepalived/keepalived.conf
    mode: 0644
  notify: restart keepalived


- name: test to see if selinux is running
  command: getenforce
  register: sestatus
  changed_when: false
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')

  
- name: Disble SELINUX in config
  template:
   src: ../../haproxy/templates/selinux.j2
   dest: /etc/selinux/config
  ignore_errors: yes
  when:
    - sestatus.stdout is defined
    - '"Enforcing" in sestatus.stdout'
  
  
- name: Disble SELINUX in env
  shell: setenforce 0 2> /dev/null
  ignore_errors: yes
  debugger: never
  when:
    - sestatus.stdout is defined
    - '"Enforcing" in sestatus.stdout'
  
  
- name: Enable and start service keepalived
  service:
    name: keepalived
    daemon_reload: yes
    state: started
    enabled: yes
  ignore_errors: yes
  
  
- name: Enable net.ipv4.ip_forward
  sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    sysctl_set: yes
    state: present
    reload: yes
    
    
- name: Add syn_flood tasks
  include: ../../haproxy/tasks/syn_flood.yml
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)