- name: Change wrong HAProxy service file
  template:
    src: haproxy.service.j2
    dest: /usr/lib/systemd/system/haproxy.service
    mode: 0644
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and haproxy_from_wi is defined


- name: test to see if selinux is running
  command: getenforce
  register: sestatus
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')
  changed_when: false
  ignore_errors: yes
  debugger: never


- name: Disble SELINUX in config
  template:
   src: selinux.j2
   dest: /etc/selinux/config
  ignore_errors: yes
  when:
    - sestatus.stdout is defined
    - '"Enforcing" in sestatus.stdout'


- name: Disble SELINUX in env
  shell: setenforce 0 &> /dev/null
  ignore_errors: yes
  debugger: never
  when:
    - sestatus.stdout is defined
    - '"Enforcing" in sestatus.stdout'

- name: Open stat port for firewalld
  firewalld:
    port: "{{ item }}/tcp"
    state: enabled
    permanent: yes
    immediate: yes
  ignore_errors: yes
  no_log: True
  debugger: never
  when:
    - '"firewalld" in ansible_facts.packages'
    - ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
    - ansible_facts.services["firewalld.service"]['state'] == "running"
  with_items:  [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}", "10000" ]

- name: Open stat port for iptables
  iptables:
    chain: INPUT
    destination_port: "{{ item }}"
    jump: ACCEPT
    protocol: tcp
  ignore_errors: yes
  with_items:  [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}", "10000" ]

- name: Creates HAProxy directory
  file:
    path: /etc/haproxy
    owner: "{{ansible_user}}"
    group: "{{ansible_user}}"
    state: directory
  ignore_errors: yes

- name: Copy HAProxy configuration in place.
  template:
    src: haproxy.cfg.j2
    dest: /etc/haproxy/haproxy.cfg
    mode: 0644
    force: no

- name: Creates HAProxy stats directory
  file:
    path: /var/lib/haproxy
    owner: haproxy
    group: haproxy
    state: directory
  ignore_errors: yes