---        
- name: check if Keepalived is installed
  package_facts:
    manager: "auto"
  
  
- name: Keepalived has already installed
  debug:
    msg: "Keepalived has already installed"
  when: "'keepalived' in ansible_facts.packages"

- name: Exiting  
  meta: end_play
  when: "'keepalived' in ansible_facts.packages"
  
  
- name: install EPEL Repository
  yum:
    name: epel-release
    state: latest
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and HAPVER|length > 0
  ignore_errors: yes
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"
  
  
- name: install the latest version of Keepalived
  yum:
    name: 
      - keepalived
    state: latest
  when: (ansible_facts['os_family'] == "RedHat") or (ansible_facts['os_family'] == 'CentOS')
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"

    
- name: Install keepalived
  apt:
    name: 
      - keepalived
    state: present
  when: (ansible_facts['os_family'] == 'Debian') or (ansible_facts['os_family'] == 'Ubuntu')
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"


- name: Ensure group "keepalived_script" exists
  group:
    name: keepalived_script
    state: present
    system: yes
    
    
- name: Add the user 'keepalived_script' 
  user:
    name: keepalived_script
    comment: User for keepalived_script
    group: keepalived_script
    shell: /sbin/nologin
    create_home: no
    system: yes

  
- name: Copy keepalived configuration in place.
  template:
    src: keepalived.conf.j2
    dest: /etc/keepalived/keepalived.conf
    mode: 0644
  notify: restart keepalived


- name: test to see if selinux is running
  command: getenforce
  register: sestatus
  changed_when: false

  
- name: Disble SELINUX in config
  template:
   src: ../../haproxy/templates/selinux.j2
   dest: /etc/selinux/config
  ignore_errors: yes
  when: '"Enforcing" in sestatus.stdout'
  
  
- name: Disble SELINUX in env
  shell: setenforce 0 2> /dev/null
  ignore_errors: yes
  debugger: never
  when: '"Enforcing" in sestatus.stdout'
  
  
- name: Enable and start service keepalived
  service:
    name: keepalived
    daemon_reload: yes
    state: started
    enabled: yes
  ignore_errors: yes
  
  
- name: Enable net.ipv4.ip_forward
  sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    sysctl_set: yes
    state: present
    reload: yes
    
    
- name: Add syn_flood tasks
  include: ../../haproxy/tasks/syn_flood.yml
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)