- name: Update the /etc/hosts file with node name
  lineinfile:
    dest: "/etc/hosts"
    regexp: ".*\t{{ hostvars[item]['inventory_hostname']}}"
    line: "{{ hostvars[item]['ansible_host'] }}\t{{ hostvars[item]['inventory_hostname']}}"
    state: present
    backup: yes
  loop: "{{ groups['all'] }}"

- name: Resize the disks if volume was expanded (experimental)
  shell: |
    /usr/bin/growpart /dev/vda 2 
    /usr/sbin/pvresize -y -q /dev/vda2 
    /usr/sbin/lvresize -y -q -r -l +100%FREE /dev/mapper/*root 

- name: Disable SELinux
  selinux:
    policy: targeted
    state: permissive

- name: Copy SELinux Policies
  template:
    src: ../selinux/my-openstack.te
    dest: /etc/selinux/targeted/policy/my-openstack.te
  when: ( 'control-plane' in group_names )

- name: Build SELinux exception module & allow openstack CCM to mount the /etc/ssl/certs files
  shell: |
    checkmodule -M -m -o /etc/selinux/targeted/policy/my-openstack.mod /etc/selinux/targeted/policy/my-openstack.te
    semodule_package -o /etc/selinux/targeted/policy/my-openstack.pp -m /etc/selinux/targeted/policy/my-openstack.mod
    semodule -i /etc/selinux/targeted/policy/my-openstack.pp
  when: ( 'control-plane' in group_names )

- name: Enable container_use_cephfs
  shell: |
    setsebool -P container_use_cephfs 1
  when: ( 'agents' in group_names )

- name: Ensure /var/lib/rancher/rke2/server/manifests
  file:
    path: /var/lib/rancher/rke2/server/manifests
    state: directory
    recurse: yes

- name: Ensure /etc/rancher/rke2
  file:
    path: /etc/rancher/rke2
    state: directory
    recurse: yes

- name: Enable SELinux
  selinux:
    policy: targeted
    state: enforcing