---
# RabbitMQ Tasks
- name: Install required packages for RabbitMQ
  ansible.builtin.dnf:
    name: rabbitmq-server
    state: present

- name: Enable SELinux boolean
  ansible.posix.seboolean:
    name: nis_enabled
    persistent: true
    state: true

- name: Deploy RabbitMQ configuration
  ansible.builtin.template:
    src: "etc/rabbitmq/{{ item }}.j2"
    dest: "/etc/rabbitmq/{{ item }}"
    owner: rabbitmq
    group: rabbitmq
    mode: '0644'
  loop:
    - rabbitmq.conf
    - rabbitmq-env.conf
  notify:
    - restart_rabbitmq

- name: Deploy erlang cookie
  ansible.builtin.copy:
    owner: rabbitmq
    group: rabbitmq
    mode: '0600'
    content: "{{ rabbitmq_cookie }}"
    dest: "/var/lib/rabbitmq/.erlang.cookie"
  notify:
    - restart_rabbitmq

- name: Create systemd override for RabbitMQ
  ansible.builtin.file:
    path: /etc/systemd/system/rabbitmq-server.service.d
    state: directory
    owner: root
    group: root
    mode: '0755'

- name: Override nofile limit for RabbitMQ
  ansible.builtin.copy:
    dest: /etc/systemd/system/rabbitmq-server.service.d/99-override.conf
    owner: root
    group: root
    mode: '0644'
    content: |
      [Service]
      LimitNOFILE={{ rabbitmq_file_limit }}

# We are doing it the command line way
- name: Enable RabbitMQ Plugins
  ansible.builtin.command: "rabbitmq-plugins enable {{ rabbitmq_plugins | join(' ') }}"
  changed_when: "1 != 1"

- name: Ensure file ownership for plugins
  ansible.builtin.file:
    path: /etc/rabbitmq/enabled_plugins
    owner: rabbitmq
    group: rabbitmq
    mode: '0644'
    state: file

- name: Ensure file ownership for certificate
  ansible.builtin.file:
    path: "{{ item }}"
    owner: rabbitmq
    group: rabbitmq
    mode: '0600'
    state: file
  loop:
    - "{{ rabbitmq_tls_cert }}"
    - "{{ rabbitmq_tls_key }}"

- name: Open applicable firewall rules
  ansible.posix.firewalld:
    port: "{{ item }}"
    permanent: true
    state: enabled
    immediate: true
  loop:
    - 1883/tcp
    - 4369/tcp
    - 5671/tcp
    - 5672/tcp
    - 8883/tcp
    - 15672/tcp
    - 25672/tcp
    - 35672-35682/tcp

- name: Non-master nodes should wait for 001 to be up first
  ansible.builtin.wait_for:
    host: "{{ rabbitmq_cluster_list[0] }}"
    port: '5672'
    delay: '15'
    connect_timeout: '10'
    state: started
  when: "'rabbitmq001' not in inventory_hostname"

- name: Ensure RabbitMQ is running
  ansible.builtin.service:
    name: rabbitmq-server
    state: started
    enabled: true

- name: Vhost tasks
  include_tasks: vhosts.yml

- name: Users Tasks
  include_tasks: users.yml

- name: Topic Tasks
  include_tasks: topics.yml

- name: Federation Tasks
  include_tasks: federation.yml

- name: Common Apps
  include_tasks: commonapps.yml