---
- hosts: localhost
  vars_files:
  - "/etc/openstack/keystone.conf"
  tasks:

  # RabbitMQ configuration, this may end up in a different playbook
  - name: Create rabbitmq user
    user: name=rabbitmq comment="Rabbitmq server daemon" shell=/sbin/nologin home=/var/lib/rabbitmq

  - name: Create the rabbitmq directories
    file: path={{ item }} state=directory owner=rabbitmq group=rabbitmq
    with_items:
    - /var/run/rabbitmq
    - /var/log/rabbitmq
    - /etc/rabbitmq

  - name: Add the configuration needed for rabbitmq in /etc/rabbitmq using templates
    template: src=/usr/share/openstack/rabbitmq/{{ item }} dest=/etc/rabbitmq/{{ item }} owner=rabbitmq group=rabbitmq mode=0644
    with_items:
    - rabbitmq.config
    - rabbitmq-env.conf

  - name: Enable and start rabbitmq services
    service: name={{ item }} enabled=yes state=started
    with_items:
    - rabbitmq-server

  # Postgres configuration, this may end up in a different playbook
  - name: Create postgres user
    user: name=postgres comment="PostgreSQL Server" shell=/sbin/nologin home=/var/lib/pgsql

  - name: Create the postgres directories
    file: path={{ item }} state=directory owner=postgres group=postgres
    with_items:
    - /var/run/postgresql
    - /var/lib/pgsql/data

  - name: Initialise postgres database
    shell: pg_ctl -D  /var/lib/pgsql/data initdb creates=/var/lib/pgsql/data/base
    sudo: yes
    sudo_user: postgres

  - name: Add the configuration needed for postgres for Openstack
    template: src=/usr/share/openstack/postgres/{{ item }} dest=/var/lib/pgsql/data/{{ item }} owner=postgres group=postgres mode=0600
    with_items:
    - postgresql.conf
    - pg_hba.conf

  - name: Enable and start postgres services
    service: name={{ item }} enabled=yes state=started
    with_items:
    - postgres-server


  # Keystone configuration
  - name: Create the keystone user.
    user: name=keystone comment="Openstack Keystone Daemons" shell=/sbin/nologin home=/var/lib/keystone

  - name: Create the /var folders for keystone
    file: path={{ item }} state=directory owner=keystone group=keystone
    with_items:
    - /var/run/keystone
    - /var/lock/keystone
    - /var/log/keystone
    - /var/lib/keystone

  - file: path=/etc/keystone state=directory
  - name: Add the configuration needed for lorry in /etc using templates
    template: src=/usr/share/openstack/keystone/{{ item }} dest=/etc/keystone/{{ item }}
    with_lines:
    - (cd /usr/share/openstack/keystone && find -type f)

  - postgresql_user: name={{ KEYSTONE_DB_USER }} password={{ KEYSTONE_DB_PASSWORD }}
    sudo: yes
    sudo_user: keystone
  - postgresql_db: name=keystone owner={{ KEYSTONE_DB_USER }}
    sudo: yes
    sudo_user: keystone

  - keystone_manage: action=dbsync
    sudo: yes
    sudo_user: keystone

  - name: Enable and start openstack-keystone service
    service: name=openstack-keystone.service enabled=yes state=started

  - keystone_user: >
        tenant=admin
        tenant_description="Admin Tenant"
        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
        endpoint={{ KEYSTONE_ADMIN_URL }}

  - keystone_user: >
        user=admin
        tenant=admin
        password={{ KEYSTONE_ADMIN_PASSWORD }}
        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
        endpoint={{ KEYSTONE_ADMIN_URL }}

  - keystone_user: >
        role=admin
        user=admin
        tenant=admin
        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
        endpoint={{ KEYSTONE_ADMIN_URL }}

  - keystone_user: >
        tenant=service
        tenant_description="Service Tenant"
        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
        endpoint={{ KEYSTONE_ADMIN_URL }}

  - keystone_service: >
        name=keystone
        type=identity
        description="Keystone Identity Service"
        publicurl={{ KEYSTONE_PUBLIC_URL }}
        internalurl={{ KEYSTONE_INTERNAL_URL }}
        adminurl={{ KEYSTONE_ADMIN_URL }}
        region='RegionOne'
        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
        endpoint={{ KEYSTONE_ADMIN_URL }}