- name: Deploy rqlite config
  ansible.builtin.template:
    src: rqlite-config.json.template
    dest: /opt/netmaker_server/rqlite/config.json

# CERTIFICATE
- name: Generate PrivateKey
  community.crypto.openssl_privatekey:
    path: /opt/netmaker/rqlite/certs/node.key

- name: Generate Certificate-Signing-Request from privateKey
  community.crypto.openssl_csr:
    path: /opt/netmaker/rqlite/certs/node.csr
    privatekey_path: /opt/netmaker/rqlite/certs/node.key
    common_name: "{{ ansible_facts.nodename }}"

- name: Fetch CSR
  ansible.builtin.fetch:
    src: /opt/netmaker/rqlite/certs/node.csr
    dest: tmp_files/

- name: Sign CSR locally with CA
  local_action: community.crypto.x509_certificate
  args:
    path: tmp_files/{{ inventory_hostname }}/opt/netmaker_server/rqlite/certs/node.crt
    csr_path: tmp_files/{{ inventory_hostname }}/opt/netmaker_server/rqlite/certs/node.csr
    ownca_path: secret_files/netmaker_server/ca/ca.crt
    ownca_privatekey_path: secret_files/netmaker_server/ca/ca.key
    provider: ownca
  
- name: Copy Signed Certificate
  ansible.builtin.copy:
    src: tmp_files/{{ inventory_hostname }}/opt/netmaker_server/rqlite/certs/node.crt
    dest: /opt/netmaker_server/rqlite/certs/node.crt

- name: Copy CA Certificate
  ansible.builtin.copy:
    src: secret_files/netmaker_server/ca/ca.crt
    dest: /opt/netmaker_server/rqlite/certs/ca.crt
# CERTIFICATE

- name: Start rqlite service for 1st-node
  command: "docker-compose --project-directory /opt/netmaker_server/ up -d rqlite"
  register: command
  failed_when: command.rc != 0
  when: "inventory_hostname == groups['netmaker_server'][0]"

- name: Waiting for rqlite to accept connections on 1st-node
  ansible.builtin.wait_for:
    host: "{{ inventory_hostname }}"
    port: 4001
    state: started
  when: "inventory_hostname == groups['netmaker_server'][0]"

- name: Start rqlite service for other nodes
  command: "docker-compose --project-directory /opt/netmaker_server/ up -d rqlite"
  register: command
  failed_when: command.rc != 0
  when: "inventory_hostname != groups['netmaker_server'][0]"

- name: Waiting for rqlite to accept connections on other nodes
  ansible.builtin.wait_for:
    host: "{{ inventory_hostname }}"
    port: 4001
    state: started
  when: "inventory_hostname != groups['netmaker_server'][0]"