---
# IPA depends on IPv6 and without it dirsrv service won't start.
- name: Ensure IPv6 is ENABLED
  ansible.posix.sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
    sysctl_set: yes
    state: present
    reload: yes
  with_items:
    - name: net.ipv6.conf.all.disable_ipv6
      value: 0
    - name: net.ipv6.conf.lo.disable_ipv6
      value: 0
    - name: net.ipv6.conf.eth0.disable_ipv6
      value: 1

# Set fs.protected_regular to 0
#   This is needed in some IPA versions in order to get KRA enabled.
#   See https://pagure.io/freeipa/issue/7906 for more information.
- name: stat protected_regular
  ansible.builtin.stat:
    path: /proc/sys/fs/protected_regular
  register: result

- name: Ensure fs.protected_regular is disabled
  ansible.posix.sysctl:
    name: fs.protected_regular
    value: 0
    sysctl_set: yes
    state: present
    reload: yes
  when: result.stat.exists