---
- name: Converge
  hosts: all
  tasks:
  - include_tasks: prepare-common.yml

  # In some distros DS won't start up after reboot
  #   This is due to a problem in 389-ds. See tickets:
  #   * https://pagure.io/389-ds-base/issue/47429
  #   * https://pagure.io/389-ds-base/issue/51039
  #
  # To avoid this problem we create the directories before starting IPA.
  - name: Ensure lock dirs for DS exists
    ansible.builtin.file:
      state: directory
      owner: dirsrv
      group: dirsrv
      path: "{{ item }}"
      mode: 0770
    loop:
      - /var/lock/dirsrv/
      - /var/lock/dirsrv/slapd-TEST-LOCAL/

  - name: Ensure IPA server is up an running
    ansible.builtin.service:
      name: ipa
      state: started

  - name: Wait for krb5dkc to be running
    ansible.builtin.service_facts:
    no_log: True
    register: result
    until: "'krb5kdc.service' in result.ansible_facts.services and \
            result.ansible_facts.services['krb5kdc.service'].state == 'running'"
    retries: 30
    delay: 5

  - name: Check if TGT is available for admin.
    ansible.builtin.shell:
      cmd: echo SomeADMINpassword | kinit -c ansible_freeipa_cache admin
    register: result
    until: not result.failed
    retries: 30
    delay: 5

  - name: Cleanup TGT.
    ansible.builtin.shell:
      cmd: kdestroy -c ansible_freeipa_cache -A