---
# Probably want to split this out into a proper certificate management role for Toal.ca
- name: Request TLS Certificate from LetsEncrypt
  hosts: rhv.mgmt.toal.ca
  connection: local
  gather_facts: false
  # This doesn't belong here
  vars:
    acme_email: ptoal@takeflight.ca
    challenge: dns-01
    dns_provider: dme
    domains:
      - rhv.mgmt.toal.ca

  pre_tasks:
    - name: Ensure Let's Encrypt Account Exists
      acme_account:
          state: present
          terms_agreed: true
          allow_creation: true
          contact:  
            - mailto:ptoal@takeflight.ca 
          account_key_content: "{{ acme_key }}"
          acme_version: 2
  roles:
    - acme-certificate

    
# - name: Install custom CA Certificate in RHV-M
#   hosts: rhv.lab.toal.ca
  
#   tasks:
#     - name: Download LetsEncrypt Root/Intermediate Certificates
      


- name: Create RHV/ovirt VLANs
  hosts: rhv.mgmt.toal.ca
  connection: local
  vars:
    # Hack to work around virtualenv python interpreter
    ansible_python_interpreter: "{{ ansible_playbook_python }}"
  tasks:
    - ovirt_network:
        auth: "{{ ovirt_auth }}"
        fetch_nested: true
        data_center: "{{ item.data_center }}"
        name: "{{ item.name }}"
        vlan_tag: "{{ item.vlan_tag|default(omit) }}"
        vm_network: "{{ item.vm_network }}"
        mtu: "{{ item.mtu }}"
        description: "{{ item.description }}"
      loop: "{{ ovirt_networks }}"
      register: networkinfo

    - debug: msg="{{networkinfo}}"