---
- include_vars: "{{ ansible_os_family }}.yml"

- name: install keystone packages
  action: "{{ ansible_pkg_mgr }} name=keystone state=present force=yes"

- name: generate keystone service list
  shell: echo {{ item }} >> /opt/service
  with_items: services

- name: update keystone conf
  template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes

- name: delete sqlite database
  shell: rm /var/lib/keystone/keystone.db || echo sqllite database already removed

- name: cron job to purge expired tokens hourly
  shell: (crontab -l -u keystone 2>&1 | grep -q token_flush) || echo '@hourly /usr/bin/keystone-manage token_flush > /var/log/keystone/keystone-tokenflush.log 2>&1' >> /var/spool/cron/crontabs/keystone

- name: modify keystone cron rights
  file: path=/var/spool/cron/crontabs/keystone mode=0600

- name: keystone source files
  template: src={{ item }} dest=/opt/{{ item }}
  with_items:
    - admin-openrc.sh
    - demo-openrc.sh

- name: manually start keystone
  service: name=keystone state=restarted enabled=yes