iiab/roles/network/tasks/enable_services.yml

- name: Install /etc/dnsmasq.d/iiab.conf from template, when dnsmasq_enabled and isn't Appliance
  template:
    src: network/dnsmasq.conf.j2
    dest: /etc/dnsmasq.d/iiab.conf
  when: iiab_network_mode != "Appliance"

- name: Install /etc/hosts.dnsmasq from template for /etc/dnsmasq.d/iiab.conf (instead of using /etc/hosts)
  template:
    src: network/hosts-dnsmasq.j2
    dest: /etc/hosts.dnsmasq
  when: iiab_network_mode != "Appliance"

- name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting
  template:
    src: network/dnsmasq-iiab
    dest: /etc/dnsmasq.d/dnsmasq-iiab

## Another way to skin the cat
##- name: Check if systemd service networkd-dispatcher is enabled
##  systemd:
##    name: networkd-dispatcher
##    state: reloaded
##  register: systemd_out
##
## Yet Another
## command: systemctl show networkd-dispatcher | grep ^UnitFileState=
## would yield "UnitFileState=enabled"
##
#- name: Check if systemd service networkd-dispatcher is enabled
#  command: systemctl is-enabled networkd-dispatcher
#  register: nd_enabled
#  ignore_errors: True

- name: Check if /etc/networkd-dispatcher/routable.d exists
  stat:
    path: /etc/networkd-dispatcher/routable.d
  register: nd_dir

- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04 or later) (root:root by default)
  template:
    src: roles/network/templates/network/dnsmasq.sh.j2
    dest: /etc/networkd-dispatcher/routable.d/dnsmasq.sh
    mode: 0755
  when: nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance")

- name: Remove /etc/dnsmasq.d/iiab.conf, when not dnsmasq_enabled or is Appliance
  file:
    path: /etc/dnsmasq.d/iiab.conf
    state: absent
  when: not dnsmasq_enabled or iiab_network_mode == "Appliance"

- name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled
  systemd:
    name: iiab-dnsmasq
    enabled: yes
  when: dnsmasq_enabled

- name: Disable iiab-dnsmasq, if not dnsmasq_enabled
  systemd:
    name: iiab-dnsmasq
    enabled: no
  when: not dnsmasq_enabled


- name: Mandate 'HTTPCACHE_ON=True' in {{ iiab_env_file }} - if squid_install [{{ squid_install }}] and squid_enabled [{{ squid_enabled }}]
  lineinfile:
    path: "{{ iiab_env_file }}"
    regexp: '^HTTPCACHE_ON=*'
    line: 'HTTPCACHE_ON=True'
  when: squid_installed is defined and squid_enabled

- name: Enable systemd service '{{ proxy }}' - if squid_install and squid_enabled
  systemd:
    name: "{{ proxy }}"    # squid (or 'squid3' on vars/debian-8.yml, vars/raspbian-8.yml)
    enabled: yes
  when: squid_installed is defined and squid_enabled

- name: Install /etc/{{ proxy }}/squid.conf from template (root:root, 0644 by default) - and create a timestamped backup of the original - if squid_install and squid_enabled
  template:
    src: squid/squid.conf.j2
    dest: /etc/{{ proxy }}/squid.conf
    # owner: "{{ proxy_user }}"    # proxy (or 'squid' on vars/centos-7.yml, vars/fedora-18.yml, vars/fedora-12.yml)
    # group: "{{ proxy_user }}"
    backup: yes
  when: squid_installed is defined and squid_enabled

# - name: Point /etc/init.d/{{ proxy }} to /etc/{{ proxy }}/squid-iiab.conf - if squid_install and squid_enabled
#   lineinfile:
#     regexp: '^CONFIG'
#     line: "CONFIG=/etc/{{ proxy }}/squid-iiab.conf"
#     path: "/etc/init.d/{{ proxy }}"
#   when: squid_install and squid_enabled

- name: Disable systemd service '{{ proxy }}' - if (squid_install or squid_installed [{{ squid_installed }}] is defined) and not squid_enabled
  systemd:
    name: "{{ proxy }}"
    enabled: no
  when: squid_installed is defined and not squid_enabled

- name: Revert {{ iiab_env_file }} to 'HTTPCACHE_ON=False' - if squid_install and not squid_enabled
  lineinfile:
    path: "{{ iiab_env_file }}"
    regexp: '^HTTPCACHE_ON=*'
    line: 'HTTPCACHE_ON=False'
  when: squid_installed is defined and not squid_enabled


# check-LAN should be iptables.yml remove later
- name: Install clean copy of /usr/bin/iiab-gen-iptables from template (root:root by default)
  template:
    src: gateway/iiab-gen-iptables
    dest: /usr/bin/iiab-gen-iptables
    mode: 0755


- name: Add 'squid' variable values to {{ iiab_ini_file }} - if squid_installed is defined
  ini_file:
    path: "{{ iiab_ini_file }}"    # /etc/iiab/iiab.ini
    section: squid
    option: "{{ item.option }}"
    value: "{{ item.value | string }}"
  with_items:
    - option: squid_install
      value: "{{ squid_install }}"
    - option: squid_enabled
      value: "{{ squid_enabled }}"
  when: squid_installed is defined