- name: deploy network & daemons
  hosts: "{{target}}"
  gather_facts: no
  become: "{{become_var}}"
  tasks:

  - name: rc.inet1 rc.inet2
    template:
      src: "{{item}}"
      dest: /etc/rc.d/
      mode: "0755"
    notify: reboot node warning
    with_items:
      - rc.inet1
      - rc.inet2

  # the normal shit

  - name: enable NAT
    template:
      src: nftables.conf
      dest: /etc/nftables.conf
      mode: "0644"
    notify: reload nftables
    when: martinez is not defined

  # the martinez shit

  - name: define nodes
    set_fact:
      nodes: "{{ groups[cluster] }}"
    run_once: true
    when: martinez is defined

  - name: define node_ids
    set_fact:
      node_ids: "{{ range(1, nodes | length + 1) | list }}"
    run_once: true
    when: martinez is defined

  - name: nftables.conf
    template:
      src: nftables.martinez.conf
      dest: /etc/nftables.conf
    notify: reload nftables
    when: martinez is defined

  handlers:

  - name: reboot node warning
    debug:
      msg: "===== EVENTUALLY REBOOT NODE {{inventory_hostname_short}} ====="

  # we are flushing the rules anyhow
  # todo - check if we can revert that and avoid flushing rules - maybe that was for testing
  - name: reload nftables
    command: nft -f /etc/nftables.conf