- name: gather facts
  setup:
    gather_subset:
      - min


- name: fail if this is not debian
  fail:
    msg: "this role only supports debian hosts"
  when: ansible_distribution != 'Debian'


- name: set seaf_cfg
  set_fact:
    seaf_cfg: "{{ seaf_default_config | d({}) | combine(seaf_config | d({}), recursive=true) }}"


- name: install mariadb
  include_role:
    name: mariadb
  vars:
    function: install
    mariadb_config:
      old_passwords: 0
      ssl_ca:
      ssl_cert:
      ssl_key:
      tls_version:
    mariadb_enable_tls: no


- name: add mariadb users
  include_role:
    name: mariadb
  vars:
    function: add_user
    mariadb_server: "{{ inventory_hostname }}"
    user:
      name: "{{ seaf_db_user }}"
      password: "{{ seaf_db_password }}"
      privs:
        - key: "{{ seaf_db_ccnet }}.*"
          value: ALL
        - key: "{{ seaf_db_seafile }}.*"
          value: ALL
        - key: "{{ seaf_db_seahub }}.*"
          value: ALL


- name: add mariadb databases
  include_role:
    name: mariadb
  vars:
    function: add_db
    mariadb_server: "{{ inventory_hostname }}"
    database:
      name: "{{ item }}"
      encoding: utf8
  loop:
    - "{{ seaf_db_ccnet }}"
    - "{{ seaf_db_seafile }}"
    - "{{ seaf_db_seahub }}"


- name: install dependencies
  include_tasks: tasks/install_packages.yml
  vars:
    package:
      - python3
      - python3-setuptools
      - python3-pip
      - libmariadb-dev
      - memcached
      - libmemcached-dev
      - libffi-dev


- name: install pip dependencies
  pip:
    name:
      - django==3.2.*
      - Pillow
      - pylibmc
      - captcha
      - jinja2
      - sqlalchemy==1.4.3
      - django-pylibmc
      - django-simple-captcha
      - python3-ldap
      - mysqlclient
      - pycryptodome==3.12.0
      - cffi==1.14.0


- name: create user and group
  include_tasks: tasks/create_user.yml
  vars:
    user:
      name: "{{ seaf_user }}"
      group: "{{ seaf_group }}"
      dir: "{{ seaf_dir }}"
      shell: /bin/bash


- name: download and extract seafile distro
  unarchive:
    src: "https://s3.eu-central-1.amazonaws.com/download.seadrive.org/seafile-server_{{ seaf_version }}_x86-64.tar.gz"
    dest: "{{ seaf_dir }}"
    remote_src: yes
    owner: "{{ seaf_user }}"
    group: "{{ seaf_group }}"
    creates: "{{ seaf_dir }}/seafile-server-{{ seaf_version }}"


- name: set seafile setup script parameters
  set_fact:
    seaf_script_params: "{{ [(('--server-name ' ~ (seaf_server_name | quote)) if (seaf_server_name is defined) else ''),
                               '--server-ip ' ~ (host_fqdn | quote),
                               '--use-existing-db 1',
                               '--mysql-user ' ~ seaf_db_user,
                               '--mysql-user-passwd ' ~ seaf_db_password
                            ] | select() | list | join(' ') }}"


- name: run seafile setup script
  shell:
    cmd: "./setup-seafile-mysql.sh auto {{ seaf_script_params }}"
    chdir: "{{ seaf_dir }}/seafile-server-{{ seaf_version }}"
    creates: "{{ seaf_dir }}/seafile-server-latest"
  become: yes
  become_method: su
  become_flags: '-s /bin/bash'
  become_user: "{{ seaf_user }}"
  register: result


- name: template configs
  template:
    src: "{{ item.src }}.j2"
    dest: "{{ seaf_dir }}/conf/{{ item.dest }}"
    force: yes
    mode: "{{ item.mode | d(omit) }}"
    owner: "{{ seaf_user }}"
    group: "{{ seaf_group }}"
  loop:
    - { src: 'ccnet', dest: 'ccnet.conf' }
    - { src: 'seafile', dest: 'seafile.conf' }
    - { src: 'seahub_settings', dest: 'seahub_settings.py', mode: '0700' }
  notify:
    - restart seafile
    - restart seahub


- name: template cleanup script
  template:
    src: cleanup.j2
    dest: "{{ seaf_dir }}/cleanup_script.sh"
    force: yes
    mode: "+x"
    owner: "{{ seaf_user }}"
    group: "{{ seaf_group }}"


- name: create cron entry for cleanup script
  cron:
    name: seafile-cleanup
    minute: "{{ seaf_cleanup.minute | d(0) }}"
    hour: "{{ seaf_cleanup.hour | d(2) }}"
    weekday: "{{ seaf_cleanup.weekday | d(0) }}"
    job: "{{ seaf_dir }}/cleanup_script.sh"


- name: template systemd init files
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/systemd/system/{{ item.dest }}.service"
    force: yes
  loop:
    - { src: 'seafile_service', dest: 'seafile' }
    - { src: 'seahub_service', dest: 'seahub' }
  notify: reload systemd daemons


- name: install and configure memcached
  include_role:
    name: memcached


- name: install and configure collabora online
  include_role:
    name: officeonline


- name: install and configure logrotate
  include_role:
    name: logrotate
  vars:
    logrotate_services:
      - name: seafile
        template: logrotate_seafile


- name: install and configure nginx
  include_role:
    name: nginx
  vars:
    nginx:
      servers:
        - conf: nginx_server
      certs: "{{ host_tls }}"
      security_headers: no
      conf:
        http:
          disable_symlinks: no
          ssl_conf_command: []


- name: flush handlers
  meta: flush_handlers


- name: add directories to backup plan
  include_role:
    name: backup
  vars:
    function: add
    backup_items:
      - "{{ seaf_dir }}/ccnet"
      - "{{ seaf_dir }}/conf"
      - "{{ seaf_dir }}/seafile-server-latest"
      - "{{ seaf_dir }}/cleanup_script.sh"


- name: enable and start services
  systemd:
    daemon_reload: yes
    enabled: yes
    name: "{{ item }}"
    state: started
  loop:
    - seafile
    - seahub