---

- name: Create group
  group: name={{ netbox_group }}

- name: Create user
  user: name={{ netbox_user }} home=/home/{{ netbox_user }} group={{ netbox_group }}

- name: Install dependencies
  apt:
    name:
    - build-essential
    - libffi-dev
    - libpq-dev
    - libssl-dev
    - libxml2-dev
    - libxslt1-dev
    - python-setuptools
    - python3-dev
    - python3-pip
    - python3-venv
    - zlib1g-dev

- name: Install PostgreSQL
  apt:
    name:
    - postgresql
    - python-psycopg2

- name: Configure PostgreSQL database
  postgresql_db: name={{ netbox_dbname }}
  become: true
  become_user: postgres

- name: Configure PostgreSQL user
  postgresql_user: db={{ netbox_dbname }} name={{ netbox_dbuser }} password={{ netbox_dbpass }} priv=ALL state=present
  become: true
  become_user: postgres

- name: Install redis
  apt: name=redis-server

# TODO configure redis?

- name: Unpack netbox
  unarchive: src=https://github.com/netbox-community/netbox/archive/v{{ netbox_version }}.tar.gz dest=/opt remote_src=yes creates=/opt/netbox-{{ netbox_version }}
  # TODO user/group/chown?

- name: Configure netbox
  template: src=configuration.py.j2 dest=/opt/netbox-{{ netbox_version }}/netbox/netbox/configuration.py owner={{ netbox_user }} group={{ netbox_group }}

- name: Install venv
  pip: requirements=/opt/netbox-{{ netbox_version }}/requirements.txt virtualenv=/opt/netbox-{{ netbox_version }}/venv virtualenv_command="/usr/bin/python3 -m venv"

# TODO - still manual work
# * Run Database Migrations
# * Create a Super User
# * Collect Static Files
# * Gunicorn Configuration
# * systemd Configuration

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ netbox_domain }}.key -out /etc/nginx/ssl/{{ netbox_domain }}.crt -days 730 -subj "/CN={{ netbox_domain }}" creates=/etc/nginx/ssl/{{ netbox_domain }}.crt
  notify: Restart nginx

#- name: Configure certificate manager for netbox
#  template: src=certs.j2 dest=/etc/acertmgr/{{ netbox_domain }}.conf
#  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/netbox
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/netbox dest=/etc/nginx/sites-enabled/netbox state=link
  notify: Restart nginx