---

- name: Install packages
  apt:
    name:
    - docker.io
    - docker-compose

- name: Create tileserver group
  group: name=tileserver

- name: Create tileserver user
  user:
    name: tileserver
    home: /opt/tileserver
    shell: /bin/bash
    group: tileserver
    groups: docker

- name: Configure tileserver container
  template: src=docker-compose.yml.j2 dest=/opt/tileserver/docker-compose.yml
  notify: Restart tileserver

- name: Create style directory
  file:
    path: /opt/tileserver/data/styles
    recurse: yes
    state: directory

- name: Configre tileserver
  copy:
    src: "{{ item }}"
    dest: /opt/tileserver/data/{{ item }}
  with_items:
  - config.json
  - styles/day.json
  - styles/night.json
  notify: Restart tileserver

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ tileserver_domain }}.key -out /etc/nginx/ssl/{{ tileserver_domain }}.crt -days 730 -subj "/CN={{ tileserver_domain }}" creates=/etc/nginx/ssl/{{ tileserver_domain }}.crt
  notify: Restart nginx

- name: Configure certificate manager for tileserver
  template: src=certs.j2 dest=/etc/acertmgr/{{ tileserver_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/tileserver
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/tileserver dest=/etc/nginx/sites-enabled/tileserver state=link
  notify: Restart nginx


- name: Systemd unit for tileserver
  template: src=tileserver.service.j2 dest=/etc/systemd/system/tileserver.service
  notify:
  - Reload systemd
  - Restart tileserver

- name: Start the tileserver service
  service: name=tileserver state=started enabled=yes