---

- name: Create group
  group: name={{ pretix_group }}

- name: Create user
  user: name={{ pretix_user }} home=/home/{{ pretix_user }} group={{ pretix_group }}

- name: Create pretix directories
  file: path={{ item }} state=directory owner={{ pretix_user }} group={{ pretix_group }}
  with_items:
  - /etc/pretix
  - /opt/pretix
  - /opt/pretix/data
  - /opt/pretix/data/media

- name: Install dependencies
  apt:
    name:
    - build-essential
    - gettext
    - libffi-dev
    - libpq-dev
    - libssl-dev
    - libxml2-dev
    - libxslt1-dev
    - nodejs
    - python3-setuptools
    - python3-dev
    - python3-pip
    - python3-venv
    - zlib1g-dev

- name: Install PostgreSQL
  apt:
    name:
    - postgresql
    - python3-psycopg2

- name: Configure PostgreSQL user
  postgresql_user: name={{ pretix_dbuser }} password={{ pretix_dbpass }}
  become: true
  become_user: postgres

- name: Configure PostgreSQL database
  postgresql_db: name={{ pretix_dbname }} owner={{ pretix_dbuser }}
  become: true
  become_user: postgres

- name: Install redis
  apt: name=redis-server

- name: Install pretix
  pip:
    name:
    - gunicorn
    - pretix
    virtualenv: /opt/pretix/venv
    virtualenv_command: "python3 -m venv"
  become: true
  become_user: "{{ pretix_user }}"
  register: pretix_install

- name: Configure pretix
  template:
    src: pretix.cfg.j2
    dest: /etc/pretix/pretix.cfg
    owner: "{{ pretix_user }}"
    group: "{{ pretix_group }}"
  notify:
  - Restart pretix-web
  - Restart pretix-worker

- name: Run migration script
  command:
    cmd: "./venv/bin/python3 -m pretix migrate"
    chdir: "/opt/pretix"
  become: true
  become_user: "{{ pretix_user }}"
  when: pretix_install.changed

- name: Run rebuild script
  command:
    cmd: "./venv/bin/python3 -m pretix rebuild"
    chdir: "/opt/pretix"
  become: true
  become_user: "{{ pretix_user }}"
  when: pretix_install.changed

- name: Enable pretix cronjob
  cron:
    user: "{{ pretix_user }}"
    name: pretix
    minute: "*/5"
    job: "export PATH=/opt/pretix/venv/bin:$PATH && cd /opt/pretix && python -m pretix runperiodic"

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ pretix_domain }}.key -out /etc/nginx/ssl/{{ pretix_domain }}.crt -days 730 -subj "/CN={{ pretix_domain }}" creates=/etc/nginx/ssl/{{ pretix_domain }}.crt
  notify: Restart nginx

- name: Configure certificate manager for pretix
  template: src=certs.j2 dest=/etc/acertmgr/{{ pretix_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/pretix
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/pretix dest=/etc/nginx/sites-enabled/pretix state=link
  notify: Restart nginx

- name: Install systemd units
  template: src={{ item }}.service.j2 dest=/lib/systemd/system/{{ item }}.service
  with_items:
  - pretix-web
  - pretix-worker
  notify:
  - Reload systemd
  - Restart pretix-web
  - Restart pretix-worker

- name: Enable services
  service: name={{ item }} state=started enabled=yes
  with_items:
  - pretix-web
  - pretix-worker