---

- name: Install dependencies
  apt: name={{ item }}
  with_items:
  - mysql-server
  - php7.0-fpm
  - php7.0-gd
  - php7.0-ldap
  - php7.0-mbstring
  - php7.0-mysql
  - php7.0-snmp
  - python-mysqldb

- name: Configure MySQL database
  mysql_db: name={{ racktables_dbname }}

- name: Configure MySQL user
  mysql_user: name={{ racktables_dbuser }} password={{ racktables_dbpass }} priv={{ racktables_dbname }}.*:ALL state=present

- name: Unpack RackTables
  unarchive: src=http://heanet.dl.sourceforge.net/project/racktables/RackTables-0.20.11.tar.gz dest=/opt creates=/opt/RackTables-0.20.11/README remote_src=yes

- name: Create link
  file: src=/opt/RackTables-0.20.11 dest=/opt/racktables state=link

- name: Configure RackTables
  template: src=secret.php.j2 dest=/opt/racktables/wwwroot/inc/secret.php owner=www-data group=www-data mode=0400

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ racktables_domain }}.key -out /etc/nginx/ssl/{{ racktables_domain }}.crt -days 730 -subj "/CN={{ racktables_domain }}" creates=/etc/nginx/ssl/{{ racktables_domain }}.crt
  notify: Restart nginx

- name: Request nsupdate key for certificate
  include_role: name=acme-dnskey-generate
  vars:
    acme_dnskey_san_domains:
    - "{{ racktables_domain }}"

- name: Configure certificate manager for racktables
  template: src=certs.j2 dest=/etc/acertmgr/{{ racktables_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/racktables
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/racktables dest=/etc/nginx/sites-enabled/racktables state=link
  notify: Restart nginx

- name: Start php7.0-fpm
  service: name=php7.0-fpm state=started enabled=yes