---

- name: Create user
  user: name=drone

# TODO install drone to /opt/drone/bin
# currently it is manually compiled

- name: Configure drone
  template: src=drone.j2 dest=/etc/default/drone
  notify: Restart drone

- name: Install PostgreSQL
  apt:
    name:
    - postgresql
    - python3-psycopg2

- name: Configure PostgreSQL database
  postgresql_db: name={{ drone_dbname }}
  become: true
  become_user: postgres

- name: Configure PostgreSQL user
  postgresql_user: db={{ drone_dbname }} name={{ drone_dbuser }} password={{ drone_dbpass }} priv=ALL state=present
  become: true
  become_user: postgres

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ drone_domain }}.key -out /etc/nginx/ssl/{{ drone_domain }}.crt -days 730 -subj "/CN={{ drone_domain }}" creates=/etc/nginx/ssl/{{ drone_domain }}.crt
  notify: Restart nginx

- name: Configure certificate manager for drone
  template: src=certs.j2 dest=/etc/acertmgr/{{ drone_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/drone
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/drone dest=/etc/nginx/sites-enabled/drone state=link
  notify: Restart nginx

- name: Install systemd unit
  copy: src=drone.service dest=/lib/systemd/system/drone.service
  notify:
  - Reload systemd
  - Restart drone

- name: Enable drone
  service: name=drone enabled=yes