---

- name: Create user
  user: name=rocketchat

- name: Enable https for apt
  apt: name=apt-transport-https

- name: Enable mongodb apt-key
  apt_key: url="https://www.mongodb.org/static/pgp/server-4.0.asc"

- name: Enable mongodb repository
  apt_repository: repo="deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.0 main"

# mongodb needs libcurl3 which is no longer available in buster
- name: Enable stretch repository
  apt_repository: repo="deb http://deb.debian.org/debian/ stretch main"

- name: Enable nodesource apt-key
  apt_key: url="https://deb.nodesource.com/gpgkey/nodesource.gpg.key"

- name: Enable nodesource repository
  apt_repository: repo="deb https://deb.nodesource.com/node_8.x/ {{ ansible_distribution_release }} main"

- name: Pin nodejs repository
  blockinfile:
    path: /etc/apt/preferences.d/nodejs
    create: yes
    block: |
      Package: *
      Pin: origin deb.nodesource.com
      Pin-Priority: 600

- name: Install packages
  apt: name={{ item }}
  with_items:
  - build-essential
  - dirmngr
  - graphicsmagick
  - libcurl3
  - mongodb-org
  - nodejs

# rocket.chat itself is not setup here - it is done manually

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ rocketchat_domain }}.key -out /etc/nginx/ssl/{{ rocketchat_domain }}.crt -days 730 -subj "/CN={{ rocketchat_domain }}" creates=/etc/nginx/ssl/{{ rocketchat_domain }}.crt
  notify: Restart nginx

- name: Configure certificate manager for rocketchat
  template: src=certs.j2 dest=/etc/acertmgr/{{ rocketchat_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/rocketchat
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/rocketchat dest=/etc/nginx/sites-enabled/rocketchat state=link
  notify: Restart nginx