---

- name: Create group
  group: name={{ pretalx_group }}

- name: Create user
  user: name={{ pretalx_user }} home=/home/{{ pretalx_user }} group={{ pretalx_group }}

- name: Create pretalx directories
  file: path={{ item }} state=directory owner={{ pretalx_user }} group={{ pretalx_group }}
  with_items:
  - /etc/pretalx
  - /opt/pretalx
  - /opt/pretalx/data
  - /opt/pretalx/data/media

- name: Install dependencies
  apt:
    name:
    - build-essential
    - gettext
    - libssl-dev
    - nodejs
    - npm
    - python3-setuptools
    - python3-dev
    - python3-pip
    - python3-venv

- name: Install PostgreSQL
  apt:
    name:
    - postgresql
    - python3-psycopg2

- name: Configure PostgreSQL user
  postgresql_user: name={{ pretalx_dbuser }} password={{ pretalx_dbpass }}
  become: true
  become_user: postgres

- name: Configure PostgreSQL database
  postgresql_db: name={{ pretalx_dbname }} owner={{ pretalx_dbuser }}
  become: true
  become_user: postgres

- name: Install redis
  apt: name=redis-server

- name: Install pretalx
  pip:
    name:
    - gunicorn
    - pretalx[postgres,redis]
    - psycopg2-binary
    virtualenv: /opt/pretalx/venv
    virtualenv_command: "python3 -m venv"
  become: true
  become_user: "{{ pretalx_user }}"
  register: pretalx_install

- name: Configure pretalx
  template:
    src: pretalx.cfg.j2
    dest: /etc/pretalx/pretalx.cfg
    owner: "{{ pretalx_user }}"
    group: "{{ pretalx_group }}"
  notify:
  - Restart pretalx-web
  - Restart pretalx-worker

- name: Run migration script
  command:
    cmd: "./venv/bin/python3 -m pretalx migrate"
    chdir: "/opt/pretalx"
  become: true
  become_user: "{{ pretalx_user }}"
  when: pretalx_install.changed

- name: Run rebuild script
  command:
    cmd: "./venv/bin/python3 -m pretalx rebuild"
    chdir: "/opt/pretalx"
  become: true
  become_user: "{{ pretalx_user }}"
  when: pretalx_install.changed

- name: Enable pretalx cronjob
  cron:
    user: "{{ pretalx_user }}"
    name: pretalx
    minute: "*/5"
    job: "export PATH=/opt/pretalx/venv/bin:$PATH && cd /opt/pretalx && python -m pretalx runperiodic"

- name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ pretalx_domain }}.key -out /etc/nginx/ssl/{{ pretalx_domain }}.crt -days 730 -subj "/CN={{ pretalx_domain }}" creates=/etc/nginx/ssl/{{ pretalx_domain }}.crt
  notify: Restart nginx

- name: Configure certificate manager for pretalx
  template: src=certs.j2 dest=/etc/acertmgr/{{ pretalx_domain }}.conf
  notify: Run acertmgr

- name: Configure vhost
  template: src=vhost.j2 dest=/etc/nginx/sites-available/pretalx
  notify: Restart nginx

- name: Enable vhost
  file: src=/etc/nginx/sites-available/pretalx dest=/etc/nginx/sites-enabled/pretalx state=link
  notify: Restart nginx

- name: Install systemd units
  template: src={{ item }}.service.j2 dest=/lib/systemd/system/{{ item }}.service
  with_items:
  - pretalx-web
  - pretalx-worker
  notify:
  - Reload systemd
  - Restart pretalx-web
  - Restart pretalx-worker

- name: Enable services
  service: name={{ item }} state=started enabled=yes
  with_items:
  - pretalx-web
  - pretalx-worker