---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Create the system group
  group:
    name: "{{ repo_service_group_name }}"
    state: "present"
    system: "yes"

- name: Create the nginx system user
  user:
    name: "{{ repo_service_user_name }}"
    group: "{{ repo_service_group_name }}"
    comment: "Nginx repo user"
    shell: "/bin/bash"
    system: "yes"
    createhome: "yes"
    home: "{{ repo_service_home_folder }}"

- name: Mount any remote volumes
  include_role:
    name: systemd_mount
  vars:
    systemd_mounts: "{{ repo_server_systemd_mounts }}"
  when: repo_server_systemd_mounts | length > 0

# NOTE(jrosser) ensure there is no race condition between mounting and using the filesystem
- name: Wait until mount will finish for {{ repo_service_home_folder }}
  command: mountpoint -q {{ repo_service_home_folder }}/repo
  changed_when: false
  register: _repo_folder_is_mounted
  retries: 5
  delay: 2
  until: _repo_folder_is_mounted.rc == 0
  when: repo_server_systemd_mounts | length > 0

- name: File and directory setup (non-root user)
  file:
    path: "{{ item.path }}"
    state: "{{ item.state | default('directory') }}"
    owner: "{{ repo_service_user_name }}"
    group: "{{ repo_service_group_name }}"
    mode: "{{ item.mode | default('02755') }}"
  with_items:
    - path: "{{ repo_service_home_folder }}"
    - path: "{{ repo_service_home_folder }}/.ssh"
      mode: "02700"
    - path: "{{ repo_service_home_folder }}/repo"
    - path: "{{ repo_service_home_folder }}/repo/links"
    - path: "{{ repo_service_home_folder }}/repo/os-releases"
    - path: "{{ repo_service_home_folder }}/repo/os-releases/{{ openstack_release }}"
    - path: "{{ repo_service_home_folder }}/repo/pools"
    - path: "{{ repo_service_home_folder }}/repo/venvs"
    - path: "{{ repo_service_home_folder }}/repo/constraints"
    - path: "/var/lib/nginx"
    - path: "/var/log/nginx"
      mode: "0775"

- name: File and directory setup (root user)
  file:
    path: "{{ item.path }}"
    state: "{{ item.state | default('directory') }}"
    owner: "root"
    group: "root"
    mode: "0755"
  with_items:
    - path: "/etc/nginx/conf.d"
    - path: "/etc/nginx/sites-available"
    - path: "/etc/nginx/sites-enabled"