---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Install EPEL gpg keys
  rpm_key:
    key: "http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7"
    state: present
  when:
    - ansible_pkg_mgr in ['yum', 'dnf']
  register: _add_yum_keys
  until: _add_yum_keys is success
  retries: 5
  delay: 2

- name: Install the EPEL repository
  yum_repository:
    name: epel-repo_server
    baseurl: "{{ (centos_epel_mirror | default ('http://download.fedoraproject.org/pub/epel')) ~ '/' ~ ansible_distribution_major_version ~ '/' ~ ansible_architecture }}"
    description: 'Extra Packages for Enterprise Linux 7 - $basearch'
    gpgcheck: yes
    enabled: yes
    state: present
    includepkgs: 'lsyncd'
  when:
    - ansible_pkg_mgr in ['yum', 'dnf']
  register: install_epel_repo
  until: install_epel_repo is success
  retries: 5
  delay: 2

- name: Add NGINX repository
  yum_repository:
    name: nginx
    description: 'nginx repo'
    baseurl: "{{ repo_nginx_repo }}"
    gpgkey: "{{ repo_nginx_gpg_key }}"
  when:
    - ansible_pkg_mgr in ['yum', 'dnf']
  register: add_nginx_repo
  until: add_nginx_repo is success
  retries: 5
  delay: 2

- name: Install distro packages
  package:
    name: "{{ repo_server_distro_packages }}"
    state: "{{ repo_server_package_state }}"
    update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
    cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
  register: install_packages
  until: install_packages is success
  retries: 5
  delay: 5

# This is so that the master repo server can perform pre and post rsync tasks
# which may include stopping nginx on the slaves while data is syncing.
- name: Allow nginx user to stop/start nginx via sudo
  copy:
    content: "nginx ALL=NOPASSWD: {{ repo_service_home_folder }}/repo/repo_prepost_cmd.sh\n"
    dest: /etc/sudoers.d/nginx

- name: Drop rsyncd configuration file(s)
  copy:
    src: "rsync.defaults"
    dest: "/etc/default/rsync"
  notify:
    - reload rsyncd

# TODO(odyssey4me):
# The following two tasks only applies to Pike->Queens upgrades,
# so they can be removed in Rocky. See:
# https://bugs.launchpad.net/openstack-ansible/+bug/1746935
- name: List the current virtualenv_support folders in dist/site-packages
  find:
    file_type: any
    patterns: "virtualenv_support"
    paths:
      - "/usr/local/lib/python2.7/dist-packages"
      - "/usr/local/lib/python2.7/site-packages"
  register: _virtualenv_support

- name: Create the virtualenv (if it does not exist)
  command: "virtualenv --never-download --no-site-packages {{ repo_pypiserver_bin | dirname }}"
  args:
    creates: "{{ repo_pypiserver_bin }}/activate"

# Note(odyssey4me):
# To cater for a situation where the pip packages are changing, but the repo
# does not yet have the package built, we need to ensure that this task can
# fetch from pypi. To do this we try the local repo first, then fall back to
# using pypi.
- name: Try installing from the repo first, then fall back to using pypi
  block:
    - name: Install pip packages (from repo)
      pip:
        name: "{{ repo_pypiserver_pip_packages }}"
        state: "{{ repo_server_pip_package_state }}"
        virtualenv: "{{ repo_pypiserver_bin | dirname }}"
        virtualenv_site_packages: "no"
        extra_args: >-
          {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
          {{ pip_install_options | default('') }}
      register: install_packages
      until: install_packages is success
      retries: 5
      delay: 2
      notify:
        - reload pypiserver
  rescue:
    - name: Install pip packages (from pypi mirror)
      pip:
        name: "{{ repo_pypiserver_pip_packages }}"
        state: "{{ repo_server_pip_package_state }}"
        virtualenv: "{{ repo_pypiserver_bin | dirname }}"
        virtualenv_site_packages: "no"
        extra_args: >-
          --index-url {{ repo_build_pip_default_index | default('https://pypi.python.org/simple') }}
          --trusted-host {{ (repo_build_pip_default_index | default('https://pypi.python.org/simple')) | netloc_no_port }}
          {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
          {{ pip_install_options | default('') }}
      register: install_packages
      until: install_packages is success
      retries: 5
      delay: 2
      notify:
        - reload pypiserver