---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Remove old key file(s) if found
  file:
    path: "{{ item }}"
    state: "absent"
  with_items:
    - "{{ repo_service_home_folder }}/.ssh/authorized_keys"
    - "{{ repo_service_home_folder }}/.ssh/id_rsa"
    - "{{ repo_service_home_folder }}/.ssh/id_rsa.pub"
  when: repo_recreate_keys | bool

- name: Generate the nginx system user ssh key
  user:
    name: "{{ repo_service_user_name }}"
    generate_ssh_key: "yes"

- name: Enable SSHD
  systemd:
    name: sshd
    state: started
    enabled: yes
    masked: no
    daemon_reload: yes

- name: Drop NGINX configuration files
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  with_items:
    - src: "nginx.conf.j2"
      dest: "/etc/nginx/nginx.conf"
    - src: "rsyncd.conf.j2"
      dest: "/etc/rsyncd.conf"
    - src: "openstack-slushee.vhost.j2"
      dest: "/etc/nginx/sites-available/openstack-slushee.vhost"
    - src: "nginx-pypi.conf.j2"
      dest: "/etc/nginx/conf.d/pypi.conf"
  notify:
    - reload nginx

- name: Enable openstack-slushee site
  file:
    src: "/etc/nginx/sites-available/openstack-slushee.vhost"
    dest: "/etc/nginx/sites-enabled/openstack-slushee.vhost"
    state: "link"
  notify:
    - reload nginx

- name: Place git daemon systemd init script
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: "0644"
    owner: "root"
    group: "root"
  with_items:
    - src: "git.service.j2"
      dest: "{{ systemd_utils_prefix }}/system/git@.service"
    - src: "git.socket.j2"
      dest: "{{ systemd_utils_prefix }}/system/git.socket"
  notify:
    - reload git socket

- name: Place the pypiserver systemd init script
  config_template:
    src: "pypiserver-systemd-init.j2"
    dest: "/etc/systemd/system/pypiserver.service"
    mode: "0644"
    owner: "root"
    group: "root"
    config_overrides: "{{ repo_pypiserver_init_overrides }}"
    config_type: "ini"
  notify:
    - reload pypiserver