- name: Set up lotus-land-story
  hosts: lotus-land-story
  vars_files:
    - vars.yml
  tasks:

    # https://wiki.debian.org/PostgreSql
    - name: Install postgres
      ansible.builtin.apt:
        pkg:
          - postgresql
          - postgresql-client
        state: present

    - name: Always mount the lotus-land-story volume
      ansible.builtin.lineinfile:
        dest: /etc/fstab
        line: "{{ linode_volume }} /mnt/lotus-land-story ext4 defaults,noatime,nofail 0 2"
        state: present
    - name: Make /mnt/lotus-land-story/postgresql
      ansible.builtin.file:
        path: /mnt/lotus-land-story/postgresql
        state: directory
        owner: postgres
        mode: "0700"
    - name: Set data directory to volume
      ansible.builtin.lineinfile:
        dest: "/etc/postgresql/13/main/postgresql.conf"
        regexp: '^#?data_directory ='
        line: "data_directory = '/mnt/lotus-land-story/postgresql'"
        state: present
      notify: Restart postgres

    - name: Install ansible requirements
      ansible.builtin.apt:
        pkg:
          - docker-compose
          - libpq-dev
          - python3-docker
          - python3-psycopg2
        state: present

    # https://docs.docker.com/engine/install/debian/#install-using-the-repository
    - name: Install docker
      block:
        - name: Install docker requirements
          ansible.builtin.apt:
            pkg:
              - ca-certificates
              - curl
              - gnupg
            state: present
        - name: Make /etc/apt/keyrings
          ansible.builtin.file:
            path: /etc/apt/keyrings
            state: directory
            mode: "0755"
        - name: Download Docker GPG key
          ansible.builtin.shell: |
            set -o pipefail
            curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
          args:
            creates: /etc/apt/keyrings/docker.gpg
        - name: Get architecture
          ansible.builtin.command: dpkg --print-architecture
          register: arch
          changed_when: arch.rc != 0
        - name: Set up docker repository
          ansible.builtin.template:
            src: templates/docker.list
            dest: /etc/apt/sources.list.d/docker.list
            mode: "0644"
        - name: Install docker
          ansible.builtin.apt:
            pkg:
              - docker-ce
              - docker-ce-cli
              - containerd.io
              - docker-buildx-plugin
              - docker-compose-plugin
            update_cache: true

    - name: Set up postgres
      become: true
      become_user: postgres
      block:

        - name: Get docker0 IP address
          ansible.builtin.shell: ip -4 -o addr show docker0 | awk '{print $4}' # noqa: risky-shell-pipe
          vars:
            executable: /usr/bin/bash
          register: docker_ip
          changed_when: docker_ip.rc != 0
        - name: Listen on docker0 interface
          ansible.builtin.lineinfile:
            dest: "/etc/postgresql/13/main/conf.d/listen.conf"
            regexp: '^#?listen_addresses='
            line: "listen_addresses='localhost,{{ docker_ip.stdout | ansible.utils.ipaddr('address') }}'"
            state: present
            create: true
            mode: "0644"
          notify: Restart postgres

    - name: Set up postgres for miniflux
      become: true
      become_user: postgres
      block:

        # https://miniflux.app/docs/installation.html#docker
        - name: Create a miniflux db
          community.postgresql.postgresql_db:
            name: miniflux
          notify: Restart postgres
        - name: Create a miniflux db user
          community.postgresql.postgresql_user:
            db: miniflux
            name: miniflux
            password: "{{ miniflux_db_password }}"
          notify: Restart postgres
        - name: Grant miniflux access
          community.postgresql.postgresql_pg_hba:
            dest: /etc/postgresql/13/main/pg_hba.conf
            contype: host
            users: miniflux
            source: samenet
            databases: miniflux
            create: true
          notify: Restart postgres
        - name: Install hstore
          community.postgresql.postgresql_ext:
            name: hstore
            db: miniflux
          notify: Restart postgres

    - name: Run miniflux
      community.docker.docker_compose:
        project_name: miniflux
        definition:
          version: "3.3"
          services:
            miniflux:
              image: miniflux/miniflux:latest
              ports:
                - "8080:8080"
              environment:
                - DATABASE_URL=postgres://miniflux:{{ miniflux_db_password }}@host.docker.internal/miniflux
                - RUN_MIGRATIONS=1
                - CREATE_ADMIN=1
                - ADMIN_USERNAME=alpha
                - ADMIN_PASSWORD={{ miniflux_password }}
                - BASE_URL=https://rss.{{ domain }}
              extra_hosts:
                - "host.docker.internal:host-gateway"

    - name: Make /mnt/lotus-land-story/caddy
      ansible.builtin.file:
        path: /mnt/lotus-land-story/{{ item }}
        state: directory
        mode: "0755"
      loop:
        - caddy
        - caddy/data
        - caddy/config
    - name: Set up Caddyfile
      ansible.builtin.template:
        src: templates/Caddyfile
        dest: /mnt/lotus-land-story/caddy/Caddyfile
        mode: "0644"
    - name: Run caddy
      community.docker.docker_compose:
        project_name: caddy
        definition:
          version: "3.3"
          services:
            caddy:
              image: caddy:2
              container_name: caddy
              ports:
                - "80:80"
                - "443:443"
              volumes:
                - /mnt/lotus-land-story/caddy/Caddyfile:/etc/caddy/Caddyfile
                - /mnt/lotus-land-story/caddy/data:/data
                - /mnt/lotus-land-story/caddy/config:/config
              extra_hosts:
                - "host.docker.internal:host-gateway"

  handlers:
    - name: Restart postgres
      ansible.builtin.service:
        name: postgresql
        state: restarted

# vim: ft=yaml.ansible