- name: "check radicle_node_version"
  shell: |
    [ "{{ radicle_node_version }}" = "1" ] || \
      (echo "Unexpected version {{ radicle_node_version }}" 1>&2; exit 1)

- name: "check that radicle_node_key is set"
  shell: |
    echo radicle_node_key Ansible variable is not set
    exit 1
  when: radicle_node_key is not defined

- name: "check that radicle_node_key_pub is set"
  shell: |
    echo radicle_node_key_pub Ansible variable is not set
    exit 1
  when: radicle_node_key_pub is not defined

- name: "install important additional packages for Radicle"
  apt:
    name:
      # For the Radicle installer
      - curl

      # Radicle is built on git.
      - git

      # Rsync for backups.
      - rsync

      # Web server for the web UI.
      - caddy

      # Radicle components.
      - radicle
      - radicle-ci-broker
      - radicle-native-ci

- name: "stop Radicle node if it's running"
  shell: |
    systemctl stop radicle-node || true

- name: "stop Radicle CI broker if it's running"
  shell: |
    systemctl stop radicle-ci-broker || true

- name: "configure git for _rad user"
  shell: |
    sudo -u _rad git config --global user.name "_rad"
    sudo -u _rad git config --global user.email "liw@liw.fi"

- name: "create directory for Radicle for the _rad user"
  file:
    state: directory
    path: /home/_rad/.radicle
    owner: _rad
    group: _rad
    mode: 0755

- name: "create directory for web pages"
  file:
    state: directory
    path: /srv/http
    owner: _rad
    group: _rad
    mode: 0755

- name: "create directory for Radicle backup"
  when: radicle_node_backup is defined
  file:
    state: directory
    path: radicle-backup
    owner: root
    group: root
    mode: 0755

- name: "restore from backup (step 1 or 2)"
  when: radicle_node_backup is defined
  synchronize:
    src: "{{ radicle_node_backup }}/."
    dest: radicle-backup/.
    group: no
    owner: no

- name: "restore from backup (step 2 or 2)"
  when: radicle_node_backup is defined
  shell: |
    find radicle-backup -name control.sock -delete
    rsync -a --del radicle-backup/home/_rad/.radicle/. /home/_rad/.radicle/.
    rsync -a --del radicle-backup/srv/http/. /srv/http/.
    chown -R _rad:_rad /home/_rad/.radicle/. /srv/http/.

- name: "create directory for Radicle keys"
  file:
    state: directory
    path: /home/_rad/.radicle/keys
    owner: _rad
    group: _rad
    mode: 0755

- name: "install Radicle private key"
  copy:
    content: "{{ radicle_node_key }}"
    dest: /home/_rad/.radicle/keys/radicle
    owner: _rad
    group: _rad
    mode: 0600

- name: "install Radicle public key"
  copy:
    content: "{{ radicle_node_key_pub }}"
    dest: /home/_rad/.radicle/keys/radicle.pub
    owner: _rad
    group: _rad
    mode: 0644

- name: "install systemd unit for Radicle node"
  template:
    src: radicle-node.service.j2
    dest: /lib/systemd/system/radicle-node.service

- name: "init Radicle node config"
  shell: |
    if [ ! -e /home/_rad/.radicle/config.json ]; then
        sudo -u _rad -i rad config init --alias "{{ radicle_node_domain_name }}"
    fi

- name: "(re)start systemd unit for Radicle node"
  systemd:
    name: radicle-node
    state: restarted
    masked: no
    enabled: yes
    daemon_reload: yes

- name: "install script to add update Radicle config file"
  when: radicle_node_connections is defined
  copy:
    src: rad-config-update
    dest: /home/_rad/rad-config-update
    owner: _rad
    group: _rad
    mode: 0755

- name: "connect to other Radicle nodes"
  when: radicle_node_connections is defined
  with_items: "{{ radicle_node_connections }}"
  shell: |
    sudo -u _rad -i ./rad-config-update \
        "{{ radicle_node_domain_name }}" \
        "{{ radicle_node_domain_name }}:8776" \
        "{{ radicle_node_policy }}" \
        "{{ radicle_node_scope }}" \
        "{{ item.nid }}@{{ item.host }}:{{ item.port }}"

- name: "install script to add update Radicle repository pinning"
  when: radicle_node_repositories is defined
  copy:
    src: rad-config-pin
    dest: /home/_rad/rad-config-pin
    owner: _rad
    group: _rad
    mode: 0755

- name: "seed Radicle repositories"
  when: radicle_node_repositories is defined
  with_items: "{{ radicle_node_repositories }}"
  shell: |
    sudo -u _rad rad seed "{{ item.rid }}"
    sudo -u _rad -i ./rad-config-pin "{{ item.rid }}"

- name: "install Caddy configuation file"
  template:
    src: Caddyfile.j2
    dest: /etc/caddy/Caddyfile

- name: "create directory for CI logs"
  file:
    state: directory
    path: /srv/http
    owner: _rad
    group: _rad

- name: "restart Caddy"
  systemd:
    name: caddy
    state: restarted
    masked: no
    enabled: yes
    daemon_reload: yes

- name: "install systemd unit for Radicle HTTPD"
  template:
    src: radicle-httpd.service.j2
    dest: /lib/systemd/system/radicle-httpd.service

- name: "enable systemd unit for Radicle HTTPD"
  systemd:
    name: radicle-httpd
    state: restarted
    masked: no
    enabled: yes
    daemon_reload: yes

- name: "install Radicle CI broker config"
  copy:
    content: |
      {{ radicle_node_ci_broker_config }}
    dest: /home/_rad/ci-broker.yaml
    owner: _rad
    group: _rad
    mode: 0644

- name: "create state directory for Radicle native CI"
  file:
    state: directory
    path: /home/_rad/native-ci.state
    owner: _rad
    group: _rad
    mode: 0755

- name: "install Radicle native CI config"
  copy:
    content: |
      state: /srv/http
      log: /home/_rad/native-ci.log
    dest: /home/_rad/native-ci.yaml
    owner: _rad
    group: _rad
    mode: 0644

- name: "install systemd unit for Radicle CI broker"
  template:
    src: radicle-ci-broker.service.j2
    dest: /lib/systemd/system/radicle-ci-broker.service

- name: "enable systemd unit for Radicle CI broker"
  systemd:
    name: radicle-ci-broker
    state: restarted
    masked: no
    enabled: yes
    daemon_reload: yes