- name: "check haproxy_domain is set"
  shell: |
    if [ "{{ haproxy_domain }}" = "" ] || [ "{{ haproxy_domain }}" = "FIXME" ]
    then
        echo "ERROR: MUST set haproxy_domain" 1>&2
        exit 1
    fi

# - name: "check letsencrypt_email is set"
#   shell: |
#     if [ "{{ letsencrypt_email }}" = "" ] || [ "{{ letsencrypt_email }}" = "FIXME" ]
#     then
#         echo "ERROR: MUST set letsencrypt_email" 1>&2
#         exit 1
#     fi

- name: install haproxy
  apt:
    name: haproxy

- name: "install haproxy TLS cert"
  copy:
    src: haproxy.pem
    dest: /etc/ssl/haproxy.pem
    mode: 0600

# - name: "install certbot"
#   apt:
#     name: certbot

# - name: "install daily cron job to create haproxy.pem"
#   copy:
#     content: |
#       #!/bin/sh
#       set -eu
#       cd /etc/letsencrypt/live/haproxy
#       cat fullchain.pem privkey.pem > /etc/ssl/haproxy.pem
#       systemctl restart haproxy
#     dest: /etc/cron.daily/haproxy.pem
#     owner: root
#     group: root
#     mode: 0755

# - name: "run certbot"
#   shell: |
#     set -eu
#     certbot certonly \
#             --standalone \
#             --noninteractive \
#             --email "{{ letsencrypt_email }}" \
#             --agree-tos \
#             --expand \
#             --cert-name haproxy \
#             --keep \
#             --pre-hook "systemctl stop haproxy" \
#             --post-hook "systemctl start haproxy" \
#             -d "{{ haproxy_domain }}"
#     /etc/cron.daily/haproxy.pem

- name: "create config dirs"
  file:
    state: directory
    path: "{{ item }}"
    owner: root
    group: root
    mode: 0755
  with_items:
    - /etc/haproxy

- name: "drop haproxy frontends and backends lists"
  file:
    state: absent
    path: "{{ item }}"
  with_items:
    - /etc/haproxy/frontends
    - /etc/haproxy/backends

- name: "create haproxy frontends list"
  shell: |
    (
        echo ""
        echo "    acl {{ item.name }} path_beg {{ item.path }}"
        echo "    use_backend {{ item.name }} if {{ item.name }}"
    ) >> /etc/haproxy/frontends
  with_items:
    - "{{ haproxy_rules }}"

- name: "create haproxy backends list"
  shell: |
    (
        echo ""
        echo "backend {{ item.name }}"
        i=0
        {% for backend in item.backends %}
        i="$(expr $i + 1)"
        echo "    server {{ item.name }}_$i {{ backend }}"
        {% endfor %}
    ) >> /etc/haproxy/backends
  with_items:
    - "{{ haproxy_rules }}"

- name: "copy haproxy preamble"
  template:
    src: haproxy.cfg.preamble
    dest: /etc/haproxy

- name: "assemble haproxy preamble"
  shell: |
    cd /etc/haproxy
    cat haproxy.cfg.preamble frontends backends > haproxy.cfg
    chmod 0755 haproxy.cfg

- name: enable and start haproxy
  service:
    state: restarted
    enabled: yes
    name: haproxy