- name: Set up packages
  ansible.builtin.apt:
    update_cache: true
    pkg:
      - nginx
    state: present
- name: Install package for setting htpasswd
  package:
    name: python3-passlib
- name: Ensure web path exists
  file:
    path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/backstage
    state: directory
- name: Ensure current directory exists
  file:
    path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/current
    state: directory
- name: Create group
  group:
    name: "{{ emacsconf_group }}"
    state: present
- name: Create user
  user:
    name: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    state: present
- name: Change ownership and permissions
  file:
    path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    mode: "u=rwX,g=rwX,o=rX"
    recurse: true
- name: Add public key for authorized access
  ansible.posix.authorized_key:
    user: "{{ emacsconf_user }}"
    state: present
    key: '{{ item }}'
  with_file:
    - ../../base/files/keys/sachac
    - ../../base/files/keys/orga
- name: Create htpasswd entry
  htpasswd:
    create: yes
    name: "{{ emacsconf_backstage_user }}"
    password: "{{ emacsconf_backstage_password }}"
    path: /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-htpasswd
- name: Create Nginx include
  template:
    src: nginx-include
    dest: /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-include
- name: Create main configuration if needed
  template:
    src: nginx-site-config
    dest: /etc/nginx/sites-available/{{ media_server_name }}
    force: no
- name: Make sure main configuration is enabled
  file:
    src: /etc/nginx/sites-available/{{ media_server_name }}
    dest: /etc/nginx/sites-enabled/{{ media_server_name }}
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    force: no
    state: link
- name: Include it in the main configuration
  lineinfile:
    path: /etc/nginx/sites-available/{{ media_server_name }}
    regexp: "{{ media_server_name }}-{{ emacsconf_year }}-include"
    line: "    include sites-available/{{ media_server_name }}-{{ emacsconf_year }}-include;"
    insertafter: root
- name: Reload configuration
  service:
    name: nginx
    state: reloaded
- name: Symlink the current year's backstage directory
  file:
    src: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/backstage
    dest: "~{{ emacsconf_user }}/backstage"
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    state: link
- name: Symlink the current year's directory
  file:
    src: /var/www/{{ media_server_name }}/{{ emacsconf_year }}
    dest: "~{{ emacsconf_user }}/{{ emacsconf_year }}"
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    state: link
- name: Symlink the current year's directory as current
  file:
    src: /var/www/{{ media_server_name }}/{{ emacsconf_year }}
    dest: "~{{ emacsconf_user }}/current"
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    state: link
- name: Create the bin directory
  tags: media-scripts
  file:
    state: directory
    path: "~{{ emacsconf_user }}/bin"
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
- name: Add the bin directory to the path
  tags: media-scripts
  lineinfile:
    dest: "~{{ emacsconf_user }}/.bashrc"
    state: present
    line: "export PATH=$PATH:~/bin"
- name: Create batch scripts
  tags: media-scripts
  template:
    src: "{{ item }}"
    dest: "~{{ emacsconf_user }}/bin/{{ item }}"
    owner: "{{ emacsconf_user }}"
    group: "{{ emacsconf_group }}"
    mode: 0755
  loop:
    - bbb-open
    - bbb-before