---

- hosts: http_to_xmpp
  vars:
    user: http-to-xmpp
    home: /home/http-to-xmpp/
    xmpp_jid: 'afpy@chapril.org'
    xmpp_dest_jid: 'mdk@chapril.org'
    xmpp_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          31393038346161613063653031313232633461373937656433363364656131376330316461666664
          3363636533376632646239393364623762653535343563310a353434666166626232363339313235
          39303566363935613138663536343236643964663838343839616562393732633034393938383430
          6361613237666235390a653332373339636262663633363833666237653538646439363766383536
          3738
  tasks:
    - name: A user for the HTTP to XMPP gate
      user:
        name: "{{ user }}"
        system: true

    - name: A venv for the HTTP to XMPP gate
      become: true
      become_user: "{{ user }}"
      command: python3 -m venv --upgrade-deps {{ home }}/venv
      changed_when: False

    - name: Install http-to-xmpp
      notify: restart gate
      become: true
      become_user: "{{ user }}"
      pip:
        name:
          - "http-to-xmpp>=0.2"
          - pytz
        virtualenv_command: /usr/bin/python3 -m venv
        virtualenv: "{{ home }}/venv/"

    - name: Setup http-to-xmpp.afpy.org
      include_role: name=nginx
      vars:
        nginx_owner: "{{ user }}"
        nginx_domain: http-to-xmpp.afpy.org
        nginx_certificates: [http-to-xmpp.afpy.org]
        nginx_conf: |
          server
          {
              listen [::]:80; listen 80;
              server_name http-to-xmpp.afpy.org;
              return 301 https://$host$request_uri;
          }

          server
          {
              listen [::]:443 ssl http2; listen 443 ssl http2;
              server_name http-to-xmpp.afpy.org;
              include snippets/letsencrypt-http-to-xmpp.afpy.org.conf;
              index index.html;

              location /
              {
                  include proxy_params;
                  proxy_pass http://localhost:1985;
              }
          }

    - name: Service for http-to-xmpp
      notify: restart gate
      copy:
        dest: /etc/systemd/system/http-to-xmpp.service
        mode: 0600
        content: |
          [Unit]
          Description=HTTP to XMPP gateway
          After=network.target

          [Service]
          Type=simple
          Environment="XMPP_JID={{ xmpp_jid }}"
          Environment="XMPP_PASSWORD={{ xmpp_password }}"
          Environment="XMPP_DEST_JID={{ xmpp_dest_jid }}"
          ExecStart={{ home }}/venv/bin/http-to-xmpp

          User={{ user }}
          WorkingDirectory={{ home }}
          Restart=on-failure

          [Install]
          WantedBy=multi-user.target

    - service:
        name: http-to-xmpp
        enabled: yes
        state: started
        daemon_reload: yes

  handlers:
    - name: restart gate
      systemd:
        daemon_reload: true
        state: restarted
        name: http-to-xmpp