---

- name: Deploy configuration
  template: src={{ item.src }} dest={{ item.dest }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
  loop:
    - src: back/config.py.j2
      dest: "{{ taiga_root_dir }}/app/back/settings/config.py"
      group: "{{ taiga_user }}"
      mode: 640
    - src: front/conf.json.j2
      dest: "{{ taiga_root_dir }}/app/front/dist/conf.json"
    - src: events/env.j2
      dest: "{{ taiga_root_dir }}/app/events/.env"
      group: "{{ taiga_user }}"
      mode: 640
    - src: protected/env.j2
      dest: "{{ taiga_root_dir }}/app/protected/.env"
      group: "{{ taiga_user }}"
      mode: 640
  notify: restart taiga
  tags: taiga

- name: Deploy nginx configuration
  template: src=nginx.conf.j2 dest=/etc/nginx/ansible_conf.d/10-taiga.conf
  notify: reload nginx
  tags: taiga

- name: Create RabbitMQ user and vhost
  shell: |
    {% if taiga_amqp_user_exists.rc == 0 %}
    rabbitmqctl change_password {{ taiga_amqp_user }} {{ taiga_amqp_pass }}
    {% else %}
    rabbitmqctl add_user {{ taiga_amqp_user }} {{ taiga_amqp_pass }}
    {% endif %}
    rabbitmqctl add_vhost {{ taiga_amqp_vhost }}
    rabbitmqctl set_permissions -p {{ taiga_amqp_vhost }} {{ taiga_amqp_user }} ".*" ".*" ".*"
  when: taiga_amqp_server in ['localhost', '127.0.0.1']
  changed_when: False
  tags: taiga

- when: taiga_install_mode != 'none'
  block:

    - name: Migrate database
      django_manage:
        command: migrate
        app_path: "{{ taiga_root_dir }}/app/back"
        virtualenv: "{{ taiga_root_dir }}/venv"
      become_user: "{{ taiga_user }}"

    - name: Compile messages
      django_manage:
        command: compilemessages
        app_path: "{{ taiga_root_dir }}/app/back"
        virtualenv: "{{ taiga_root_dir }}/venv"

    - name: Collect static files
      django_manage:
        command: collectstatic
        app_path: "{{ taiga_root_dir }}/app/back"
        virtualenv: "{{ taiga_root_dir }}/venv"

    - name: Set permissions for nginx
      shell: |
        setfacl -R -k -b {{ taiga_root_dir }}
        setfacl -m u:nginx:x {{ taiga_root_dir }}
        setfacl -m u:nginx:x {{ taiga_root_dir }}/data
        setfacl -m u:nginx:x {{ taiga_root_dir }}/app
        setfacl -m u:nginx:x {{ taiga_root_dir }}/app/back
        setfacl -R -m u:nginx:rX {{ taiga_root_dir }}/app/front
        setfacl -R -m u:nginx:rX {{ taiga_root_dir }}/app/back/static
        setfacl -R -m u:nginx:rX {{ taiga_root_dir }}/data/media

  environment:
    DJANGO_SETTINGS_MODULE: settings.config
    CELERY_ENABLED: False
  tags: taiga

- when: taiga_install_mode == 'install'
  block:

    - name: Create admin user
      django_manage:
        command: createsuperuser --noinput --username admin --email admin@{{ ansible_domain }}
        app_path: "{{ taiga_root_dir }}/app/back"
        virtualenv: "{{ taiga_root_dir }}/venv"
      environment:
        DJANGO_SUPERUSER_PASSWORD: '{{ taiga_admin_pass }}'

    # For some reason, the password isn't correctly initialized
    # Let's reset it using expect
    - name: Reset admin user password
      expect:
        command: "{{ taiga_root_dir }}/venv/bin/python3 ./manage.py changepassword admin"
        chdir: "{{ taiga_root_dir }}/app/back/"
        responses:
          'Password:\s*': "{{ taiga_admin_pass }}"
          'Password \(again\):\s*': "{{ taiga_admin_pass }}"

    - name: load initial data
      django_manage:
        command: loaddata initial_project_templates
        app_path: "{{ taiga_root_dir }}/app/back"
        virtualenv: "{{ taiga_root_dir }}/venv"

  environment:
    DJANGO_SETTINGS_MODULE: settings.config
    CELERY_ENABLED: False
  become_user: "{{ taiga_user }}"
  tags: taiga