---
- name: Create /etc/lighttpd/certs directory
  file:
    path: /etc/lighttpd/certs
    state: directory
- name: Create certificates for lighttpd in /etc/lighttpd/certs/lighttpd.pem
  shell: |
         yes '' | openssl req -new -x509 \
              -keyout /etc/lighttpd/certs/lighttpd.pem \
              -out /etc/lighttpd/certs/lighttpd.pem -days 36525 -nodes
  args:
    creates: /etc/lighttpd/certs/lighttpd.pem
  when: TROVE_SSL_PEMFILE is not defined
  notify: Restart lighttpd-git service

- name: Copy certifiacte for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_PEMFILE }}"
    dest: /etc/lighttpd/certs/lighttpd.pem
    mode: 0400
  when: TROVE_SSL_PEMFILE is defined
  notify: Restart lighttpd-git service

- name: Copy certifiacte for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_CA_FILE }}"
    dest: /etc/lighttpd/certs/ca-certs.pem
    mode: 0400
  when: TROVE_SSL_CA_FILE is defined
  notify: Restart lighttpd-git service

- name: Create /var/run/lighttpd for cache user
  file:
    path: /var/run/lighttpd
    state: directory
    owner: cache
    group: cache

- name: Create git-httpd.conf from template
  template:
    src: lighttpd/git-httpd.conf
    dest: /etc/lighttpd/git-httpd.conf
  notify: Restart lighttpd-git service

# Now that the lighttpd certificates, configuration files and /var/run/lighttpd
# exist, we can enable and start lighttpd services
- name: Enable lighttpd-git service
  service:
    name: lighttpd-git.service
    enabled: yes
  notify: Restart lighttpd-git service

- name: Enable lighttpd-morph-cache service
  service:
    name: lighttpd-morph-cache.service
    enabled: yes
  notify: Restart lighttpd-morph-cache service

# The service lighttpd-lorry-controller-webapp has to start here and
# can't be done in a handler, given that the lorry-controller-minion
# service will fail to start if this one is not running.
- name: Enable the lighttpd-lorry-controller-webapp service
  service:
    name: lighttpd-lorry-controller-webapp.service
    enabled: yes
  register: lighttpd_lorry_controller_webapp_service
- name: Restart the lighttpd-lorry-controller-webapp service
  service:
    name: lighttpd-lorry-controller-webapp
    state: restarted
  when: lighttpd_lorry_controller_webapp_service|changed