---
- hosts: wittgenstein.n39.eu
  become: true

  roles:
    - role: docker_setup
      vars:
        docker_data_root: "/srv/docker"
    - role: apache
    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
    - role: 24367dfa.dehydrated
      vars:
        dehydrated_contact_email: "{{ server_admin }}"
    - role: penguineer.dehydrated_cron

  tasks:
    - name: Install packages needed for the system
      # This is a list of all packages,
      # unless they are installed by a specific role
      ansible.builtin.apt:
        state: present
        name:
          # This is needed for the user-executed tasks
          - acl
          # Regular packages
          - tmux
          - git-core
          - cmake
          - build-essential
          - libmosquitto-dev
          - libconfig-dev
          - mosquitto-clients
          - python3-paho-mqtt
          - i2c-tools


    - name: Set MAC address for proper DHCP recognition
      # Uses mac variable from inventory
      ansible.builtin.template:
        src: templates/network-interfaces-dhcp-mac.j2
        dest: /etc/network/interfaces.d/wittgenstein-mac
        owner: root
        group: root
        mode: '0644'

    - name: Disable IPv6
      # Because it is not working....
      ansible.builtin.copy:
        src: files/sysctl-no-ipv6.conf
        dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
        owner: root
        group: root
        mode: '0644'


    ### Gatekeeper user (pi for now)
    #
    # All the gatekeeping / door control stuff is here!

    - name: Ensure gatekeeper user is there
      ansible.builtin.user:
        name: "{{ gatekeeper_user }}"
        groups: dialout,audio,plugdev,input,netdev,i2c,gpio
        append: yes

    - name: Copy management scripts
      ansible.builtin.copy:
        src: "files/wittgenstein/{{ item }}"
        dest: "/home/{{ gatekeeper_user }}/{{ item }}"
        owner: "{{ gatekeeper_user }}"
        group: "{{ gatekeeper_user }}"
        mode: "0750"
      loop:
        - reboot.sh
        - unstuck.sh
        - switch-on.sh
        - switch-off.sh

    - name: Install start-up cron
      ansible.builtin.cron:
        name: Start the gatekeeper services
        job: "/home/{{ gatekeeper_user }}/reboot.sh"
        user: "{{ gatekeeper_user }}"
        special_time: reboot


    - name: Download wiringPi library
      # WiringPi needs to be installed, but that library seems to be
      # obsolete. We download something and hope it works...
      ansible.builtin.get_url:
        url: https://project-downloads.drogon.net/wiringpi-latest.deb
        dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
        mode: "0644"
        force: no
      register: wiringPi_download

    - name: Install wiringPi library  # noqa: no-handler
      ansible.builtin.apt:
        state: present
        deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
      when: wiringPi_download.changed


    ### Ampelsteuerung
    - name: Clone netz39_space_notification initial checkout
      # Do this as the gatekeeper user!
      become: yes
      become_user: "{{ gatekeeper_user }}"
      ansible.builtin.git:
        repo: https://github.com/netz39/space_notification.git
        dest: "/home/{{ gatekeeper_user }}/netz39_space_notification"
        clone: yes
        update: no

    - name: Compile ledcontrol agent
      # Do this as the gatekeeper user!
      become: yes
      become_user: "{{ gatekeeper_user }}"
      ansible.builtin.shell:
        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol"
        cmd: make
        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol/ledcontrol"

    - name: Compile statusswitch agent
      # Do this as the gatekeeper user!
      become: yes
      become_user: "{{ gatekeeper_user }}"
      ansible.builtin.shell:
        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch"
        cmd: make
        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch/statusswitch"

    ### Space API
    - name: Setup the SpaceAPI Docker container
      docker_container:
        name: spaceapi
        image: "{{ spaceapi_image }}"
        pull: true
        state: started
        detach: yes
        restart_policy: unless-stopped
        ports:
          - "0.0.0.0:{{ spaceapi_host_port }}:8080"   # Must be reached by pottwal
#          - "127.0.0.1:{{ spaceapi_host_port }}:8080"
        env:
          TZ: "{{ timezone }}"
          MQTT_BROKER: "platon.n39.eu"
          MQTT_TOPIC_STATUS: "{{ spaceapi_topic_status }}"
          MQTT_TOPIC_LASTCHANGE: "{{ spaceapi_topic_lastchange }}"
      tags:
        - spaceapi

    - name: Setup the Ampel Controller Docker container
      docker_container:
        name: ampelcontroller
        image: "{{ ampelcontroller_image }}"
        pull: true
        state: started
        detach: yes
        restart_policy: unless-stopped
        env:
          TZ: "{{ timezone }}"
          MQTT_BROKER: "platon.n39.eu"
          MQTT_LEVER_STATE_TOPIC: "{{ topic_lever_state }}"
          MQTT_DOOR_EVENTS_TOPIC: "{{ topic_door_events }}"
          MQTT_SPACESTATUS_ISOPEN_TOPIC: "{{ spaceapi_topic_status }}"
          MQTT_SPACESTATUS_LASTCHANGE_TOPIC: "{{ spaceapi_topic_lastchange }}"
          MQTT_TRAFFIC_LIGHT_TOPIC: "{{ topic_traffic_light }}"
      tags:
        - spaceapi

  handlers: