---
# tasks file for MicroJoe.prosody

- name: Install debian dependencies
  apt:
    name: apt-transport-https
    state: present

- name: Install official prosody repository's key
  apt_key:
    url: https://prosody.im/files/prosody-debian-packages.key
    state: present

- name: Install official prosody repository
  apt_repository:
    repo: deb https://packages.prosody.im/debian stretch main
    state: present

- name: Install prosody package
  apt:
    name: prosody
    state: latest
    update_cache: yes

- name: Configure prosody
  template:
    src: prosody.cfg.lua.j2
    dest: /etc/prosody/prosody.cfg.lua
    group: root
    owner: root
    mode: 0755
    validate: "luac -p %s"
  notify: reload prosody config

- name: Copy TLS cert to /etc/prosody/certs/
  command: /bin/cp "{{ prosody_ssl_cert_source }}" "{{ prosody_ssl_cert_dest }}"
  notify: reload prosody config

- name: Copy TLS key to /etc/prosody/certs/
  command: /bin/cp "{{ prosody_ssl_key_source }}" "{{ prosody_ssl_key_dest }}"
  notify: reload prosody config

- name: Set good access to certs
  file:
    path: "{{ item }}"
    owner: root
    group: prosody
    mode: 0640
  with_items:
    - "{{ prosody_ssl_key_dest }}"
    - "{{ prosody_ssl_cert_dest }}"

# Everyday at 4 AM

- name: Install crontab for periodic copy of LetsEncypt certs
  cron:
    name: Copy LetsEncrypt certificates and restart
    hour: 4
    minute: 0
    job: "cp {{ prosody_ssl_cert_source }} {{ prosody_ssl_cert_dest }} &&
          cp {{ prosody_ssl_key_source }} {{ prosody_ssl_key_dest }} &&
          systemctl restart prosody"

- name: Enable and restart prosody service
  service: name=prosody enabled=yes state=restarted