---
- name: Download binary from MatterMost website
  get_url:
    url: https://releases.mattermost.com/{{ mattermost_version }}/mattermost-{{ mattermost_version }}-linux-amd64.tar.gz
    dest: /tmp/

- name: unpack mattermost archive
  unarchive:
    src: /tmp/mattermost-{{ mattermost_version }}-linux-amd64.tar.gz
    dest: /opt/
    copy: no
  args:
    creates: /opt/mattermost/bin/platform

- name: Edit /opt/mattermost/config/config.json
  lineinfile:
    dest: /opt/mattermost/config/config.json
    regexp: '"DriverName": "mysql",'
    line: '        "DriverName": "postgres",'
    backrefs: yes

- name: Edit /opt/mattermost/config/config.json
  lineinfile:
    dest: /opt/mattermost/config/config.json
    regexp: '"DataSource":'
    line: '"DataSource": "postgres://{{ db_user }}:{{ db_pass }}@127.0.0.1:5432/{{ db_name }}?sslmode=disable&connect_timeout=10",'
    backrefs: yes

- name: Change mattermost directory permissions
  file:
    path: /opt/mattermost
    state: directory
    owner: "{{ mattermost_user }}"
    group: "{{ mattermost_user }}"
    recurse: yes

- name: Create data directory for Mattermost
  file:
    path: /opt/mattermost/data
    state: directory
    mode: '0755'

- name: Edit /
  lineinfile:
    dest: /etc/postgresql/11/main/pg_hba.conf
    regexp: 'local   all             postgres                                peer'
    line: 'local   all             postgres                                trust'
    backrefs: yes

- name: ensure postgresql is running
  service:
    name: postgresql
    state: restarted

- name: ensure database is created
  become: yes
  become_user: "{{ mattermost_user }}"
  postgresql_db:
    name: "{{ db_name }}"

- name: ensure user has access to database
  become: yes
  become_user: "{{ mattermost_user }}"
  postgresql_user:
    db: "{{ db_name }}"
    name: "{{ db_user }}"
    password: "{{ db_pass }}"
    priv: ALL

- name: ensure user does not have unnecessary privilege
  become: yes
  become_user: "{{ username }}"
  postgresql_user:
    name: "{{ db_user }}"
    role_attr_flags: NOSUPERUSER,NOCREATEDB

- name: Create nginx configuration
  template:
    src: mattermost.conf.j2
    dest: /etc/nginx/sites-available/mattermost.conf
    owner: root
    group: root
    mode: 0664

- name: Create a symbolic link
  file:
    src: /etc/nginx/sites-available/mattermost.conf
    dest: /etc/nginx/sites-enabled/mattermost.conf
    owner: root
    group: root
    state: link

- name: Create mattermost systemd service
  template:
    src: mattermost.service.j2
    dest: /etc/systemd/system/mattermost.service
    owner: root
    group: root
    mode: 0664

- name: Enable Mattermost service
  service:
    name: mattermost
    enabled: yes
    state: started