---
- name: create base directory
  file:
    path: "/var/lib/greenbone/{{ greenbone_server_hostname }}"
    state: directory

- name: copy docker compose file
  template:
    src: "docker-compose-{{ greenbone_server_version }}.yml.j2"
    dest: "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml"

## TODO: replace this with proper ansible modules once the v2 modules get released
- name: get list of running compose projects
  check_mode: no
  command: "docker compose ls --format json --filter 'name=^{{ greenbone_server_hostname | replace('.', '_') }}$'"
  changed_when: False
  register: greenbone_server_compose_list

- name: initial compose setup
  when: (greenbone_server_compose_list.stdout | from_json | length) == 0
  block:
  - name: pull greenbone images
    command: docker compose -f "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml" -p "{{ greenbone_server_hostname | replace('.', '_') }}" pull

  - name: start greenbone
    command: docker compose -f "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml" -p "{{ greenbone_server_hostname | replace('.', '_') }}" up -d

  - name: set admin password
    command: docker compose -f "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml" -p "{{ greenbone_server_hostname | replace('.', '_') }}" exec -u gvmd gvmd gvmd --user=admin --new-password="{{ greenbone_server_admin_password }}"
    register: greenbone_server_set_admin_password
    until: "greenbone_server_set_admin_password is not failed"
    retries: 15
    delay: 5

- name: compute nginx vhost config
  vars:
    greenbone_server_vhost_base:
      name: greenbone
      mode: "0600"
      template: generic
      hostnames:
      - "{{ greenbone_server_hostname }}"
      locations:
        '/':
          proxy_pass: "http://127.0.0.1:9392"
    greenbone_server_vhost_override__yaml: |
      {% if greenbone_server_tls is defined %}
      tls:
        {{ greenbone_server_tls | to_nice_yaml(indent=2) | indent(2) }}
      {% endif %}
  set_fact:
    greenbone_server_vhost: "{{ greenbone_server_vhost_base | combine(greenbone_server_vhost_override__yaml | from_yaml, recursive=True) }}"

- name: configure nginx vhost
  vars:
    nginx_vhost:
      "{{ greenbone_server_vhost }}"
  include_role:
    name: nginx/vhost

- name: install update script
  copy:
    content: |
      #!/bin/bash
      set -e
      docker compose -f "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml" -p "{{ greenbone_server_hostname | replace('.', '_') }}" pull notus-data vulnerability-tests scap-data dfn-cert-data cert-bund-data report-formats data-objects
      docker compose -f "/var/lib/greenbone/{{ greenbone_server_hostname }}/docker-compose.yml" -p "{{ greenbone_server_hostname | replace('.', '_') }}" up -d notus-data vulnerability-tests scap-data dfn-cert-data cert-bund-data report-formats data-objects

      echo "update queued successfully."
      echo "Please also read:  https://greenbone.github.io/docs/latest/22.4/container/workflows.html#performing-a-feed-synchronization"
      echo ""
      echo "cleaning up unused/old containers and images ..."
      docker system prune -f
      exit 0
    dest: "/usr/local/bin/update-greenbone.{{ greenbone_server_hostname }}"
    mode: 0755

- name: install systemd units for feed updates
  when: greenbone_feed_update_schedule is defined
  loop:
  - service
  - timer
  template:
    src: "systemd.{{ item }}.j2"
    dest: "/etc/systemd/system/update-greenbone_{{ greenbone_server_hostname }}.{{ item }}"

- name: make sure systemd is started and enabled
  when: greenbone_feed_update_schedule is defined
  systemd:
    daemon_reload: yes
    name: "update-greenbone_{{ greenbone_server_hostname }}.timer"
    enabled: yes
    state: started