# vim: ts=2 shiftwidth=2
---
- hosts: localhost
  remote_user: peter
  become: yes
  vars:
    federation_server: "matrix.example.com"
    client_server: "example.com"
    dbuser: "synapse"
    dbpass: ""
    database: "synapse"
    packages: [matrix-synapse, postgresql, nginx, python-psycopg2]
    synapse_repo: "files/synapse.list"
    synapse_config: "files/homeserver.yaml.j2"
    synapse_config_server: "files/server_name.yaml.j2"
    synapse_config_report: "files/report_stats.yaml"
    nginx_config: "files/nginx.j2"
    ssl_available: true
  tasks:
    - name: Get hostname
      shell: hostname
      register: hostname
      become: no
    - name: Setup nginx w/ HTTPS
      template:
        src: "{{ nginx_config }}"
        dest: "/etc/nginx/sites-available/{{ federation_server }}.conf"
    - name: Reload nginx
      service:
        name: nginx
        state: reloaded
    - name: Activate PostgreSQL
      service:
        name: postgresql
        state: started
        enabled: yes
    - name: Create DB user
      become_user: postgres
      postgresql_user:
        name: "{{ dbuser }}"
        state: present
        role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
        password: "{{ dbpass }}"
        encrypted: no
    - name: Create DB
      become_user: postgres
      postgresql_db:
        name: "{{ database }}"
        state: present
        owner: "{{ dbuser }}"
        encoding: UTF8
        lc_collate: C
        lc_ctype: C
        template: template0
    - name: Configure Synapse (main)
      template:
        src: "{{ synapse_config }}"
        dest: /etc/matrix-synapse/homeserver.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Configure Synapse (server name)
      template:
        src: "{{ synapse_config_server }}"
        dest: /etc/matrix-synapse/conf.d/server_name.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Configure Synapse (stats)
      template:
        src: "{{ synapse_config_report }}"
        dest: /etc/matrix-synapse/conf.d/report_stats.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Copy Cert for Synapse
      copy:
        remote_src: yes
        src: "/etc/ssl/certs/{{ federation_server }}.pem"
        dest: "/etc/matrix-synapse/{{ federation_server }}.pem"
        owner: matrix-synapse
        group: nogroup
    - name: Copy Key for Synapse
      copy:
        remote_src: yes
        src: "/etc/ssl/private/{{ federation_server }}.key"
        dest: "/etc/matrix-synapse/{{ federation_server }}.key"
        owner: matrix-synapse
        group: nogroup
    - name: Start Synapse
      service:
        name: matrix-synapse
        state: started
        enabled: yes
    - name: Done
      debug:
        msg: |-
          What to do:
          * Create a user via register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml https://localhost:8448
          * Create the required DNS entries for federation