---
# tasks file for map-server
- include_vars: "{{ ansible_os_family }}.yml"

- name: Install openssl to generate DH params
  apt: name=openssl state=present

- name: Ensure nginx ssl directory exists
  file: dest=/etc/nginx/ssl/ state=directory

- name: Create private ssl key from secret var
  copy: content="{{ mapserver_ssl_private_key }}" dest=/etc/nginx/ssl/wiki.ffdo.de.key

- name: Create nginx server certificate from secret var
  copy: content="{{ mapserver_ssl_server_cert }}" dest=/etc/nginx/ssl/wiki.ffdo.de.crt

- name: Deploy pregenerated DH params
  when: mapserver_use_pregenerated_dh_params
  copy: content="{{mapserver_dh_params}}" dest=/etc/nginx/dhparams.pem

- name: Generate strong dhparams
  when: not mapserver_use_pregenerated_dh_params
  shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 creates=/etc/nginx/dhparams.pem

- name: Install necessary packages
  apt: name={{item}} state=present
  with_items: "{{mapserver_packages}}"

- name: Create supervisor services
  when: supervisor_services is defined
  template: src=supervisor.service.j2 dest=/etc/supervisor/conf.d/{{item.name}}.conf
  with_items: "{{supervisor_services}}"
  notify: Restart supervisor

- name: Ensure supervisor is started and enabled
  service: name=supervisor state=started enabled=yes