- name: Create Zuul Group
  group:
    name: "{{ zuul_group }}"
    gid: "{{ zuul_group_id }}"
    system: yes

- name: Create Zuul User
  user:
    name: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    uid: "{{ zuul_user_id }}"
    home: "/home/{{ zuul_user }}"
    create_home: yes
    shell: /bin/bash
    system: yes

- name: Create Zuul Config dir
  file:
    state: directory
    path: /etc/zuul
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"

- name: Generate ZooKeeper TLS cert
  include_role:
    name: zk-ca
  vars:
    zk_ca_cert_dir_owner: "{{ zuul_user_id }}"
    zk_ca_cert_dir_group: "{{ zuul_group_id }}"

- name: Create Zuul SSL dir
  file:
    state: directory
    path: /etc/zuul/ssl
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"

- name: Write Gearman SSL CA
  copy:
    content: "{{ gearman_ssl_ca }}"
    dest: /etc/zuul/ssl/gearman-ca.pem
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0644

- name: Write Gearman Client SSL Cert
  copy:
    content: "{{ gearman_client_ssl_cert }}"
    dest: /etc/zuul/ssl/gearman-client.pem
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0644

- name: Write Gearman Client SSL Key
  when: gearman_client_ssl_key is defined
  copy:
    content: "{{ gearman_client_ssl_key }}"
    dest: /etc/zuul/ssl/gearman-client.key
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0640

- name: Write Gearman Server SSL Cert
  when: gearman_server_ssl_cert is defined
  copy:
    content: "{{ gearman_server_ssl_cert }}"
    dest: /etc/zuul/ssl/gearman-server.pem
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0644

- name: Write Gearman Server SSL Key
  when: gearman_server_ssl_key is defined
  copy:
    content: "{{ gearman_server_ssl_key }}"
    dest: /etc/zuul/ssl/gearman-server.key
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0640

- name: Write Zuul Conf File
  template:
    src: zuul.conf.j2
    dest: /etc/zuul/zuul.conf
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0600

- name: Create Zuul directories
  file:
    state: directory
    path: '{{ item }}'
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
  loop:
    - /var/log/zuul
    - /var/run/zuul
    - /var/lib/zuul
    - /var/lib/zuul/ssh

- name: Write Zuul SSH Key
  copy:
    dest: /var/lib/zuul/ssh/id_rsa
    content: '{{ zuul_ssh_private_key_contents }}'
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0400

- name: Create Zuul SSH directory
  file:
    state: directory
    path: "~{{ zuul_user }}/.ssh"
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0700

- name: Write Known Hosts
  copy:
    dest: "~{{ zuul_user }}/.ssh/known_hosts"
    content: '{{ zuul_known_hosts }}'
    owner: "{{ zuul_user }}"
    group: "{{ zuul_group }}"
    mode: 0600

- name: Sync project-config
  include_role:
    name: sync-project-config

- name: Install docker-compose
  package:
    name:
      - docker-compose
    state: present