---

- name: install base packages
  apt: name={{item}} state=installed install_recommends=no
  with_items:
    - gunicorn
    - python-pip
    - python-dev
    - logrotate

- name: copy astara-appliance code
  synchronize: src={{ playbook_dir }}/.. dest=/tmp/astara-appliance

- name: ensure latest setuptools
  pip: name=setuptools state=latest

- name: install required files
  pip: requirements=/tmp/astara-appliance/requirements.txt

- name: install astara-appliance
  command: python setup.py install chdir=/tmp/astara-appliance

- name: install astara gunicorn logging directory
  file: path=/var/log/astara state=directory

- name: install astara logrotate config
  template: src=logrotate.j2 dest=/etc/logrotate.d/astara

- name: install gunicorn config file
  template: src=gunicorn.j2 dest=/etc/astara_gunicorn_config.py

- name: add gunicorn user
  command: useradd -r gunicorn

- name: install init.d files
  copy: src={{playbook_dir}}/../scripts/etc/init.d/{{item}} dest=/etc/init.d/{{item}} mode=0555
  with_items:
    - metadata
    - astara-router-api-server

- name: install rootwrap config file
  copy: src={{playbook_dir}}/../etc/rootwrap.conf dest=/etc/rootwrap.conf mode=0555

- name: create /etc/rootwrap.d/
  file: path=/etc/rootwrap.d/ state=directory

- name: install rootwrap rules file
  copy: src={{playbook_dir}}/../etc/rootwrap.d/ dest=/etc/rootwrap.d/ mode=0555
  with_items:
    - network.filters

- stat: path=/etc/sudoers.d
  register: sudoers_dir

- name: install sudoer file
  when: sudoers_dir.stat.exists == True
  template: src=gunicorn dest=/etc/sudoers.d/gunicorn mode=0440

- name: create /usr/local/share/astara/
  file: path=/usr/local/share/astara state=directory

- name: make /usr/local/share/astara/ importable
  copy: dest=/usr/local/share/astara/__init__.py content=''

- name: install astara_local_settings.py
  copy: dest=/usr/local/share/astara/astara_local_settings.py content='ENABLED_SERVICES = {{enabled_advanced_services.split(',')}}\n'

- name: update-rc
  command: update-rc.d astara-router-api-server start

- name: add timestamp
  shell: date > arg1 creates=/etc/astara-release

- name: enable forwarding
  sysctl: name={{item}} value=1 sysctl_set=yes state=present reload=yes
  with_items:
   - net.ipv4.ip_forward
   - net.ipv6.conf.all.forwarding
  when: router_appliance

- name: remove packages only needed for build
  apt: name={{item}} state=absent
  with_items:
    - python-pip
    - python-dev
    - build-essential
  when: do_cleanup

- name: Autoremove unused packages
  command: apt-get -y autoremove
  when: do_cleanup