---

- name: Configure PostgreSQL repository
  yum_repository:
    name: postgresql
    description: PostgreSQL
    baseurl: https://download.postgresql.org/pub/repos/yum/{{ pg_version }}/redhat/rhel-$releasever-$basearch
    gpgcheck: True
    gpgkey: https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-{{ pg_version }}
    state: "{{ (pg_version != 'default') | ternary('present','absent') }}"
  tags: pg

- name: Install dependencies
  yum:
    name:
      - postgresql{{ (pg_version != 'default') | ternary(pg_version | string,'') }}
      - postgresql{{ (pg_version != 'default') | ternary(pg_version | string,'') }}-server
      - postgresql{{ (pg_version != 'default') | ternary(pg_version | string,'') }}-contrib
      - python-psycopg2
  tags: pg

- name: Check if PG_VERSION exists
  stat: path=/var/lib/pgsql/{{ (pg_version != 'default') | ternary(pg_version | string + '/','') }}data/PG_VERSION
  register: pg_version_file
  tags: pg

- name: Init data
  command: "{{ (pg_version != 'default') | ternary('/usr/pgsql-' + pg_version | string + '/bin/postgresql-' + pg_version | string + '-setup','postgresql-setup') }} initdb"
  when: not pg_version_file.stat.exists
  tags: pg

- name: Deploy configuration
  template: src={{ item }}.j2 dest=/var/lib/pgsql/{{ (pg_version != 'default') | ternary(pg_version | string + '/','') }}data/{{ item }} owner=postgres group=postgres mode=600
  with_items:
    - pg_hba.conf
    - postgresql.conf
  notify: reload postgresql
  tags: pg

- name: Create backup directories
  file: path=/home/lbkp/pgsql state=directory owner=postgres group=postgres mode=700
  tags: pg

- name: Create pre and post backup hook dir
  file: path={{ item }} state=directory mode=750
  with_items:
    - /etc/backup/pre.d
    - /etc/backup/post.d
  tags: pg

- name: Deploy backup scripts
  template: src={{ item.script }}.j2 dest=/etc/backup/{{ item.hook }}.d/{{ item.script }} mode=755
  with_items:
    - { script: 'postgresql_create_dumps.sh', hook: pre }
    - { script: 'postgresql_delete_dumps.sh', hook: post }
  tags: pg

- name: Handle PostgreSQL port
  iptables_raw:
    name: pg_port
    state: "{{ (pg_src_ip is defined and pg_src_ip | length > 0) | ternary('present','absent') }}"
    rules: "-A INPUT -m state --state NEW -p tcp --dport {{ pg_port }} -s {{ pg_src_ip | join(',') }} -j ACCEPT"
  when: iptables_manage | default(True)
  tags: pg

- name: Create postgresql unit snippet dir
  file: path=/etc/systemd/system/postgresql{{ (pg_version != 'default') | ternary('-' + pg_version | string,'') }}.service.d state=directory
  tags: pg

- name: Increase postgresql start/stop timeout
  copy:
    content: |
      [Service]
      TimeoutSec=300
      StartLimitInterval=0
      RestartSec=1
    dest: /etc/systemd/system/postgresql{{ (pg_version != 'default') | ternary('-' + pg_version | string,'') }}.service.d/timeout.conf
  register: pg_unit
  notify: restart postgresql
  tags: pg

- name: Reload systemd
  command: systemctl daemon-reload
  when: pg_unit.changed
  tags: pg

  # TODO: we should instead iterate over every postgresql* services and disable everyone of them
  # except for pg_version
- name: Disable default postgresql version
  service: name=postgresql state=stopped enabled=False
  when: pg_version != 'default'
  failed_when: False
  tags: pg

- name: Start and enable the service
  service: name=postgresql{{ (pg_version != 'default') | ternary('-' + pg_version | string,'') }} state=started enabled=True
  tags: pg

- name: Create postgresql admin role
  postgresql_user:
    name: "sqladmin"
    password: "{{ pg_admin_pass }}"
    role_attr_flags: SUPERUSER,CREATEROLE,CREATEDB
  become_user: postgres
  tags: pg

- name: Create roles
  postgresql_user:
    name: "{{ item.name }}"
    password: "{{ item.pass }}"
    role_attr_flags: "{{ item.flags | default([]) | join(',') }}"
  become_user: postgres
  with_items: "{{ pg_roles }}"
  tags: pg

- name: Create databases
  postgresql_db:
    name: "{{ item.name }}"
    encoding: "{{ item.encoding | default('UTF-8') }}"
    lc_collate: C
    lc_ctype: C
    template: template0
    owner: "{{ item.owner | default(omit) }}"
  become_user: postgres
  with_items: "{{ pg_databases }}"
  tags: pg

- name: Apply privileges
  postgresql_privs: "{{ item }}"
  become_user: postgres
  loop: "{{ pg_privs }}"
  tags: pg

- name: Remove databases
  postgresql_db:
    name: "{{ item }}"
    state: absent
  become_user: postgres
  with_items: "{{ pg_databases_to_remove }}"
  tags: pg

- name: Remove roles
  postgresql_user:
    name: "{{ item }}"
    state: absent
  become_user: postgres
  with_items: "{{ pg_roles_to_remove }}"
  tags: pg