#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Set up webroot for {{ gitweb_repo }}
  block:
    - name: Set up Apache
      block:
        - name: Create webroot
          file:
            path: "{{ gitweb_webroot }}"
            mode: "0755"
            state: directory
        - name: Clone repo
          git:
            repo: "{{ gitweb_repo }}"
            dest: "{{ gitweb_webroot }}"
    - name: Register certificates
      block:
        - name: Configure insecure virtual host configs
          template:
            src: apache2-vhost.conf
            dest: "/etc/apache2/sites-enabled/{{ gitweb_url }}.conf"
        - name: Generate certificate
          include_role:
            name: https
          vars:
            website_url: "{{ gitweb_url }}"
            website_webroot: "{{ gitweb_webroot }}"
    - name: Secure Apache
      block:
        # If we copied over http-only configs before, they get oblooterated now
        - name: Copy over virtual host configs
          template:
            src: apache2-vhost-ssl.conf
            dest: "/etc/apache2/sites-enabled/{{ gitweb_url }}.conf"
        - name: Reload Apache
          service:
            name: apache2
            state: reloaded
            enabled: true
  become: yes