# 2022-09-08 @jredrejo's Ansible install scripts may provide guidelines:
# https://github.com/learningequality/pi-gen/blob/master/stage2/04-hostapd/common.yml
# https://github.com/learningequality/pi-gen/blob/master/stage2/04-hostapd/install.yml
# https://github.com/learningequality/pi-gen/blob/master/stage2/04-hostapd/offline.yml
# https://github.com/learningequality/pi-gen/blob/master/stage2/04-hostapd/online.yml

# Install Kolibri » Debian/Ubuntu
# https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html

# Advanced management
# https://kolibri.readthedocs.io/en/latest/manage/advanced.html

# Working with Kolibri from the command line
# https://kolibri.readthedocs.io/en/latest/manage/command_line.html

# Customize Kolibri settings with the [ /library/kolibri/options.ini ] file
# https://kolibri.readthedocs.io/en/latest/manage/options_ini.html

# Test Kolibri server performance
# https://kolibri.readthedocs.io/en/latest/manage/performance.html

# Provisioning many servers
# https://kolibri.readthedocs.io/en/latest/install/provision.html


- name: Record (initial) disk space used
  shell: df -B1 --output=used / | tail -1
  register: df1


- name: Create Linux user {{ kolibri_user }} and add it to groups {{ apache_user }}, disk
  user:
    name: "{{ kolibri_user }}"
    groups: "{{ apache_user }}"    # 2023-03-29: Not really necessary (Kolibri is demonstrated to work without group 'www-data').  But it likely doesn't hurt.
      #- disk    # 2023-03-29: Tested to be unnec with USB sticks (with 64-bit RasPiOS).  FWIW group 'disk' is "Mostly equivalent to root access" according to https://wiki.debian.org/SystemGroups
    state: present
    shell: /bin/false
    system: yes
    create_home: no
    home: "{{ kolibri_home }}"

- name: Create directory {{ kolibri_home }} for Kolibri content, configuration, sqlite3 databases ({{ kolibri_user }}:{{ apache_user }}, by default 0755)
  file:
    state: directory
    path: "{{ kolibri_home }}"     # /library/kolibri
    owner: "{{ kolibri_user }}"    # kolibri
    group: "{{ apache_user }}"     # www-data (on Debian/Ubuntu/Raspbian)

- name: Create directory /etc/kolibri (by default 0755)
  file:
    state: directory
    name: /etc/kolibri

- name: Save kolibri_user ({{ kolibri_user }}) to /etc/kolibri/username
  copy:
    content: "{{ kolibri_user }}"
    dest: /etc/kolibri/username

- name: Save kolibri_home (KOLIBRI_HOME="{{ kolibri_home }}") to /etc/kolibri/daemon.conf
  copy:
    content: 'KOLIBRI_HOME="{{ kolibri_home }}"'
    dest: /etc/kolibri/daemon.conf


# https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html claims:
# "When you use the PPA installation method, upgrades to newer versions
# will be automatic, provided there is internet access available."
#
# IN REALITY: apt upgrading Kolibri is messy, as up-to-5 debconf screens prompt
# PPL WHO DON'T KNOW with the wrong default username, instead of 'kolibri' :/
# https://github.com/learningequality/kolibri-installer-debian/pull/117

# 2022-08-31: keyring /etc/apt/trusted.gpg DEPRECATED as detailed on #3343
- name: Download Kolibri's apt key to /usr/share/keyrings/learningequality-kolibri.gpg
  shell: |
    gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys DC5BAA93F9E4AE4F0411F97C74F88ADB3194DD81
    gpg --yes --output /usr/share/keyrings/learningequality-kolibri.gpg --export DC5BAA93F9E4AE4F0411F97C74F88ADB3194DD81

# 2024-06-25: Strongly consider PPA "kolibri-proposed" in future...
# https://github.com/learningequality/kolibri/issues/11892
# https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html
- name: Add signed Kolibri PPA 'jammy'
  apt_repository:
    repo: "deb [signed-by=/usr/share/keyrings/learningequality-kolibri.gpg] http://ppa.launchpad.net/learningequality/kolibri/ubuntu jammy main"
#   when: is_ubuntu and os_ver is version('ubuntu-2204', '>=') or is_linuxmint_21 or is_debian_12
#   #when: is_ubuntu_2204 or is_ubuntu_2210 or is_debian_12    # MINT 21 COVERED BY is_ubuntu_2204

# - name: Add signed Kolibri PPA 'focal' (if other/older OS's)
#   apt_repository:
#     repo: "deb [signed-by=/usr/share/keyrings/learningequality-kolibri.gpg] http://ppa.launchpad.net/learningequality/kolibri/ubuntu focal main"
#   when: not (is_ubuntu and os_ver is version('ubuntu-2204', '>=') or is_linuxmint_21 or is_debian_12)
#   #when: not (is_ubuntu_2204 or is_ubuntu_2210 or is_debian_12)

# - name: Add Kolibri PPA repo 'ppa:learningequality/kolibri' (if is_ubuntu and not is_linuxmint)
#   apt_repository:
#     repo: ppa:learningequality/kolibri
#   when: is_ubuntu and not is_linuxmint

# 2022-08-19: 'add-apt-repository ppa:learningequality/kolibri' works at CLI on
# Mint 21 (creating /etc/apt/sources.list.d/learningequality-kolibri-jammy.list)
# BUT equivalent Ansible command (STANZA ABOVE) failed with error...
# "Failed to update apt cache: E:The repository 'http://ppa.launchpad.net/learningequality/kolibri/ubuntu vanessa Release' does not have a Release file."
# ...so for now we special case Mint, similar to Debian (BOTH STANZAS BELOW!)

# 2022-08-19: https://github.com/learningequality/kolibri/issues/9647 also asks
# about the warning below, arising no matter if codename is 'focal' or 'jammy'
# with Kolibri 0.15.6 on Mint 21 -- if you run '/usr/bin/kolibri --version':
#
# /usr/lib/python3/dist-packages/pkg_resources/__init__.py:116: PkgResourcesDeprecationWarning: 0.1.43ubuntu1 is an invalid version and will not be supported in a future release
# warnings.warn(

# 2022-08-19: 'apt-key list' & 'apt-key del 3194 DD81' are useful if you also
# want to clear out Kolibri's key from the DEPRECATED /etc/apt/trusted.gpg

# - name: Add Kolibri PPA repo 'ppa:learningequality/kolibri' with codename 'jammy' (if is_linuxmint_21)
#   apt_repository:
#     repo: ppa:learningequality/kolibri
#     codename: jammy    # CONSOLIDATE THIS SPECIAL CASE STANZA WITH UBUNTU ABOVE IN FUTURE?
#   when: is_linuxmint_21

# - name: Add Kolibri PPA repo 'ppa:learningequality/kolibri' with codename 'focal' (if is_debian or is_linuxmint_20)
#   apt_repository:
#     repo: ppa:learningequality/kolibri
#     codename: focal    # UPDATE THIS TO 'jammy' AFTER "RasPiOS Bookworm" (based on Debian 12) IS RELEASED! (ETA Q3 2023)
#   when: is_debian or is_linuxmint_20


# 2024-08-07: Hack no longer needed!  As Kolibri 0.17.0 now installs via "kolibri" PPA (https://launchpad.net/~learningequality/+archive/ubuntu/kolibri).
# Hopefully "kolibri-proposed" PPA will install 0.18 pre-releases soon, on Python 3.13 too!  https://github.com/learningequality/kolibri/issues/11892

# - name: '2024-06-25 TEMPORARY HACK: Hard code kolibri_deb_url to Kolibri 0.17.x (pre-release or final release) if Python >= 3.12 -- kolibri-proposed PPA should do this automatically in future!'
#   set_fact:
#     kolibri_deb_url: https://github.com/learningequality/kolibri/releases/download/v0.17.0/kolibri_0.17.0-0ubuntu1_all.deb
#   when: python_version is version('3.12', '>=')    # For Ubuntu 24.04, Mint 22, pre-releases of Ubuntu 24.10, and Debian 13 (even if/when "Trixie" changes from Python 3.12 to 3.13!)  Regarding PPA kolibri-proposed not quite being ready yet, see: learningequality/kolibri#11316 -> learningequality/kolibri#11892

- name: apt install kolibri (using apt source specified above, if kolibri_deb_url ISN'T defined)
  apt:
    name: kolibri
  when: kolibri_deb_url is undefined
  # environment:
  #   KOLIBRI_HOME: "{{ kolibri_home }}"    # 2023-03-27: These don't do a thing
  #   KOLIBRI_USER: "{{ kolibri_user }}"    # for now.

- name: apt install {{ kolibri_deb_url }} (if kolibri_deb_url IS defined)
  apt:
    deb: "{{ kolibri_deb_url }}"    # e.g. https://learningequality.org/r/kolibri-deb-latest
  when: kolibri_deb_url is defined
  # environment:
  #   KOLIBRI_HOME: "{{ kolibri_home }}"    # 2023-03-27: These don't do a thing
  #   KOLIBRI_USER: "{{ kolibri_user }}"    # for now.


- name: Run 'rm -rf /root/.kolibri' to remove "unavoidable" pollution created above
  file:
    state: absent
    path: /root/.kolibri

- name: 'Install from template: /etc/systemd/system/kolibri.service'
  template:
    src: kolibri.service.j2
    dest: /etc/systemd/system/kolibri.service

- name: Stop 'kolibri' systemd service, for Kolibri provisioning (after daemon_reload)
  systemd:
    daemon_reload: yes
    name: kolibri
    state: stopped


# 2019-10-01: Should no longer be nec, thanks to /etc/kolibri/daemon.conf
#             containing KOLIBRI_HOME="/library/kolibri" (above)
# - name: Run Kolibri migrations to begin populating {{ kolibri_home }}    # i.e. /library/kolibri
#   shell: export KOLIBRI_HOME="{{ kolibri_home }}" && "{{ kolibri_exec_path }}" manage migrate
#   ignore_errors: yes
#   become: yes
#   become_user: "{{ kolibri_user }}"
#   when: kolibri_provision

# 2020-01-05: Deprecated per https://github.com/iiab/iiab/issues/2103
# - name: Set Kolibri default language ({{ kolibri_language }})
#   shell: export KOLIBRI_HOME="{{ kolibri_home }}" && "{{ kolibri_exec_path }}" language setdefault "{{ kolibri_language }}"
#   ignore_errors: yes
#   become: yes
#   become_user: "{{ kolibri_user }}"
#   when: kolibri_provision

# Run "kolibri manage help provisiondevice" to see CLI options, e.g.:
#   --facility_settings FACILITY_SETTINGS
#                         JSON file containing facility settings
#   --device_settings DEVICE_SETTINGS
#                         JSON file containing device settings
- name: 'Provision Kolibri, while setting: facility name, admin acnt / password, preset type, and language'
  shell: >
    "{{ kolibri_exec_path }}" manage provisiondevice --facility "{{ kolibri_facility }}"
    --superusername "{{ kolibri_admin_user }}" --superuserpassword "{{ kolibri_admin_password }}"
    --preset "{{ kolibri_preset }}" --language_id "{{ kolibri_language }}"
    #--preset "{{ kolibri_preset }}" --language_id "{{ kolibri_language }}" --verbosity 0 --noinput
  ignore_errors: yes
  become: yes
  become_user: "{{ kolibri_user }}"
  when: kolibri_provision
  environment:
    KOLIBRI_HOME: "{{ kolibri_home }}"     # 2023-03-27: Required!
    #KOLIBRI_USER: "{{ kolibri_user }}"    # 2023-03-27: Not nec due to /etc/kolibri/username ?


# 2023-03-25: Likely overkill (let's strongly consider removing this stanza?)
# Certainly, setting owner (recursively) is advised when moving /library/kolibri :
# https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html#changing-the-owner-of-kolibri-system-service
# 2023-03-27: Commented out on a provisional basis (Spring Cleaning)
# - name: chown -R {{ kolibri_user }}:{{ apache_user }} {{ kolibri_home }} for good measure?
#   file:
#     path: "{{ kolibri_home }}"     # /library/kolibri
#     owner: "{{ kolibri_user }}"    # kolibri
#     group: "{{ apache_user }}"     # www-data (on Debian/Ubuntu/Raspbian)
#     recurse: yes
#   when: kolibri_provision

# 2019-10-07: Moved to roles/httpd/tasks/main.yml
# 2019-09-29: roles/kiwix/tasks/kiwix_install.yml installs 4 Apache modules
# for similar purposes (not all nec?)  Only 1 (proxy_http) is needed here.
# - name: Enable Apache module proxy_http for http://box{{ kolibri_url }}    # i.e. http://box/kolibri
#   apache2_module:
#     name: proxy_http


# RECORD Kolibri AS INSTALLED

- name: Record (final) disk space used
  shell: df -B1 --output=used / | tail -1
  register: df2

- name: Add 'kolibri_disk_usage = {{ df2.stdout|int - df1.stdout|int }}' to {{ iiab_ini_file }}
  ini_file:
    path: "{{ iiab_ini_file }}"    # /etc/iiab/iiab.ini
    section: kolibri
    option: kolibri_disk_usage
    value: "{{ df2.stdout|int - df1.stdout|int }}"

- name: "Set 'kolibri_installed: True'"
  set_fact:
    kolibri_installed: True

- name: "Add 'kolibri_installed: True' to {{ iiab_state_file }}"
  lineinfile:
    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
    regexp: '^kolibri_installed'
    line: 'kolibri_installed: True'