- name: "Install 2 packages: {{ proxy }}, cadaver"
  package:
    name:
      - "{{ proxy }}"
      - cadaver
    state: present

- name: "Bigger hammer for Ubuntu, run: /etc/init.d/squid stop"
  command: /etc/init.d/squid stop
  when: is_ubuntu

- name: Stop Squid
  service:
    name: "{{ proxy }}"
    state: stopped
  when: not installing

- name: "Create the Squid user: {{ proxy_user }}"
  user:
    name: "{{ proxy_user }}"
    createhome: False
    shell: /bin/false

- name: "Install from template: /usr/bin/iiab-httpcache, /etc/sysconfig/squid, /etc/{{ proxy }}/sites.whitelist.txt and 3 .rules files"
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ item.owner }}"
    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
    force: no
  with_items:
    - src: 'roles/network/templates/squid/squid.sysconfig'
      dest: '/etc/sysconfig/squid'
      owner: 'root'
      group: 'root'
      mode: '0755'
    - src: 'roles/network/templates/squid/sites.whitelist.txt'
      dest: '/etc/{{ proxy }}/sites.whitelist.txt'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/allowregex.rules'
      dest: '/etc/{{ proxy }}/allowregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/denyregex.rules'
      dest: '/etc/{{ proxy }}/denyregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/dstaddress.rules'
      dest: '/etc/{{ proxy }}/dstaddress.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/iiab-httpcache.j2'
      dest: '/usr/bin/iiab-httpcache'
      owner: 'root'
      group: 'root'
      mode: '0755'

- name: Create Squid directory /library/cache
  file:
    path: /library/cache
    owner: "{{ proxy_user }}"
    group: "{{ proxy_user }}"
    mode: '0750'
    state: directory

- name: Create Squid directory /var/log/{{ proxy }}
  file:
    path: "/var/log/{{ proxy }}"
    owner: "{{ proxy_user }}"
    group: "{{ proxy_user }}"
    mode: '0750'
    state: directory


- include_tasks: roles/network/tasks/dansguardian.yml
  when: dansguardian_install


# RECORD Squid AS INSTALLED

- name: "Set 'squid_installed: True'"
  set_fact:
    squid_installed: True

- name: "Add 'squid_installed: True' to {{ iiab_state_file }}"
  lineinfile:
    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
    regexp: '^squid_installed'
    line: 'squid_installed: True'


# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8
- name: Add '{{ proxy }}' variable values to {{ iiab_ini_file }}
  ini_file:
    dest: "{{ iiab_ini_file }}"
    section: "{{ proxy }}"
    option: "{{ item.option }}"
    value: "{{ item.value | string }}"
  with_items:
    - option: name
      value: Squid
    - option: description
      value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'
    - option: squid_install
      value: "{{ squid_install }}"
    - option: squid_enabled
      value: "{{ squid_enabled }}"

- name: Add 'dansguardian' variable values to {{ iiab_ini_file }}
  ini_file:
    dest: "{{ iiab_ini_file }}"
    section: dansguardian
    option: "{{ item.option }}"
    value: "{{ item.value | string }}"
  with_items:
    - option: name
      value: DansGuardian
    - option: description
      value: '"DansGuardian searches web content for objectionable references and denies access when found."'
    - option: dansguardian_install
      value: "{{ dansguardian_install }}"
    - option: dansguardian_enabled
      value: "{{ dansguardian_enabled }}"