- name: Install Apache's required packages (debian)
  package:
    #name: [u'apache2', u'php{{ php_version }}', u'php{{ php_version }}-curl']    # FAILS ('u' for Unicode strings)
    #name: ['apache2', 'php{{ php_version }}', 'php{{ php_version }}-curl']       # WORKS?
    name:
      - apache2
      - "php{{ php_version }}"
      - "php{{ php_version }}-curl"
    state: present
  when: is_debian
  tags:
    - download

- name: Debian changed SQLite name (debian-8)
  package:
    name: "php{{ php_version }}-sqlite"
  when: is_debian and ansible_distribution_major_version == "8"

- name: Debian changed SQLite3 name (debian-9)
  package:
    name: "php{{ php_version }}-sqlite3"
  when: is_debian and ansible_distribution_major_version == "9"

- name: Install Apache's required packages (ubuntu)
  package:
    #name: [u'apache2', u'php']    # FAILS ('u' for Unicode strings)
    #name: ['apache2', 'php']      # WORKS
    name:
      - apache2
      - php
    state: present
  when: is_ubuntu
  tags:
    - download

- name: SQLite3 no longer included in another package (ubuntu-18)
  package:
    name: php{{ php_version }}-sqlite3
  when: is_ubuntu_18

- name: Install Apache's required packages (redhat)
  package:
    #name: [u'httpd', u'php', u'php-curl', u'mod_authnz_external']    # FAILS ('u' for Unicode strings)
    #name: ['httpd', 'php', 'php-curl', 'mod_authnz_external']        # WORKS
    name:
      - httpd
      - php
      - php-curl
      - mod_authnz_external
    state: present
  when: is_redhat
  tags:
    - download

# MOVED DOWN ~58 LINES
#- name: Remove the default apache2 config file (debuntu)
#  file:
#    path: /etc/apache2/sites-enabled/000-default.conf
#    state: absent
#  when: is_debuntu

- name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates
  template:
    backup: yes
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: root
    group: root
    mode: 0644
  with_items:
    - { src: '010-iiab.conf.j2', dest: '/etc/{{ apache_config_dir }}/010-iiab.conf' }
    - { src: 'proxy_ajp.conf.j2', dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf' }
    #- { src: 'php.ini.j2', dest: '/etc/php.ini', mode: '0644' }    # @jvonau suggests removing this in https://github.com/iiab/iiab/issues/1147

# For schools that use WordPress and/or Moodle intensively. See iiab/iiab #1147
# WARNING: Enabling this (might) cause excess use of RAM or other resources?
- name: Enact high limits in /etc/php/{{ php_version }}/{{ apache_service }}/php.ini if using WordPress and/or Moodle intensively
  lineinfile:
    path: "/etc/php/{{ php_version }}/{{ apache_service }}/php.ini"
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
  when: apache_high_php_limits
  with_items:
    - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 64M    ; default is 2M' }
    - { regexp: '^post_max_size', line: 'post_max_size = 128M    ; default is 8M' }
    - { regexp: '^memory_limit', line: 'memory_limit = 256M    ; default is 128M' }
    - { regexp: '^max_execution_time', line: 'max_execution_time = 300    ; default is 30' }
    - { regexp: '^max_input_time', line: 'max_input_time = 300    ; default is 60' }

# remove symlinks for mpm-event, replace with mpm-prefork
- name: Remove mpm event symlinks (debuntu)
  file:
    path: "/etc/apache2/mods-enabled/{{ item }}"
    state: absent
  with_items:
    - mpm_event.conf
    - mpm_event.load
  when: is_debuntu

- name: Create symlinks for mpm-prefork (debuntu)
  file:
    src: "/etc/apache2/mods-available/{{ item }}"
    path: "/etc/apache2/mods-enabled/{{ item }}"
    state: link
  with_items:
    - mpm_prefork.conf
    - mpm_prefork.load
  when: is_debuntu

- name: Turn on mod_proxy (debuntu)
  command: a2enmod {{ item }}
  with_items:
    - proxy
    - proxy_html
    - headers
    - rewrite
  when: is_debuntu

- name: Create 010-iiab.conf symlink enabling our site (debuntu)
  file:
    src: "/etc/{{ apache_config_dir }}/010-iiab.conf"
    path: /etc/apache2/sites-enabled/010-iiab.conf
    state: link
  when: is_debuntu

- name: Remove apache2 default config files (debuntu)
  file:
    path: "{{ item }}"
    state: absent
  with_items:
    - /etc/apache2/000-default.conf    # Not nec on Raspbian.  Is this really still needed elsewhere?
    - /etc/apache2/sites-enabled/000-default.conf
  when: is_debuntu

- name: Create Apache's pid dir /var/run/{{ apache_user }}
  file:
    path: "/var/run/{{ apache_user }}"
    mode: 0755
    owner: root
    group: root
    state: directory

- name: Create admin group
  group:
    name: admin
    state: present

- name: Add user {{ apache_user }} (from variable apache_user) to admin group
  user:
    name: "{{ apache_user }}"
    groups: admin
    state: present
    createhome: no

- name: Create Apache's log dir /var/log/{{ apache_service }}
  file:
    path: "/var/log/{{ apache_service }}"
    mode: 0755
    owner: "{{ apache_user }}"
    group: "{{ apache_user }}"
    state: directory

- name: Enable systemd service {{ apache_service }}
  service:
    name: "{{ apache_service }}"
    enabled: yes

- name: Create /library/www/html/info directory for http://box/info offline docs
  file:
    path: "{{ doc_root }}/info"
    mode: 0755
    owner: "{{ apache_user }}"
    group: "{{ apache_user }}"
    state: directory

# roles/httpd/templates/iiab-info.conf.j2.deprecated is no longer needed, as
# Apache serves http://box/info directly from above /library/www/html/info
# directly (as generated by /usr/bin/iiab-refresh-wiki-docs)
#
#- name: Remove iiab-info.conf
#  file:
#    path: "/etc/{{ apache_config_dir }}/iiab-info.conf"
#    state: absent
#
#- name: Remove iiab-info.conf symlink (debuntu)
#  file:
#    path: /etc/apache2/sites-enabled/iiab-info.conf
#    state: absent
#  when: is_debuntu

# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways)
- name: Copy osm.conf for http://box/maps (all OS's)
  copy:
    src: osm.conf
    dest: "/etc/{{ apache_config_dir }}"
    owner: root
    group: root
    mode: 0644
    backup: yes

- name: Create osm.conf symlink from sites-enabled to sites-available (debuntu)
  file:
    src: "/etc/{{ apache_config_dir }}/osm.conf"
    path: /etc/apache2/sites-enabled/osm.conf
    #path: "/etc/{{ apache_service }}/sites-enabled/osm.conf"
    state: link
  when: is_debuntu

- include_tasks: html.yml
  tags:
    - base

# Fixes search @ http://box/modules/es-wikihow - see https://github.com/iiab/iiab/issues/829
- include_tasks: php-stem.yml
  tags:
    - base

- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation (will be run at the end of Stage 4 = roles/4-server-options/tasks/main.yml)
  template:
    src: refresh-wiki-docs.sh
    dest: /usr/bin/iiab-refresh-wiki-docs
    mode: 0755

- name: Give {{ apache_user }} (variable apache_user) permission to poweroff
  template:
    src: 020_apache_poweroff.j2
    dest: /etc/sudoers.d/020_apache_poweroff
    mode: 0755
  when: apache_allow_sudo

- name: Remove {{ apache_user }} (variable apache_user) permission to poweroff
  file:
    path: /etc/sudoers.d/020_apache_poweroff
    state: absent
  when: not apache_allow_sudo