- name: Install Squid packages
  package: name={{ item }}
           state=present
  with_items:
    - "{{ proxy }}"
    - cadaver
  tags:
    - download

- name: Bigger hammer for Ubuntu
  command: /etc/init.d/squid stop
  when: is_ubuntu

- name: Stop Squid
  service: name={{ proxy }}
           state=stopped
  when: not installing

- name: Create the Squid user
  user: name={{ proxy_user }}
        createhome=False
        shell=/bin/false

- name: Copy init script and config file
  template: src={{ item.src }}
            dest={{ item.dest }}
            owner={{ item.owner }}
            group={{ item.group }}
            mode={{ item.mode }}
  with_items:
    - src: 'roles/network/templates/squid/squid.sysconfig'
      dest: '/etc/sysconfig/squid'
      owner: 'root'
      group: 'root'
      mode: '0755'
    - src: 'roles/network/templates/squid/sites.whitelist.txt'
      dest: '/etc/{{ proxy }}/sites.whitelist.txt'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/allowregex.rules'
      dest: '/etc/{{ proxy }}/allowregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/denyregex.rules'
      dest: '/etc/{{ proxy }}/denyregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/dstaddress.rules'
      dest: '/etc/{{ proxy }}/dstaddress.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/iiab-httpcache.j2'
      dest: '/usr/bin/iiab-httpcache'
      owner: 'root'
      group: 'root'
      mode: '0755'

- name: Create Squid cache directory
  file: path=/library/cache
        owner={{ proxy_user }}
        group={{ proxy_user }}
        mode=0750
        state=directory

- name: Create Squid log directory
  file: path=/var/log/{{ proxy }}
        owner={{ proxy_user }}
        group={{ proxy_user }}
        mode=0750
        state=directory

- include_tasks: roles/network/tasks/dansguardian.yml
  when: dansguardian_install

- name: Add Squid to service list
  ini_file: dest='{{ service_filelist }}'
            section={{ proxy }}
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: name
      value: squid
    - option: description
      value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'
    - option: enabled
      value: "{{ squid_enabled }}"

- name: Add 'dansguardian' to service list
  ini_file: dest='{{ service_filelist }}'
            section=dansguardian
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: name
      value: dansguardian
    - option: description
      value: '"DansGuardian searches web content for objectionable references and denies access when found."'
    - option: enabled
      value: "{{ dansguardian_enabled }}"