---
- name: 'Check app requirements for {{ app_name }}.'
  fail:
    msg: You must set app name.
  when: not app_name

- name: 'Create group "{{ app_group }}" for {{ app_name }}.'
  group:
    name: '{{ app_group }}'
    state: present

- name: 'Create user "{{ app_user }}" for {{ app_name }}.'
  user:
    name: '{{ app_user }}'
    comment: '{{ app_name }} application owner'
    group: '{{ app_group }}'
    shell: /bin/bash

- name: 'Set up user ssh keys for {{ app_name }}.'
  authorized_key:
    user: '{{ app_user }}'
    key: '{{ item }}'
    state: present
  with_items: '{{ app_user_ssh_keys }}'

- name: 'Set up system environment variables for {{ app_name }}.'
  lineinfile:
    dest: /etc/environment
    regexp: '^{{ item.key }}='
    line: '{{ item.key }}="{{ item.value }}"'
  with_dict: '{{ app_envs }}'

- name: 'Create ssl certificate for {{ app_name }}.'
  include_role:
    name: ssl-certificate
    private: yes
  vars:
    cert_type: '{{ app_cert_type }}'
    cert_name: '{{ app_name }}'
    cert_email: '{{ app_cert_email }}'
    cert_domains: '{{ app_domains }}'
  when: app_cert

- name: 'Create web directory for {{ app_name }}.'
  file:
    state: directory
    path: '{{ app_directory }}'
    owner: '{{ app_user }}'
    group: '{{ app_group }}'
    recurse: yes
  notify: restart nginx

- name: 'Create nginx config for {{ app_name }}.'
  template:
    src: app.conf.j2
    dest: '/etc/nginx/sites-enabled/{{ app_name }}.conf'
  notify: restart nginx

- name: 'Creates php-fpm pool config for {{ app_name }}.'
  template:
    src: fpm-pool.conf.j2
    dest: '/etc/php/{{ app_php_version }}/fpm/pool.d/{{ app_name }}.conf'
  notify: restart php-fpm