---
# file: tasks/main.yaml

- name: Update Repositories Cache
  ansible.builtin.apt:
    update_cache: true
  when:
    - ansible_os_family == 'Debian'
  tags:
    - nomad-inst-package

- name: Dependencies
  ansible.builtin.apt:
    name: "{{ packages | flatten(levels=1) }}"
    state: "present"
    cache_valid_time: 3600
    install_recommends: false
  when:
    - ansible_os_family == 'Debian'
  tags:
    - nomad-inst-dependencies

- name: Add Nomad Group
  ansible.builtin.group:
    name: "{{ nomad_group }}"
    state: "present"
  tags:
    - nomad-conf-user

- name: Add Nomad user
  ansible.builtin.user:
    name: "{{ nomad_user }}"
    group: "{{ nomad_group }}"
    state: "present"
    system: true
  tags:
    - nomad-conf-user

- name: Download Nomad
  ansible.builtin.get_url:
    url: "{{ nomad_zip_url }}"
    dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
    mode: 0644
  tags:
    - nomad-inst-package

- name: Clean Nomad
  ansible.builtin.file:
    path: "{{ nomad_inst_dir }}/nomad"
    state: "absent"
  when:
    - nomad_force_update | bool
  tags:
    - nomad-inst-package

- name: Unarchive Nomad
  ansible.builtin.unarchive:
    src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
    dest: "{{ nomad_inst_dir }}/"
    remote_src: true
  tags:
    - nomad-inst-package

- name: Nomad
  ansible.builtin.copy:
    src: "{{ nomad_inst_dir }}/nomad"
    dest: "{{ nomad_bin_dir }}"
    owner: "{{ nomad_user }}"
    group: "{{ nomad_group }}"
    force: true
    mode: 0755
    remote_src: true
  tags:
    - nomad-inst-package

- name: Create Directories
  ansible.builtin.file:
    dest: "{{ item }}"
    state: "directory"
    owner: "{{ nomad_user }}"
    group: "{{ nomad_group }}"
    mode: 0755
  with_items:
    - "{{ nomad_data_dir }}"
    - "{{ nomad_config_dir }}"
    - "{{ nomad_ssl_dir }}"
  tags:
    - nomad-conf

- name: Base Configuration
  ansible.builtin.template:
    src: "{{ item }}.hcl.j2"
    dest: "{{ nomad_config_dir }}/{{ item }}.hcl"
    owner: "{{ nomad_user }}"
    group: "{{ nomad_group }}"
    mode: 0644
  with_items:
    - "base"
    - "consul"
    - "client"
    - "server"
    - "telemetry"
    - "tls"
    - "vault"
  tags:
    - nomad-conf

- name: Conf - Copy Certificates And Keys
  ansible.builtin.copy:
    content: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ nomad_user }}"
    group: "{{ nomad_group }}"
    mode: 0600
  no_log: true
  loop: "{{ nomad_certificates | flatten(levels=1) }}"
  when:
    - nomad_certificates is defined
  tags:
    - nomad-conf

- name: Nomad CLI Environment Variables
  ansible.builtin.lineinfile:
    path: "/etc/profile.d/nomad.sh"
    line: "{{ item }}"
    mode: 0644
    create: true
  loop:
    - "export NOMAD_ADDR=http://nomad.service.consul:4646"
    - "export NOMAD_CACERT={{ nomad_tls_ca_file }}"
    - "export NOMAD_CLIENT_CERT={{ nomad_tls_cert_file }}"
    - "export NOMAD_CLIENT_KEY={{ nomad_tls_key_file }}"
  tags:
    - nomad-conf-env

- name: System.d Script
  ansible.builtin.template:
    src: "nomad_systemd.service.j2"
    dest: "/lib/systemd/system/nomad.service"
    owner: "root"
    group: "root"
    mode: 0644
  notify:
    - "Restart Nomad"
  when:
    - nomad_service_mgr == "systemd"
  tags:
    - nomad-conf

- name: Meta - Flush handlers
  ansible.builtin.meta: flush_handlers