---
- name: Create application folder
  file:
    name: "/opt/status/src"
    state: directory
    owner: "{{ ansible_user }}"
- name: Retrieve application source files
  git:
    clone: yes
    force: yes
    dest: "/tmp/status"
    repo: "http://github.com/RedHatTraining/provisioner-api.git"
- name: Copy application files
  copy:
    dest: "/opt/status/src/{{ item }}"
    src: "/tmp/status/{{ item }}"
    owner: "{{ ansible_user }}"
    mode: 0644
    remote_src: true
  with_items:
    - requirements.txt
    - server.py
    - wsgi.py
- name: Install pip
  package:
    name: python36-pip
- name: Upgrade pip
  pip:
    name: pip
    state: latest
    executable: /usr/bin/pip3
- name: Install python virtualenv
  pip:
    name: virtualenv
    state: latest
    executable: /usr/bin/pip3
- name: Allow nginx to access non-standard port
  shell: |
    semanage port -a -t http_port_t -p tcp 30904
    semanage port -m -t http_port_t -p tcp 30904
- name: Stouts.wsgi virtual environment fix
  file:
    src: /usr/local/bin/virtualenv
    dest: /usr/bin/virtualenv
    owner: root
    group: root
    state: link
- name: Install python application as a service
  include_role:
    name: Stouts.wsgi
  vars:
    python_enabled: false
    wsgi_group: nginx
    wsgi_nginx_servernames: "{{ bastion_dns_name }}"
    wsgi_nginx_port: 30904
    wsgi_virtualenv_python: python3
    wsgi_applications:
    - name: status
      server: gunicorn
      module: wsgi
      pip_requirements: requirements.txt

- name: Create runtime folders
  file:
    name: "{{item}}"
    state: directory
    owner: "{{ansible_user}}"
    group: nginx
  with_items:
    - /opt/status/run
    - /opt/status/log
- name: Fix selinux context for nginx access
  shell: |
    semanage fcontext -a -t httpd_sys_rw_content_t "{{item}}(/.*)?"
    restorecon -R -v "{{item}}"
  with_items:
    - /opt/status/run
    - /opt/status/log
- name: Activate application service
  service:
    name: status-wsgi
    state: restarted
    enabled: yes