---

- name: install rsync and inotify-tools
  apt:
    name: "{{ item }}"
    update-cache: yes
    cache_valid_time: 3600
    state: latest
  with_items:
    - rsync
    - inotify-tools

- name: attempt to fetch public ssh key
  fetch:
    src: "/var/www/mtinfo3000/.ssh/id_rsa.pub"
    dest: "/tmp/mtinfo3000.pub"
    flat: yes
  changed_when: false

- name: place public ssh key as key for target host
  authorized_key:
    user: mtinfo3000
    state: present
    key: "{{ lookup('file', '/tmp/mtinfo3000.pub') }}"
    exclusive: yes
  delegate_to: "{{ di_rsync_uploads_target }}"

- name: remove fetched files if needed
  local_action:
    module: file
    path: "/tmp/mtinfo3000.pub"
    state: absent
  changed_when: false

- name: open up SSH access from rsync target
  template:
    src: 01-rsync-uploads.rules.j2
    dest: /etc/iptables/rules.d/01-rsync-uploads.rules
  notify:
    - run firewall

- name: template script
  template:
    src: "rsync-uploads.j2"
    dest: "{{ di_rsync_uploads_binary_path }}"
    owner: mtinfo3000
    group: root
    mode: "0750"
  notify:
    - restart rsync_uploads

- name: template systemd unit file
  template:
    src: "rsync-uploads.service.j2"
    dest: "{{ di_rsync_uploads_systemd_unit_path }}"
    owner: root
    group: root
    mode: 0644
  notify:
    - restart rsync_uploads

- name: enable and start rsync_uploads service
  systemd:
    name: "rsync-uploads.service"
    state: started
    enabled: yes