---

- name: "Backup storage server | create system user"
  become: yes
  ansible.builtin.user:
    name: '{{ system_user }}'
    comment: "user for backup"
    shell: /bin/bash
  register: create_user

- name: "Create .ssh dir and backups dir"
  become: yes
  file:
    path: '/home/{{ system_user }}/{{ item.name }}/'
    mode: '{{ item.mode }}'
    owner: '{{ system_user }}'
    group: '{{ system_user }}'
    state: directory
  loop:
    - name: '.ssh'
      mode: '0700'
    - name: 'backups'
      mode: '0775'

- name: "Create/Resize LVM for datadir"
  include_role:
    name: lvm_with_hetzner_volumes
  vars:
    lvm_with_hetzner_volumes__volprefix: backup_datadir
    lvm_with_hetzner_volumes__volsize: "{{ backup_lvm_hcloudvol_size }}"
    lvm_with_hetzner_volumes__volcount: "{{ backup_lvm_hcloudvol_count }}"
    lvm_with_hetzner_volumes__mountpath: "{{ backup_lvm_hcloudvol_mountpath }}"

- name: Recursively change ownership of backups directory
  ansible.builtin.file:
    path: /home/{{ system_user }}/backups
    state: directory
    recurse: yes
    owner: '{{ system_user }}'
    group: '{{ system_user }}'

- name: Download minio client
  become: yes
  ansible.builtin.get_url:
    url: https://dl.min.io/client/mc/release/linux-amd64/mc
    dest: /usr/bin/mc
    mode: '0755'

# - name: "Providing SSH priv.key"
#   no_log: true
#   become: yes
#   copy:
#     dest: '/home/{{ system_user }}/.ssh/id_rsa'
#     mode: '0400'
#     owner: '{{ system_user }}'
#     group: '{{ system_user }}'
#     content: '{{ backup_user_ssh_privkey_vault }}'

- name: "Providing mc client script"
  become: yes
  copy:
    src: '{{ item }}'
    dest: '/home/{{ system_user }}/{{ item }}'
    mode: '0755'
    owner: '{{ system_user }}'
    group: '{{ system_user }}'
  with_items:
    - pull_from_minio_server.sh
    - keycloak_pull_from_minio_server.sh

- name: Create Cron Job for pull_from_minio_server.sh script
  ansible.builtin.cron:
    name: "pull minio backups for {{ item.stage }}"
    hour: "{{ item.hour }}"
    minute: "{{ item.minute }}"
    user: '{{ system_user }}'
    job: "/home/{{ system_user }}/pull_from_minio_server.sh {{ item.url }} {{ item.stage }} {{ item.minio_accesskey }} {{ item.minio_secretkey }}"
  loop: "{{ minio_stage_dicts }}"

- name: Create Cron Job for keycloak_pull_from_minio_server.sh script
  ansible.builtin.cron:
    name: "pull minio backups for keycloak"
    hour: "2"
    minute: "30"
    user: '{{ system_user }}'
    job: "/home/{{ system_user }}/keycloak_pull_from_minio_server.sh {{ minio_keycloak_url }} {{ minio_keycloak_accesskey }} {{ minio_keycloak_secretkey }}"

- name: Touch metrics_nsodev.prom if not exists
  file:
    path: "/home/{{ system_user }}/metrics_{{ item.stage }}.prom"
    state: touch
    mode: '0744'
    owner: '{{ system_user }}'
    group: '{{ system_user }}'
  loop: "{{ minio_stage_dicts }}"


- name: Create symbolic link for node_exporter text nsodev metrics
  file:
    src: "/home/{{ system_user }}/metrics_{{ item.stage }}.prom"
    dest: "/var/lib/prometheus/node-exporter/metrics_{{ item.stage }}.prom"
    state: link
  loop: "{{ minio_stage_dicts }}"

- name: Touch metrics_keycloak.prom if not exists
  file:
    path: "/home/{{ system_user }}/metrics_keycloak.prom"
    state: touch
    mode: '0744'
    owner: '{{ system_user }}'
    group: '{{ system_user }}'


- name: Create symbolic link for node_exporter text nsodev metrics
  file:
    src: "/home/{{ system_user }}/metrics_keycloak.prom"
    dest: "/var/lib/prometheus/node-exporter/metrics_keycloak.prom"
    state: link