---
- name: Install the messaging packages
  ansible.builtin.package: name={{ item }} state=present
  with_items:
  - fedora-messaging
  tags:
  - fedora-messaging

- name: Create rabitmq directory
  ansible.builtin.file: path=/etc/pki/rabbitmq/ owner=root group=root mode=0755 state=directory
  tags:
  - fedora-messaging

- name: "Create key/cert directory"
  ansible.builtin.file: path=/etc/pki/rabbitmq/{{ item.username }}/
        owner={{ item.username }} group={{ item.username }}
        mode=0700 state=directory
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging

- name: "Copy fedora messaging key"
  ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/pki/private/{{ item.key }}{% if env == 'staging' %}.stg{% endif %}.key
        dest=/etc/pki/rabbitmq/{{ item.username }}/{{ item.key }}.key
        owner={{ item.username }} group=root mode=0600
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging

- name: "Copy fedora messaging certificate"
  ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/pki/issued/{{ item.key }}{% if env == 'staging' %}.stg{% endif %}.crt
        dest=/etc/pki/rabbitmq/{{ item.username }}/{{ item.key }}.crt
        owner={{ item.username }} group=root mode=0644
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging

- name: "Copy fedora messaging ca.crt for readers"
  ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/ca-combined.crt
        dest=/etc/pki/rabbitmq/{{ item.username }}/ca.crt
        owner={{ item.username }} group=root mode=0644
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging

- name: "Install the toml configuration file"
  ansible.builtin.template: src="messaging.toml.j2" dest="/etc/fedora-messaging/{{ item.username }}.toml"
            owner=root group=root mode=644
  vars:
  - msg_username: "{{ item.username }}"
  - msg_appname: "{{ item.app_name }}"
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging

- name: "Make sure the user exists on broker"
  include_role: name=rabbit/user
  vars:
  - user_name: "{{ item.username }}{{ env_suffix }}"
    user_sent_topics: "{{ item.sent_topics }}"
  with_items: "{{ messaging.certificates }}"
  tags:
  - fedora-messaging