---
- block:
  - name: Create a directory used by the 'creates' rules
    file:
      dest: '{{ nextcloud_data_dir }}/.ht_setup'
      state: directory

  - name: Configure the nextcloud instance
    shell: >
      cd {{ item.doc_root }} && php occ maintenance:install
      --database="{{ nextcloud_db }}"
      --database-host "{{ nextcloud_db_host }}"
      --database-name "{{ nextcloud_db_name }}"
      --database-user "{{ nextcloud_db_user }}"
      --database-pass "{{ nextcloud_db_pwd }}"
      --admin-user "{{ nextcloud_admin_user }}"
      --admin-pass "{{ nextcloud_admin_u_pwd }}"
      --data-dir={{ nextcloud_data_dir }}
    args:
      creates: '{{ item.doc_root }}/config/config.php'
    with_items: '{{ phpfpm_pools }}'

  - name: Set the trusted domains list
    shell: >
      cd {{ item.webroot }} && php occ config:system:set trusted_domains {{ item.id }}
      --value={{ item.name }}
       && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_trusted_domains_{{ item.id }}
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_trusted_domains_{{ item.id }}'
    with_items: '{{ nextcloud_servernames }}'

  - name: Set the trusted proxies
    shell: >
      php occ config:system:set trusted_proxies {{ item.proxy_id }} --value={{ item.proxy_ip }}
    args:
      chdir: '{{ nextcloud_web_root }}'
    with_items: '{{ nextcloud_trusted_proxies }}'

  - name: Overwrite the http protocol
    shell: >
      php occ config:system:set overwriteprotocol --value={{ nextcloud_http_protocol }}
    args:
      chdir: '{{ nextcloud_web_root }}'

  - name: Overwrite the CLI URL
    shell: >
      php occ config:system:set overwrite.cli.url --value={{ nextcloud_cli_url }}
    args:
      chdir: '{{ nextcloud_web_root }}'

  - name: Set the default phone region
    shell: >
      php occ config:system:set default_phone_region --value={{ nextcloud_default_phone_region }}
    args:
      chdir: '{{ nextcloud_web_root }}'

  - name: Setup the email configuration with SMTP
    shell: >
      php occ config:system:set {{ item.name }} --value={{ item.id }}
    args:
      chdir: '{{ nextcloud_web_root }}'
    loop: '{{ nextcloud_mail_smtp_settings }}'
    when:
      - nextcloud_mail_enabled
      - not nextcloud_mail_sendmail_mode

  - name: Setup the email configuration with sendmail mode
    shell: >
      php occ config:system:set mail_sendmailmode --value=sendmail
    args:
      chdir: '{{ nextcloud_web_root }}'
    when:
      - nextcloud_mail_enabled
      - nextcloud_mail_sendmail_mode

  - name: Set the nextcloud log file path
    shell: >
      cd {{ item.doc_root }}
       && php occ log:file --file {{ nextcloud_log_directory }}/nextcloud.log
       && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_logfile
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_logfile'
    with_items: '{{ phpfpm_pools }}'

  - name: Set the audit log file path
    shell: >
      cd {{ item.doc_root }}
      && php occ config:app:set admin_audit logfile --value={{ nextcloud_log_directory }}/audit.log
      && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_auditfile
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_auditfile'
    with_items: '{{ phpfpm_pools }}'

  # - name: Enable the audit log even if the loglevel is <= 1
  #   shell: >
  #     cd {{ item.doc_root }}
  #     && php occ config:system:set log.condition apps --value="admin_audit"
  #     && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_auditlog
  #   args:
  #     creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_auditlog'
  #   with_items: '{{ phpfpm_pools }}'
  #   when: nextcloud_audit_log_enabled

  - name: Set the log level
    shell: >
      cd {{ item.doc_root }}
      && php occ log:manage --level {{ nextcloud_log_level }}
      && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_level
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_level'
    with_items: '{{ phpfpm_pools }}'

  - name: Set the log timezone
    shell: >
      cd {{ item.doc_root }}
      && php occ config:system:set logtimezone --value="{{ nextcloud_log_timezone }}"
      && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_level
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_level'
    with_items: '{{ phpfpm_pools }}'

  - name: Set the log backend
    shell: >
      cd {{ item.doc_root }}
      && php occ log:manage --backend {{ nextcloud_log_backend }}
      && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_backend
    args:
      creates: '{{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_log_backend'
    with_items: '{{ phpfpm_pools }}'

  - name: Setup the cron configuration
    shell: >
      cd {{ item.webroot }}
      && php occ background:cron
      && touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_cron
    args:
      creates: 'touch {{ nextcloud_data_dir }}/.ht_setup/ht_nextcloud_cron'
    with_items: '{{ nextcloud_servernames }}'
    tags: [ 'nextcloud', 'nextcloud_config_cron' ]

  - name: Install the nextcloud cron job
    become_user: root
    cron:
      user: '{{ item.user }}'
      minute: "*/15"
      job: "php -f {{ item.doc_root }}/cron.php"
      name: "NextCloud cron job"
      cron_file: "nextcloud_cron"
      state: present
      disabled: False
    with_items: '{{ phpfpm_pools }}'
    tags: [ 'nextcloud', 'nextcloud_config_cron', 'nextcloud_config' ]

  become: True
  become_user: '{{ nextcloud_user }}'
  tags: [ 'nextcloud', 'nextcloud_config' ]

- block:
  - name: Create the nextcloud encryption keys directory
    become_user: root
    file:
      dest: '{{ nextcloud_oc_dir }}'
      state: directory
      owner: '{{ item.user }}'
      group: '{{ item.user }}'
    with_items: '{{ phpfpm_pools }}'
    when: phpfpm_create_users

  - name: Create the nextcloud encryption keys directory when the user has been created externally
    file:
      dest: '{{ nextcloud_oc_dir }}'
      state: directory
    with_items: '{{ phpfpm_pools }}'
    when: not phpfpm_create_users

  - name: Activate global encryption
    shell: >
      cd {{ item.doc_root }}
      && php occ app:enable encryption
      && php occ encryption:enable
      && php occ encryption:enable-master-key
      && php occ encryption:change-key-storage-root {{ nextcloud_oc_dir }}
      && touch {{ nextcloud_oc_dir }}/.ht_nextcloud_oc
    args:
      creates: '{{ nextcloud_oc_dir }}/.ht_nextcloud_oc'
    loop: '{{ phpfpm_pools }}'

  become: True
  become_user: '{{ nextcloud_user }}'
  when: nextcloud_encryption_enabled
  tags: [ 'nextcloud', 'nextcloud_config', 'nextcloud_config_oc' ]

- name: Redis cache management
  block:
  - name: Enable file locking
    shell: >
      cd {{ nextcloud_web_root }}
      && php occ config:system:set --type boolean filelocking.enabled --value="true"

  - name: Configure the Redis cache
    shell: >
      cd {{ nextcloud_web_root }}
      && php occ config:system:set {{ item.name }} --value="{{ item.value }}"
    loop: '{{ nextcloud_redis_params }}'

    become: True
    become_user: '{{ nextcloud_user }}'
    when: nextcloud_redis_cache_enabled
    tags: [ 'nextcloud', 'nextcloud_config', 'nextcloud_config_cache' ]

- name: APCu cache management
  block:
  - name: Configure the Redis cache
    shell: >
      cd {{ nextcloud_web_root }}
      && php occ config:system:set memcache.distributed --value="\OC\Memcache\APCu"

    become: True
    become_user: '{{ nextcloud_user }}'
    when: nextcloud_apcu_cache_enabled
    tags: [ 'nextcloud', 'nextcloud_config', 'nextcloud_config_cache' ]