---

- name: "Install restic"
  ansible.builtin.apt:
    name: 
      - restic
    state: latest
    update_cache: true
  become: true
  when: ansible_os_family == 'Debian'

- name: "Ensure /opt/scripts/ exists"
  ansible.builtin.file:
    path: /opt/scripts
    state: directory
    mode: '0755'
  when: "ansible_os_family == 'Debian'"
    
- name: "Ensure /opt/db_dumps/ exists"
  ansible.builtin.file:
    path: /opt/db_dumps/
    state: directory
    owner: root
    group: root
    mode: '0644'
  when: "ansible_os_family == 'Debian'"

- name: "Copy restic backup scripts"
  ansible.builtin.copy:
    src: "restic-backup-scripts/"
    dest: /opt/scripts/restic/.
    owner: root
    group: root
    mode:  u+rwx
    force: true
  when: "ansible_os_family == 'Debian'"
    
- name: "Template restic backup script restic-backup_{{ inventory_hostname }}.sh"
  ansible.builtin.template:
    src: ../templates/restic-backup_{{ inventory_hostname }}.sh.j2
    dest: /opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh
    owner: root
    group: root
    mode: 'u+rwx'
    force: true
  when: "ansible_os_family == 'Debian'"
  
- name: "Template restic prune script restic-prune.sh"
  ansible.builtin.template:
    src: ../templates/restic-prune.sh.j2
    dest: /opt/scripts/restic/restic-prune.sh
    owner: root
    group: root
    mode: 'u+rwx'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Template environment variable file restic.env"
  ansible.builtin.template:
    src: ../templates/restic.env.j2
    dest: /opt/scripts/restic/restic.env
    owner: root
    group: root
    mode: '0644'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Template restic password file restic-password-repo"
  ansible.builtin.template:
    src: ../templates/restic-password-repo.j2
    dest: /opt/scripts/restic/restic-password-repo
    owner: root
    group: root
    mode:  '0440'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Template systemd units for restic"
  ansible.builtin.template:
    src: "restic.service.j2"
    dest: "/etc/systemd/system/restic@.service"
    owner: root
    group: root
    mode: 'u+rw'
  register: unit
  when: "ansible_os_family == 'Debian'"

- name: "Template systemd timers for restic"
  ansible.builtin.template:
    src: "restic.timer.j2"
    dest: "/etc/systemd/system/restic@.timer"
    owner: root
    group: root
    mode: 'u+rw'
  register: unit
  when: "ansible_os_family == 'Debian'"

- name: "Reload systemd units"
  ansible.builtin.systemd:
    daemon_reload: true
  when: unit.changed

- name: "Enable systemd units for restic"
  ansible.builtin.systemd:
    enabled: true
    name: "{{ item }}"
  with_items:
    - "restic@{{ inventory_hostname }}.service"
    - "restic@{{ inventory_hostname }}.timer"
  when: unit.changed

#- name: "Enable systemd units for restic-wasabi"
#  ansible.builtin.systemd:
#    enabled: true
#    name: "{{ item }}"
#  with_items:
#    - "restic@{{ inventory_hostname }}.service"
#    - "restic@{{ inventory_hostname }}.timer"

#- name: "Cronjob for Backups"
#  ansible.builtin.cron:
#    name: "Restic Backup"
#    minute: "0"
#    hour: "3"
#    job: "/opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh"
#  when: "ansible_os_family == 'Debian' and 'desktops' not in group_names"

#- name: "Cronjob for Backups"
#  ansible.builtin.cron:
#    name: "Restic Backup"
#    minute: "0"
#    hour: "3"
#    job: "/opt/scripts/restic/restic-backup_desktops.sh"
#  when: "ansible_os_family == 'Debian' and 'desktops' in group_names"

- name: "Template restic_db_passwords.env"
  ansible.builtin.template:
    src: "restic_db_passwords.env_{{ inventory_hostname }}.j2"
    dest: /opt/scripts/restic/restic_db_passwords.env
    owner: root
    group: root
    mode:  '0440'
    force: true