---

- name: "Install restic"
  ansible.builtin.apt:
    name: 
      - restic
    state: latest
    update_cache: true
  become: true
  when: ansible_os_family == 'Debian'

- name: "Ensure /opt/scripts/ exists"
  ansible.builtin.file:
    path: /opt/scripts
    state: directory
    mode: '0755'
  when: "ansible_os_family == 'Debian'"
    
- name: "Ensure /opt/db_dumps/ exists"
  ansible.builtin.file:
    path: /opt/db_dumps/
    state: directory
    owner: postgres
    group: postgres
    mode: '0774'
  ignore_errors: true #to do: auf mautrix-signal kein User "postgres" weil in Docker, muss gelöst werden
  when: "ansible_os_family == 'Debian' and 'desktops' not in group_names and 'mautrix-signal' not in inventory_hostname"

- name: "Copy restic backup scripts"
  ansible.builtin.copy:
    src: "restic-backup-scripts/"
    dest: /opt/scripts/restic/.
    owner: root
    group: root
    mode:  u+rwx
    force: true
  when: "ansible_os_family == 'Debian'"
    
- name: "Template restic backup script restic-backup_{{ inventory_hostname }}.sh"
  ansible.builtin.template:
    src: ../templates/restic-backup_{{ inventory_hostname }}.sh.j2
    dest: /opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh
    owner: root
    group: root
    mode: 'u+rwx'
    force: true
  when: "ansible_os_family == 'Debian' and 'desktops' not in group_names"
  
#- name: "Template restic backup script ENTWURF"
#  ansible.builtin.template:
#    src: ../templates/restic-backup_ENTWURF.sh.j2
#    dest: /opt/scripts/restic/restic-backup_ENTWURF.sh
#    owner: root
#    group: root
#    mode: 'u+rwx'
  
- name: "Template restic backup script restic-backup_desktops.sh"
  ansible.builtin.template:
    src: ../templates/restic-backup_desktops.sh.j2
    dest: /opt/scripts/restic/restic-backup_desktops.sh
    owner: root
    group: root
    mode: 'u+rwx'
    force: true
  when: "ansible_os_family == 'Debian' and 'desktops' in group_names"
  
- name: "Template restic prune script restic-prune.sh"
  ansible.builtin.template:
    src: ../templates/restic-prune.sh.j2
    dest: /opt/scripts/restic/restic-prune.sh
    owner: root
    group: root
    mode: 'u+rwx'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Template environment variable file restic.env"
  ansible.builtin.template:
    src: ../templates/restic.env.j2
    dest: /opt/scripts/restic/restic.env
    owner: root
    group: root
    mode: '0644'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Template restic password file restic-password-repo"
  ansible.builtin.template:
    src: ../templates/restic-password-repo.j2
    dest: /opt/scripts/restic/restic-password-repo
    owner: root
    group: root
    mode:  '0440'
    force: true
  when: "ansible_os_family == 'Debian'"

- name: "Cronjob for Backups"
  ansible.builtin.cron:
    name: "Restic Backup"
    minute: "0"
    hour: "3"
    job: "/opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh"
  when: "ansible_os_family == 'Debian' and 'desktops' not in group_names"

- name: "Cronjob for Backups"
  ansible.builtin.cron:
    name: "Restic Backup"
    minute: "0"
    hour: "3"
    job: "/opt/scripts/restic/restic-backup_desktops.sh"
  when: "ansible_os_family == 'Debian' and 'desktops' in group_names"