churn/ansible/deploy-butter-portal.yml

---
- name: Deploy butter portal
  hosts: all
  become: true

  tasks:
    - name: "Ensure /tmp/butter-portal is absent"
      ansible.builtin.file:
        path: "/home/{{ butter_user }}/butter-portal"
        state: absent

    - name: "Clone the portal repo"
      ansible.builtin.git:
        repo: "https://guardianproject.dev/butter/butter-portal"
        dest: "/home/{{ butter_user }}/butter-portal"
        version: main

    - name: Install requirements
      ansible.builtin.pip:
        requirements: "/home/{{ butter_user }}/butter-portal/requirements.txt"
        virtualenv: "/home/{{ butter_user }}/portal_env"
        virtualenv_python: python3

    - name: Seed database
      ansible.builtin.shell: |
        echo "Starting db initialisation!"
        source /home/{{ butter_user }}/portal_env/bin/activate
        flask db init
        flask db migrate
        flask db upgrade
        flask seed-settings
      args:
        chdir: "/home/{{ butter_user }}/butter-portal"
        executable: /bin/bash
        creates: "/home/{{ butter_user }}/butter-portal/app.db"
      register: database_init

    - name: Template portal systemd service file
      ansible.builtin.template:
        src: templates/butterbox-portal.service.j2
        dest: /lib/systemd/system/butterbox-portal.service
        owner: root
        group: root
        mode: '0644'

    - name: Template nginx config
      ansible.builtin.template:
        src: templates/nginx-config.j2
        dest: /etc/nginx/sites-available/default
        owner: root
        group: root
        mode: '0644'

    - name: Enable portal by symlink
      ansible.builtin.file:
        src: /lib/systemd/system/butterbox-portal.service
        dest: /etc/systemd/system/multi-user.target.wants/butterbox-portal.service
        state: link

    - name: Ensure butter_user owns portal directory
      ansible.builtin.file:
        path: "/home/{{ butter_user }}/butter-portal"
        state: directory
        recurse: true
        owner: "{{ butter_user }}"
        group: "{{ butter_user }}"
#    - name: Template portal reverse proxy config for Lighttpd
#      ansible.builtin.get_url:
#        src: templates/50-butter-portal-reverse-proxy.conf
#        dest: /etc/lighttpd/conf-available/50-butter-portal-reverse-proxy.conf
#        owner: root
#        group: root
#        mode: '0644'
#
#    - name: Ensure old symlink is removed if it exists
#      ansible.builtin.file:
#        path: /etc/lighttpd/conf-enabled/50-butter-portal-reverse-proxy.conf
#        state: absent
#        force: true
#
#    - name: Enable reverse proxy config for portal in Lighttpd
#      ansible.builtin.file:
#        src: /etc/lighttpd/conf-available/50-butter-portal-reverse-proxy.conf
#        dest: /etc/lighttpd/conf-enabled/50-butter-portal-reverse-proxy.conf
#        state: link
#        force: true
#
    # - debug: var=database_init.stdout_lines