- name: ensure app group exists
  group:
    name: webapp.dustinandtabitha
    state: present
- name: ensure app user exists
  user:
    name: webapp.dustinandtabitha
    group: webapp.dustinandtabitha
    home: /srv/www/dustinandtabitha
    createhome: true
    state: present

- name: ensure app home directory permissions are set
  file:
    path: /srv/www/dustinandtabitha
    mode: '0755'
    state: directory

- name: ensure publisher keys are trusted
  authorized_key:
    key: "{{ dustinandtabitha_publisher_keys|join('\n') }}"
    user: webapp.dustinandtabitha
    exclusive: true
- name: ensure authorized_keys file permissions are correct
  file:
    path: /srv/www/dustinandtabitha/.ssh/authorized_keys
    mode: '0600'
    owner: webapp.dustinandtabitha
    group: webapp.dustinandtabitha
    setype: ssh_home_t

- name: ensure apache is configured to serve dustinandtabitha.com
  copy:
    src: dustinandtabitha.httpd.conf
    dest: /etc/httpd/conf.d/dustinandtabitha.conf
    mode: '0644'
  notify: reload httpd

- name: ensure dustinandtabitha.com data directory exists
  file:
    path: /srv/www/dustinandtabitha/data
    mode: ug=rwx,o=
    owner: webapp.dustinandtabitha
    group: apache
    setype: httpd_sys_rw_content_t
    state: directory
  tags:
  - datadir

- name: ensure formsubmit is configured for dustinandtabitha.com
  copy:
    content: '{{ dustinandtabitha_formsubmit|to_nice_yaml(indent=2) }}'
    dest: /etc/formsubmit/weddingrsvp.yml
    mode: u=rw,go=r
  tags:
  - config