---
- block: # Used for tagging all tasks with "synapse"

    - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
      set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
      tags: always

    ####################
    # Render templates #
    ####################

    - name: "Render templates"
      import_tasks: render.yml
      tags: render

    ##########################
    # Generate configuration #
    ##########################

    - block: # Used for tagging all tasks with "config"
        - name: "Create folder {{ site_data_path }}"
          file: 
            path: "{{ site_data_path }}"
            state: directory
            mode: "770"
            group: "www-data"

        - name: "Copy homeserver.yaml to {{ site_data_path }}"
          copy:
            src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml"
            dest: "{{ site_data_path }}/homeserver.yaml"
            remote_src: yes

        - name: "Let synapse generate missing configuration files"
          docker_container:
            name: synapse_config_generator
            image: "matrixdotorg/synapse:{{ synapse.version }}"
            command: "generate"
            volumes:
              - "{{ site_data_path }}:/data"
            env: 
              SYNAPSE_SERVER_NAME: "{{ site.url }}"
              SYNAPSE_REPORT_STATS: "no"
              UID: "{{ site.user_uid }}"
              GID: "{{ site.user_gid }}"
      tags: config


    ############################
    # PostgreSQL configuration #
    ############################

    - name: "Setup PostgreSQL"
      import_tasks: postgres.yml
      tags: postgres

    ###########################################
    # Allow coturn inbound connections in UFW #
    ###########################################

    - name: "Allow inbound port {{ site.coturn.listening_port }} for coturn in UFW"
      ufw:
        direction: in
        from_ip: any 
        to_port: "{{ site.coturn.listening_port }}"
        proto: any 
        rule: allow
        comment: "coturn TCP/UDP"
      become: true
      tags: firewall

    - name: "Allow inbound ports {{ site.coturn.min_port }}-{{ site.coturn.max_port }}/UDP for coturn un UFW"
      ufw:
        direction: in 
        from_ip: any 
        to_port: "{{ item }}"
        proto: udp 
        rule: allow
        comment: "coturn UDP"
      with_sequence: start="{{ site.coturn.min_port }}" end="{{ site.coturn.max_port }}"
      #loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
      become: true
      tags: firewall


    #################
    # Setup backups #
    #################

    - name: "Setup backups"
      import_tasks: backup.yml
      tags: backup

  tags: synapse # / block