from pyinfra import host
from pyinfra.operations import server, files, systemd, apt

SUDO = True

apt.packages(
    name='Install packages',
    packages=['certbot', 'haproxy', 'nginx'],
    update=False,
)

files.put(
    name='Upload Nginx default vhost',
    src='files/nginx.default',
    dest='/etc/nginx/sites-available/default',
    user='root',
    group='root',
    mode='644',
)

systemd.service(
    name='Restart and enable nginx service',
    service='nginx.service',
    running=True,
    restarted=True,
    enabled=True,
)

files.put(
    name='Upload HAProxy config',
    src='files/haproxy.cfg',
    dest='/etc/haproxy/haproxy.cfg',
    user='root',
    group='root',
    mode='644',
)

files.directory(
    name='Ensure /etc/ssl/haproxy exists',
    path='/etc/ssl/haproxy',
    user='root',
    group='root',
    mode=700
)

if not host.fact.file('/etc/haproxy/dhparam'):
    server.shell(
        name='Generate dhparam',
        commands=['openssl dhparam 2048 > /etc/haproxy/dhparam']
    )

systemd.service(
    name='Restart and enable HAProxy service',
    service='haproxy.service',
    running=True,
    restarted=True,
    enabled=True,
)

if not host.fact.directory('/etc/letsencrypt/live/mo-f.fr'):
    server.shell(
        name='Add certificate mo-f.fr',
        commands=['certbot certonly --non-interactive --email certbot@benpro.fr --agree-tos --webroot --webroot-path /var/www/html/ -d mo-f.fr -d download.mo-f.fr -d ipv4.mo-f.fr -d oppai.mo-f.fr -d static-uploads.mo-f.fr -d www.mo-f.fr'],
    )

if not host.fact.directory('/etc/letsencrypt/live/play.benpro.fr'):
    server.shell(
        name='Add certificate play.benpro.fr',
        commands=['certbot certonly --non-interactive --email certbot@benpro.fr --agree-tos --webroot --webroot-path /var/www/html/ -d play.benpro.fr'],
    )

if not host.fact.directory('/etc/letsencrypt/live/mo-f.fr'):
    server.shell(
        name='Add certificate mo-f.fr to HAProxy',
        commands=['cat /etc/letsencrypt/live/mo-f.fr/fullchain.pem /etc/letsencrypt/live/mo-f.fr/privkey.pem > /etc/ssl/haproxy/mo-f.fr.pem']
    )

if not host.fact.directory('/etc/letsencrypt/live/play.benpro.fr'):
    server.shell(
        name='Add certificate play.benpro.fr to HAProxy',
        commands=['cat /etc/letsencrypt/live/play.benpro.fr/fullchain.pem /etc/letsencrypt/live/play.benpro.fr/privkey.pem > /etc/ssl/haproxy/play.benpro.fr.pem']
    )

systemd.service(
    name='Reload HAProxy service',
    service='haproxy.service',
    reloaded=True,
)