---
- hosts: yggdrasil

  vars_files:
    - secrets.yml

  tasks:

    # ----------------------------------------------------------------------------------------------
    # NTP.
    # ----------------------------------------------------------------------------------------------

    - name: Install systemd-timesyncd
      apt:
        name: systemd-timesyncd

    - name: Enable/start NTP
      service:
        name: systemd-timesyncd
        enabled: yes
        state: started

    # ----------------------------------------------------------------------------------------------
    # E-mail configuration.
    # ----------------------------------------------------------------------------------------------

    - name: Configure mailname
      template:
        src: ./root/etc/mailname.j2
        dest: /etc/mailname
        mode: 0644
      register: mail_mailname

    - name: Configure aliases
      template:
        src: ./root/etc/aliases.j2
        dest: /etc/aliases
        mode: 0644
      register: mail_aliases

    - name: Update aliases
      command: newaliases
      when: mail_aliases is changed

    - name: Configure mailutils
      template:
        src: ./root/etc/mailutils.conf.j2
        dest: /etc/mailutils.conf
        mode: 0644

    - name: Install postfix
      apt:
        name:
          - postfix
          - ca-certificates
          - libsasl2-modules
      register: mail_postfix_install

    - name: Configure postfix
      template:
        src: ./root/etc/postfix/main.cf.j2
        dest: /etc/postfix/main.cf
        mode: 0644
      register: mail_postfix_cfg

    - name: Configure credentials
      template:
        src: ./root/etc/postfix/sasl_passwd.j2
        dest: /etc/postfix/sasl_passwd
        mode: 0600
      register: mail_postfix_credentials

    - name: Create hash database
      command: postmap /etc/postfix/sasl_passwd
      when:
        mail_postfix_credentials is changed

    - name: Set hash database permissions
      file:
        path: /etc/postfix/sasl_passwd.db
        mode: 0600

    - name: Enable/restart postfix
      service:
        name: postfix
        enabled: yes
        state: restarted
      when:
        mail_mailname is changed or
        mail_aliases is changed or
        mail_postfix_install is changed or
        mail_postfix_cfg is changed or
        mail_postfix_credentials is changed

    # ----------------------------------------------------------------------------------------------
    # SystemD mails.
    # ----------------------------------------------------------------------------------------------

    - name: SystemD mail script
      template:
        src: ./root/usr/local/bin/systemd-mail.j2
        dest: /usr/local/bin/systemd-mail
        mode: 0755

    - name: SystemD mail service
      copy:
        src: ./root/etc/systemd/system/status-mail@.service
        dest: /etc/systemd/system/status-mail@.service
        mode: 0644
      register: systemd_status_mail_service_file

    - name: SystemD daemon reload
      systemd:
        daemon_reload: true
      when:
        systemd_status_mail_service_file is changed

    # ----------------------------------------------------------------------------------------------
    # ZFS scrubbing.
    # ----------------------------------------------------------------------------------------------

    - name: Zpool status mail script
      template:
        src: ./root/usr/local/bin/zpool-status-mail.j2
        dest: /usr/local/bin/zpool-status-mail
        mode: 0755

    - name: Zfs scrub service file
      copy:
        src: ./root/etc/systemd/system/zfs-scrub@.service
        dest: /etc/systemd/system/zfs-scrub@.service
        mode: 0644
      register: systemd_zfs_scrub_service_file

    - name: Zfs scrub timer file
      copy:
        src: ./root/etc/systemd/system/zfs-scrub-monthly@.timer
        dest: /etc/systemd/system/zfs-scrub-monthly@.timer
        mode: 0644
      register: systemd_zfs_scrub_monthly_timer_file

    - name: SystemD daemon reload
      systemd:
        daemon_reload: true
      when:
        systemd_zfs_scrub_service_file is changed or
        systemd_zfs_scrub_monthly_timer_file is changed

    - name: Enable zfs scrub of bpool
      service:
        name: zfs-scrub-monthly@bpool.timer
        enabled: yes
        state: started

    - name: Enable zfs scrub of rpool
      service:
        name: zfs-scrub-monthly@rpool.timer
        enabled: yes
        state: started

    # ----------------------------------------------------------------------------------------------
    # Filesystem TRIM.
    # ----------------------------------------------------------------------------------------------

    - name: Enable fstrim
      service:
        name: fstrim.timer
        enabled: yes
        state: started

    - name: Zfs trim service file
      copy:
        src: ./root/etc/systemd/system/zfs-trim@.service
        dest: /etc/systemd/system/zfs-trim@.service
        mode: 0644
      register: systemd_zfs_trim_service_file

    - name: Zfs trim timer file
      copy:
        src: ./root/etc/systemd/system/zfs-trim-monthly@.timer
        dest: /etc/systemd/system/zfs-trim-monthly@.timer
        mode: 0644
      register: systemd_zfs_trim_monthly_timer_file

    - name: SystemD daemon reload
      systemd:
        daemon_reload: true
      when:
        systemd_zfs_trim_service_file is changed or
        systemd_zfs_trim_monthly_timer_file is changed

    - name: Enable zfs trim of bpool
      service:
        name: zfs-trim-monthly@bpool.timer
        enabled: yes
        state: started

    - name: Enable zfs trim of rpool
      service:
        name: zfs-trim-monthly@rpool.timer
        enabled: yes
        state: started