# SPDX-License-Identifier: MIT-0
---
# handlers file for bootstrap
- name: Configure Nextcloud snap
  become: true
  listen: nextcloud
  block:
    - name: Enable monitoring of network hardware
      ansible.builtin.command:
        cmd: "snap connect nextcloud:network-observe"
    - name: Enable access to removable media
      ansible.builtin.command:
        cmd: "snap connect nextcloud:removable-media"
    # @TODO see if setting below is necessary given use of reverse proxy
    # - name: Set trusted domains
    #   ansible.builtin.command:
    #     cmd: "nextcloud.occ config:system:set trusted_domains 0 --value='cloud.{{ hostvars[inventory_hostname].fqdn }}'"
    # @TODO configure perhaps for trusted (reverse) proxy instead of above
    - name: Set trusted reverse proxy IPv4 address
      when: config.trusted_revproxy_ips.ipv4 is None or len(config.trusted_revproxy_ips.ipv4) < 1
      ansible.builtin.command:
        argv:
          - nextcloud.occ
          - "config:system:set"
          - trusted_proxies 0
          - "--value=$(hostname -I | awk -F ' ' '{ print $1 }')"
    - name: Set trusted reverse proxy IPv4 address
      when: config.trusted_revproxy_ips.ipv4 is not None and len(config.trusted_revproxy_ips.ipv4) > 0
      ansible.builtin.command:
        argv:
          - nextcloud.occ
          - "config:system:set"
          - "trusted_proxies {{ idx }}"
          - "--value={{ item }}"
      loop: "{{ config.trusted_revproxy_ips.ipv4 }}"
      loop_control:
        index_var: idx
    - name: Set trusted reverse proxy IPv6 address
      when: config.trusted_revproxy_ips.ipv6 is None or len(config.trusted_revproxy_ips.ipv6) < 1
      ansible.builtin.command:
        argv:
          - nextcloud.occ
          - "config:system:set"
          - trusted_proxies 0
          - "--value=$(hostname -I | awk -F ' ' '{ print $2 }')"
    - name: Set trusted reverse proxy IPv6 address
      when: config.trusted_revproxy_ips.ipv6 is not None and len(config.trusted_revproxy_ips.ipv6) > 0
      ansible.builtin.command:
        argv:
          - nextcloud.occ
          - "config:system:set"
          - "trusted_proxies {{ idx }}"
          - "--value={{ item }}"
      loop: "{{ config.trusted_revproxy_ips.ipv6 }}"
      loop_control:
        index_var: idx
    - name: Enable LDAP integration app
      ansible.builtin.command:
        cmd: "nextcloud.occ app:enable user_ldap"
    # @TODO see if can further configure LDAP in particular: https://docs.nextcloud.com/server/stable/admin_manual/occ_command.html#ldap-commands
    - name: Enable contacts' birthday calendar app
      ansible.builtin.command:
        cmd: "nextcloud.occ dav:sync-birthday-calendar"
    # @TODO create system-level bash alias for `nextcloud.occ` command