- name: Download and Install SeaweedFS
  include_tasks: download.yaml

- name: Create system user for SeaweedFS
  user:
    name: "{{ seaweed_user }}"
    shell: /usr/sbin/nologin
    system: yes
    create_home: no

- name: Create SeaweedFS configuration directory
  file:
    path: "{{ seaweed_config_dir }}"
    state: directory
    mode: '0755'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"

- name: Create SeaweedFS data directory
  file:
    path: "{{ seaweed_data_dir }}"
    state: directory
    mode: '0755'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"

- name: Create SeaweedFS log directory
  file:
    path: "{{ seaweed_log_dir }}"
    state: directory
    mode: '0755'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"

- name: Create SeaweedFS data directories
  file:
    path: "{{ seaweed_data_dir }}/{{ item.name }}"
    state: directory
    mode: '0755'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"
  loop: "{{ seaweed_services }}"

- name: Create certificates
  include_tasks: certificates.yaml

- name: Generate seaweed JWT signing secrets
  set_fact:
    seaweed_jwt_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"
    seaweed_jwt_filer_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"

- name: Configure security configuration
  template:
    src: security.toml.j2
    dest: "{{ seaweed_config_dir }}/security.toml"
    mode: '0644'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"
  vars:
    seaweed_master_cert: "{{ seaweed_cert_dir }}/master01.crt"
    seaweed_master_key: "{{ seaweed_cert_dir }}/master01.key"
    seaweed_volume_cert: "{{ seaweed_cert_dir }}/volume01.crt"
    seaweed_volume_key: "{{ seaweed_cert_dir }}/volume01.key"
    seaweed_filer_cert: "{{ seaweed_cert_dir }}/filer01.crt"
    seaweed_filer_key: "{{ seaweed_cert_dir }}/filer01.key"
    seaweed_client_cert: "{{ seaweed_cert_dir }}/client01.crt"
    seaweed_client_key: "{{ seaweed_cert_dir }}/client01.key"

- name: Configure filer
  template:
    src: filer.toml.j2
    dest: "{{ seaweed_config_dir }}/filer.toml"
    mode: '0644'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"

- name: Generate S3 access key
  set_fact:
    s3_access_key: "{{ lookup('password', '/dev/null length=20 chars=ascii_letters,digits') }}"

- name: Generate S3 secret key
  set_fact:
    s3_secret_key: "{{ lookup('password', '/dev/null length=40 chars=ascii_letters,digits') }}"

- name: Configure s3
  template:
    src: s3.json.j2
    dest: "{{ seaweed_config_dir }}/s3.json"
    mode: '0644'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"

- name: Install SeaweedFS services
  template:
    src: seaweed.service.j2
    dest: "/etc/systemd/system/seaweed-{{ item.name }}.service"
    mode: '0644'
    owner: "{{ seaweed_user }}"
    group: "{{ seaweed_group }}"
  loop: "{{ seaweed_services }}"
  vars:
    seaweed_service: "{{ item.name }}"
    seaweed_command: "{{ item.name }}"
    seaweed_args: "{{ item.args }}"

- name: Reload systemd daemon
  systemd:
    daemon_reload: yes

- name: Enable and start SeaweedFS services
  systemd:
    name: "seaweed-{{ item.name }}"
    enabled: yes
    state: restarted
  loop: "{{ seaweed_services }}"