---
- name: Apache config
  become: yes
  tags:
    - mw-frontend
  block:
    - name: apache config
      copy:
        src: etc/apache2/sites-available/mw.trygvis.io-ssl.conf
        dest: /etc/apache2/sites-available/mw.trygvis.io-ssl.conf
    - name: packages
      apt:
        name: "{{ item }}"
        install_recommends: no
      with_items:
        - python-psycopg2
    - name: postgresql db
      become: yes
      become_user: postgres
      vars:
        ansible_ssh_pipelining: true
      block:
        - name: CREATE ROLE mediawiki
          postgresql_user: 
            name: "mediawiki"
            password: "{{ mediawiki_secrets.mediawiki_password }}"
            encrypted: yes
        - name: CREATE DATABASE mediawiki
          postgresql_db:
            name: "mediawiki"
            encoding: "utf-8"
        - postgresql_privs:
            database: mediawiki
            state: present
            privs: USAGE
            type: schema
            objs: public
            roles: mediawiki