---
- name: Configure php-fpm
  blockinfile:
    dest: '{{ php_dir }}/fpm/pool.d/www.conf'
    insertafter: '^; Default Value: clean env$'
    marker: '; {mark} ANSIBLE MANAGED BLOCK'
    block: |
      env[HOSTNAME] = $HOSTNAME
      env[PATH] = $PATH
      env[TMP] = /tmp
      env[TMPDIR] = /tmp
      env[TEMP] = /tmp
  notify: reload php-fpm

- name: Enable APC for php CLI
  copy:
    dest: '{{ php_dir }}/cli/conf.d/10-local.ini'
    content: 'apc.enable_cli = 1'
  notify: reload php-fpm

- name: Configure cache and memory for PHP
  lineinfile:
    dest: '{{ php_dir }}/fpm/php.ini'
    state: present
    regexp: '{{ item.regexp }}'
    line: '{{ item.line }}'
    backrefs: yes
  loop:
    - { regexp: 'opcache.enable=0', line: 'opcache.enable=1' }
    - { regexp: 'opcache.enable_cli', line: 'opcache.enable_cli=1' }
    - { regexp: 'opcache.interned_strings_buffer', line: 'opcache.interned_strings_buffer=8' }
    - { regexp: 'opcache.max_accelerated_files', line: 'opcache.max_accelerated_files=10000' }
    - { regexp: 'opcache.memory_consumption', line: 'opcache.memory_consumption=128' }
    - { regexp: 'opcache.save_comments', line: 'opcache.save_comments=1' }
    - { regexp: 'opcache.revalidate_freq', line: 'opcache.revalidate_freq=1' }
    - { regexp: 'memory_limit', line: 'memory_limit={{ php_memory_limit }}'}
  notify: reload php-fpm

- name: Generate Diffie-Hellman parameters (slow)
  command: "openssl dhparam -out {{ tls_dhparam }} 2048"
  args:
    creates: '{{ tls_dhparam }}'

- name: Configure nginx for php-fpm handling
  template:
    src: nginx_php_handler.j2
    dest: /etc/nginx/sites-available/php_handler.cnf
  notify: reload http

- name: Enable php-fpm handling in nginx
  file:
    path: /etc/nginx/sites-enabled/php_handler
    src: /etc/nginx/sites-available/php_handler.cnf
    state: link
  notify: reload http

- name: Configure nextcloud in nginx
  template:
    dest: /etc/nginx/sites-available/nextcloud.cnf
    src: 'nginx_nc.j2'
  notify: reload http

- name: Enable Nextcloud in nginx conf
  file:
    path: /etc/nginx/sites-enabled/nextcloud
    src: /etc/nginx/sites-available/nextcloud.cnf
    state: link
  notify: reload http

- name: Disable nginx default site
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
  notify: reload http