- name: Ensure repository key for Prosody is in place
  apt_key: url=https://prosody.im/files/prosody-debian-packages.key state=present
  tags:
    - dependencies

- name: Add Prosody repository
  apt_repository: repo="deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main"
  tags:
    - dependencies

- name: Install Prosody and dependencies from official repository
  apt:
    name: "{{ packages }}"
    state: present
    update_cache: yes
  vars:
    packages:
    - prosody
    - lua-sec
  tags:
    - dependencies

- name: Add prosody user to ssl-cert group
  user: name=prosody group=ssl-cert

- name: Add cert postrenew task
  copy: src=etc_letsencrypt_postrenew_prosody.sh dest=/etc/letsencrypt/postrenew/prosody.sh mode=0755

- name: Create Prosody data directory
  file: state=directory path=/data/prosody owner=prosody group=prosody

- name: Configure Prosody
  template: src=prosody.cfg.lua.j2 dest=/etc/prosody/prosody.cfg.lua group=prosody owner=root mode=0644
  notify: restart prosody

- name: Create Prosody accounts
  command: prosodyctl register {{ item.name }} {{ item.domain }} "{{ item.password }}"
  with_items: "{{ prosody_accounts }}"

- name: Set firewall rules for Prosody
  ufw: rule=allow port={{ item }} proto=tcp
  with_items:
    - 5222  # xmpp c2s
    - 5269  # xmpp s2s
  tags: ufw