main.yml

---
- name: install useful system packages
  apt:
    pkg={{','.join(local_dev_pkgs)}} install_recommends=yes
    state=present update_cache=yes

- name: set login shell for app accounts
  user: name={{ item.user }} shell="/bin/bash"
  with_items: localdev_accounts
  when: item.user != 'None'

# Ensure forum user has permissions to access .gem and .rbenv
# This is a little twisty: the forum role sets the owner and group to www-data
# So we add the forum user to the www-data group and give group write permissions
- name: add forum user to www-data group
  user: name={{ forum_user }} groups={{ common_web_group }} append=yes
  when: forum_user is defined

# Need this in order for the forum user to install and uninstall
# gems using 'bundle' or 'gem'.  Can't make it 760 because that
# would break the bin directory under .gem
- name: set forum rbenv and gem permissions
  file:
    path={{ item }} state=directory recurse=yes mode="g+rw"
  with_items:
    - "{{ forum_app_dir }}/.gem"
  when: forum_user is defined

# Create scripts to configure environment
- name: create login scripts
  template:
    src=app_bashrc.j2 dest={{ item.home }}/.bashrc
    owner={{ item.user }} mode=755
  with_items: localdev_accounts
  when: item.user != 'None'
  ignore_errors: yes

# Default to the correct git config
# No more accidentally force pushing to master! :)
- name: configure git
  copy:
    src=gitconfig dest={{ item.home }}/.gitconfig
    owner={{ item.user }} mode=700
  with_items: localdev_accounts
  when: item.user != 'None'
  ignore_errors: yes

# Configure X11 for application users
- name: preserve DISPLAY for sudo
  copy:
    src=x11_display dest=/etc/sudoers.d/x11_display
    owner=root group=root mode=0440

- name: login share X11 auth to app users
  template:
    src=share_x11.j2 dest={{ localdev_home }}/share_x11
    owner={{ localdev_user }} mode=0700

- name: update bashrc with X11 share script
  lineinfile:
    dest={{ localdev_home }}/.bashrc
    regexp=". {{ localdev_home }}/share_x11"
    line=". {{ localdev_home }}/share_x11"
    state=present

# Create scripts to add paver autocomplete
- name: add paver autocomplete
  template:
    src=paver_autocomplete dest={{ item.home }}/.paver_autocomplete
    owner={{ item.user }} mode=755
  with_items: localdev_accounts
  when: item.user != 'None'
  ignore_errors: yes

# Edit the /etc/hosts file so that the Preview button will work in Studio
- name: add preview.localhost to /etc/hosts
  shell: sed -i -r 's/^127.0.0.1\s+.*$/127.0.0.1 localhost preview.localhost/' /etc/hosts
  sudo: yes

- name: create OAuth2 Clients
  shell: >
    {{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms --settings=aws
    create_oauth2_client
    {{ item.url_root }}
    "{{ item.url_root }}/complete/edx-oidc/"
    confidential
    --client_name {{ item.name }}
    --client_id {{ item.id }}
    --client_secret {{ item.secret }}
    --trusted
  sudo_user: "{{ edxapp_user }}"
  environment: "{{ edxapp_environment }}"
  with_items: localdev_oauth2_clients