- name: 'Create group www-{{ tenant.name }}'
  ansible.builtin.group:
    name: 'www-{{ tenant.name }}'

- name: 'Create user www-{{ tenant.name }}'
  ansible.builtin.user:
    name: 'www-{{ tenant.name }}'
    group: 'www-{{ tenant.name }}'
    home: '/srv/www/{{ tenant.name }}'
    shell: /bin/bash

- name: 'Add user www-data to group www-{{ tenant.name }}'
  ansible.builtin.user:
    name: 'www-data'
    system: true
    append: true
    groups: 'www-{{ tenant.name }}'

# php_version and "restart php-fpm" handler from nginx role
- name: 'Create php pool www-{{ tenant.name }}'
  ansible.builtin.template:
    dest: "/etc/php/{{ php_version }}/fpm/pool.d/www-{{ tenant.name }}.conf"
    src: php-fpm-pool.conf.j2
    owner: root
    group: root
    mode: 0644
  notify:
  - restart php-fpm

- name: 'Create MariaDB DBs for {{ tenant.name }}'
  loop: '{{ tenant.options.mariadb_databases|d({})|dict2items }}'
  community.mysql.mysql_db:
    login_unix_socket: /var/run/mysqld/mysqld.sock
    name: 'www-{{ tenant.name }}-{{ item.key }}'
    collation: "{{ item.value.collation | default('utf8mb4_unicode_ci') }}"
    encoding: "{{ item.value.encoding | default('utf8mb4') }}"

- name: 'Create MariaDB user www-{{ tenant.name }}'
  community.mysql.mysql_user:
    name: 'www-{{ tenant.name }}'
    priv: 'www-{{ tenant.name }}-%.*:ALL PRIVILEGES'
    plugin: unix_socket