- name: install powerdns backends and dependencies
  apt:
    pkg:
    - "pdns-backend-pipe"
    - "python3-click"

- name: create letsencrypt user
  user:
    name: letsencrypt
    password: '*'
    system: True

- name: add pdns user to letsencrypt group
  user:
    name: pdns
    groups: letsencrypt
    append: yes
  notify:
  - restart powerdns

- name: create folders
  file:
    path: "{{ item.path }}"
    state: directory
    owner: "{{ item.owner|d('pdns') }}"
    group: "{{ item.group|d('pdns') }}"
    mode: "{{ item.mode|d('0755') }}"
  with_items:
  - { "path": "/var/lib/powerdns/letsencrypt/", "owner": "letsencrypt", "mode": "0775" }

- name: ensure database permissions
  file:
    path: "{{ powerdns.letsencrypthandler.dbpath }}"
    owner: letsencrypt
    group: pdns
    mode: 0664
    state: touch

- name: copy powerdns letsencrypt handler
  template:
    dest: /usr/local/bin/pdns.py
    src: pdns-letsencrypt.py.j2
    owner: root
    group: root
    mode: 0755
  notify:
  - restart powerdns