- name: Include secrets.yml
  ansible.builtin.include_vars:
    file: secrets.yml

- name: Create /etc/apt/keyrings directory
  ansible.builtin.file:
    path: /etc/apt/keyrings
    state: directory
    mode: '0755'

#- name: Create /usr/share/postgresql-common/pgdg directory
#  ansible.builtin.file:
#    path: /usr/share/postgresql-common/pgdg
#    state: directory
#    mode: '0755'

- name: Download PostgreSQL Repo Signing Key
  ansible.builtin.get_url:
    url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
    dest: /etc/apt/keyrings/apt.postgresql.org.asc
    mode: '0644'

- name: Add PostgreSQL Repository
  ansible.builtin.apt_repository:
    repo: deb [signed-by=/etc/apt/keyrings/apt.postgresql.org.asc] https://apt.postgresql.org/pub/repos/apt bookworm-pgdg main
    state: present

- name: Install PostgreSQL
  ansible.builtin.apt:
    pkg:
      - postgresql-16
      #- sqlite3
    # state: latest
    update_cache: yes
  register: deb_postgresql_install

- name: Configure PostgreSQL pg_hba.conf
  ansible.builtin.template:
    src: pg_hba.conf
    dest: /etc/postgresql/16/main/pg_hba.conf
    owner: postgres
    group: postgres
    mode: '0640'
  register: conf_postgresql_pg_hba

- name: Create PostgreSQL Database
  shell: psql -c "CREATE ROLE {{ pdns_pgsql_user }} WITH LOGIN PASSWORD '{{ pdns_pgsql_password }}';" -c "CREATE DATABASE {{ pdns_pgsql_database }} WITH OWNER = {{ pdns_pgsql_user }} encoding = 'UTF8';"
  become: true
  become_user: postgres
  when: deb_postgresql_install.changed

- name: Download PowerDNS PostgreSQL Schema
  ansible.builtin.get_url:
    url: https://raw.githubusercontent.com/PowerDNS/pdns/master/modules/gpgsqlbackend/schema.pgsql.sql
    dest: /var/lib/postgresql/powerdns_schema.sql
    owner: postgres
    group: postgres
    mode: '0600'

- name: Apply PowerDNS PostgreSQL Schema
  shell: "psql < /var/lib/postgresql/powerdns_schema.sql"
  become: true
  become_user: postgres
  environment:
    PGHOSTADDR: 127.0.0.1
    PGDATABASE: "{{ pdns_pgsql_database }}"
    PGUSER: "{{ pdns_pgsql_user }}"
    PGPASSWORD: "{{ pdns_pgsql_password }}"
  when: deb_postgresql_install.changed

- name: Enable PostgreSQL
  ansible.builtin.service:
    name: postgresql
    enabled: true

- name: Restart PostgreSQL
  ansible.builtin.service:
    name: postgresql@16-main
    state: restarted
  when: conf_postgresql_pg_hba.changed

- name: Download PowerDNS Repo Signing Key
  ansible.builtin.get_url:
    url: https://repo.powerdns.com/FD380FBB-pub.asc
    dest: /etc/apt/keyrings/auth-48-pub.asc
    mode: '0644'

- name: Add PowerDNS Repository
  ansible.builtin.apt_repository:
    repo: deb [signed-by=/etc/apt/keyrings/auth-48-pub.asc arch=amd64] http://repo.powerdns.com/debian bookworm-auth-48 main
    state: present

- name: Install PowerDNS and prerequisites
  ansible.builtin.apt:
    pkg:
      - pdns-server
      - pdns-backend-pgsql
      #- sqlite3
    # state: latest
    update_cache: yes
  register: deb_powerdns_install

- name: Print groups
  ansible.builtin.debug:
    var: groups['autosecondaries']
    verbosity: 2

- name: Print hostvars
  ansible.builtin.debug:
    var: hostvars
    verbosity: 2

- name: Print return information from the previous task
  ansible.builtin.debug:
    var: axfr_list
    verbosity: 2

- name: Set AXFR List as fact
  set_fact:
    axfr_ipv6: "{{ groups['autosecondaries']|default([])|map('extract', hostvars)|map(attribute='ipv6')|list|sort }}"


- name: Configure PowerDNS
  ansible.builtin.template:
    src: pdns.conf.j2
    dest: /etc/powerdns/pdns.conf
    owner: root
    group: root
    mode: '0644'
  register: pdns_config

- name: Enable PowerDNS
  ansible.builtin.service:
    name: pdns
    enabled: true

- name: Restart PowerDNS
  ansible.builtin.service:
    name: pdns
    state: restarted
  when: pdns_config.changed