# Maintainer : Bruno TATU <btatu@evolix.fr> - Aout 2017
# Ex: ansible-playbook -i ~/.ansible/hosts whitelist_squid.yml -K -e "host=serveur00"
---
- hosts: "{{ host }}"
  become: yes

  vars_prompt:
    - name: urls
      prompt: "Liste des domaines à whitelister (ex : d1.com,d2.com)"
      private: no

  vars:
    - ticket: "#mail.todo.support:"

  tasks:

# Test
#

  - name: Verifie si c'est une Jessie
    stat:
      path: /etc/squid3/whitelist.conf
    register: config_jessie

  - name: Verifie si c'est une Stretch
    stat:
      path: /etc/squid/evolinux-whitelist-defaults.conf
    register: config_stretch

# Apply :
# Si seulement 1 domaines est déja présent alors, on ne fait pas d'evomaintenance

  - block:

    - block:

      - name: Whitelist domaines pour Jessie
        lineinfile:
          dest: '{{ config_jessie.stat.path }}'
          line: "http://{{ item }}/.*"
        with_items:
          - '{{ urls.split(",") }}'

      - name: Reload Squid
        command: /etc/init.d/squid3 reload

      when: config_jessie.stat.exists

    - block:

      - name: Whitelist domaines pour Stretch
        lineinfile:
          dest: '{{ config_stretch.stat.path }}'
          line: "^{{ item }}$"
        with_items:
          - '{{ urls.split(",") }}'

      - name: Reload Squid
        command: /etc/init.d/squid reload

      when: config_stretch.stat.exists


  ## Verify :
  # Doit plutôt vérifier si c'est "X-Squid-Error: ERR_ACCESS_DENIED" 0 ne bloque ou pas

  #  - name: test headers
  #    uri:
  #      url: http://placeholder.stratis.fr/700-394
  #      method: HEAD
  #    register: login
  #    ignore_errors: yes
  #
  #  - debug:
  #      msg: "{{ login.x_squid_error }}"

  #  - name: Update successful?
  #    uri:
  #      url: "http://{{ item }}"
  #      method: GET
  #      status_code: 200,301,302,403,404
  #    with_items:
  #      - "{{ urls.split(',') }}"

  ## Save configuration
  #

    - name: Evomaintenance
      shell: "echo '{{ ticket }} whitelist domaine(s) dans squid'|/bin/sh /usr/share/scripts/evomaintenance.sh"

    when: config_jessie.stat.exists or config_stretch.stat.exists