---

- name: Combine default and user settings, decrypt vault.
  ansible.builtin.set_fact:
    searxng_settings: "{{ searxng_default_settings |
        ansible.builtin.combine(searxng_settings, recursive=true) }}"
  no_log: true

- name: Install dependencies.
  ansible.builtin.apt:
    name:
      - python3-dev
      - python3-babel
      - python3-venv
      - uwsgi
      - uwsgi-plugin-python3
      - git
      - build-essential
      - libxslt-dev
      - zlib1g-dev
      - libffi-dev
      - libssl-dev
    state: present

- name: Create searxng user.
  ansible.builtin.user:
    state: present
    name: searxng
    password: !
    system: true
    create_home: true
    home: "{{ searxng_settings.homedir }}"
    shell: /usr/sbin/nologin

- name: Set searxng_source and searxng_pyenv variable.
  ansible.builtin.set_fact:
    searxng_source: "{{ searxng_settings.homedir }}/src"
    searxng_pyenv: "{{ searxng_settings.homedir }}/pyenv"
    searxng_compiled: "{{ searxng_settings.homedir }}/compiled"

- name: Clone searxng git repository.
  ansible.builtin.git:
    clone: true
    repo: https://github.com/searxng/searxng.git
    dest: "{{ searxng_source }}"
    depth: 1
    version: "{{ searxng_settings.git_commit }}"
    force: true
    single_branch: true
  register: git_clone_result

- name: Install pip dependencies.
  ansible.builtin.pip:
    virtualenv: "{{ searxng_pyenv }}"
    virtualenv_command: python3 -m venv
    name:
      - pip
      - setuptools
      - wheel
      - pyyaml
    state: present

- name: Compile searxng.
  when: git_clone_result.changed
  block:
    - name: Remove searxng settings file.
      ansible.builtin.file:
        path: /etc/searxng/settings.yml
        state: absent

    - name: Compile searxng.
      ansible.builtin.pip:
        virtualenv: "{{ searxng_pyenv }}"
        requirements: "{{ searxng_source }}/requirements.txt"
        extra_args: "--use-pep517 --no-build-isolation \
                     -e {{ searxng_source }}"
        state: present

    - name: Remove old program files.
      ansible.builtin.file:
        path: "{{ searxng_compiled }}"
        state: absent

    - name: Install new program files.
      ansible.builtin.copy:
        remote_src: true
        src: "{{ searxng_source }}/"
        dest: "{{ searxng_compiled }}"
        owner: searxng
        group: searxng
        mode: "0775"

- name: Create searxng settings directory.
  ansible.builtin.file:
    state: directory
    owner: searxng
    group: searxng
    mode: "0775"
    path: /etc/searxng

- name: Install searxng settings file.
  ansible.builtin.template:
    src: settings.yml.j2
    dest: /etc/searxng/settings.yml
    owner: searxng
    group: searxng
    mode: "0600"
  notify:
    - Reload systemd daemon.
    - Restart searxng service.

- name: Create systemd unit file.
  ansible.builtin.template:
    src: searxng.service.j2
    dest: /etc/systemd/system/searxng.service
    owner: root
    group: root
    mode: "0444"
  notify:
    - Reload systemd daemon.
    - Restart searxng service.

- name: Enable and start searxng service.
  ansible.builtin.service:
    name: searxng
    enabled: true
    state: started