#!/bin/bash
#
# Title:      Jdownloader2 for PGBlitz (OAuth security) with OpenVPN integration
# Author(s):  timekills (mod. h1f0x)
# URL:        https://hub.docker.com/r/h1f0x/jd2-openvpn
# GNU:        General Public License v3.0
################################################################################
---
- hosts: localhost
  gather_facts: false
  tasks:
    # FACTS #######################################################################

    - name: 'Set Known Facts'
      set_fact:
        pgrole: 'jdownloader2-vpn'
        intport: '5800'
        extport: '5802'
        intport2: '5902'
        extport2: '5902'
        intport3: '3129'
        extport3: '3129'
        image: 'h1f0x/jd2-openvpn'

    # CORE (MANDATORY) ############################################################
    - name: 'Including cron job'
      include_tasks: '/opt/communityapps/apps/_core.yml'

    - name: 'Including plugins'
      include_tasks: '/opt/communityapps/apps/_plugins.yml'

    - name: 'Including folders'
      include_tasks: '/opt/communityapps/apps/_downloaders.yml'

    - name: 'Ini Check'
      stat:
        path: /opt/appdata/{{pgrole}}/core.conf
      register: inicheck

    # LABELS ######################################################################
    - name: 'Adding Traefik'
      set_fact:
        pg_labels:
          traefik.enable: 'true'
          traefik.port: '{{intport}}'
          traefik.frontend.auth.forward.address: '{{gauth}}'
          traefik.frontend.rule: 'Host:{{pgrole}}.{{domain.stdout}}{{tldset}}{{cname}}'
          traefik.frontend.headers.SSLHost: '{{domain.stdout}}'
          traefik.frontend.headers.SSLRedirect: 'true'
          traefik.frontend.headers.STSIncludeSubdomains: 'true'
          traefik.frontend.headers.STSPreload: 'true'
          traefik.frontend.headers.STSSeconds: '315360000'
          traefik.frontend.headers.browserXSSFilter: 'true'
          traefik.frontend.headers.contentTypeNosniff: 'true'
          traefik.frontend.headers.customResponseHeaders: 'X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex'
          traefik.frontend.headers.forceSTSHeader: 'true'

    - name: 'Setting PG Volumes'
      set_fact:
        pg_volumes:
          - '/etc/localtime:/etc/localtime:ro'
          - '{{path.stdout}}:{{path.stdout}}'
          - '/mnt:/mnt'
          - '/opt/appdata/{{pgrole}}:/config'
          - '{{path.stdout}}/downloads/{{pgrole}}/:/output:rw'
          - '/opt/appdata/{{pgrole}}/vpn:/vpn:rw'

    - name: 'Setting PG ENV'
      set_fact:
        pg_env:
          UID: '1000'
          GID: '1000'
          DISPLAY_WIDTH: '1600'
          DISPLAY_HEIGHT: '960'

    # MAIN DEPLOYMENT #############################################################
    - name: 'Deploying {{pgrole}}'
      docker_container:
        name: '{{pgrole}}'
        image: '{{image}}'
        pull: yes
        published_ports:
          - '{{ports.stdout}}{{extport}}:{{intport}}'
        volumes: '{{pg_volumes}}'
        env: '{{pg_env}}'
        restart_policy: unless-stopped
        networks:
          - name: plexguide
            aliases:
              - '{{pgrole}}'
        privileged: yes
        devices:
          - '/dev/net/tun'
        state: started
        labels: '{{pg_labels}}'