#
# Cookbook Name:: kosmos-mastodon
# Recipe:: nginx
#

mastodon_path = node["kosmos-mastodon"]["directory"]
server_name   = node["kosmos-mastodon"]["server_name"]

node.override['nginx']['server_names_hash_bucket_size'] = 128
include_recipe "kosmos-nginx"

directory "#{node['nginx']['dir']}/snippets" do
  action :create
  owner 'www-data'
  mode 0640
end

template "#{node['nginx']['dir']}/snippets/mastodon.conf" do
  source 'nginx_conf_shared.erb'
  owner 'www-data'
  mode 0640
  variables streaming_port: node["kosmos-mastodon"]["streaming_port"],
            puma_port:      node["kosmos-mastodon"]["puma_port"],
            mastodon_path:  mastodon_path
  notifies :reload, 'service[nginx]', :delayed
end

onion_address = File.read("/var/lib/tor/mastodon/hostname").strip rescue nil

template "#{node['nginx']['dir']}/sites-available/#{server_name}" do
  source 'nginx_conf_mastodon.erb'
  owner 'www-data'
  mode 0640
  variables server_name:         server_name,
            ssl_cert:            "/etc/letsencrypt/live/#{server_name}/fullchain.pem",
            ssl_key:             "/etc/letsencrypt/live/#{server_name}/privkey.pem",
            shared_config_path:  "#{node['nginx']['dir']}/snippets/mastodon.conf",
            onion_address:       onion_address
  notifies :reload, 'service[nginx]', :delayed
end

# Legacy vhost
nginx_site "mastodon" do
  action :disable
end

nginx_site server_name do
  action :enable
end

nginx_certbot_site server_name

#
# Tor hidden service
#
# The attributes for the hidden service are set in attributes/default.rb, due
# to the way the tor-full cookbook builds the path to the hidden service dir
include_recipe "tor-full"