---
- name: Create shadowsocks service user
  ansible.builtin.user:
    name: "{{ ss_user }}"
    system: yes
    shell: /usr/sbin/nologin
    create_home: no

- name: Create shadowsocks config directory
  ansible.builtin.file:
    path: "{{ ss_config_path | dirname }}"
    state: directory
    owner: "{{ ss_user }}"
    group: "{{ ss_user }}"
    mode: "0750"

- name: Download shadowsocks-rust binary
  ansible.builtin.get_url:
    url: "https://github.com/shadowsocks/shadowsocks-rust/releases/download/v{{ ss_version }}/shadowsocks-v{{ ss_version }}.x86_64-unknown-linux-gnu.tar.xz"
    dest: /tmp/shadowsocks.tar.xz
    mode: "0644"

- name: Extract shadowsocks-rust binary
  ansible.builtin.unarchive:
    src: /tmp/shadowsocks.tar.xz
    dest: /tmp/
    remote_src: yes

- name: Install ssserver binary
  ansible.builtin.copy:
    src: /tmp/ssserver
    dest: "{{ ss_bin_path }}"
    remote_src: yes
    owner: root
    group: root
    mode: "0755"
  notify: restart shadowsocks

- name: Clean up downloaded archive
  ansible.builtin.file:
    path: "{{ item }}"
    state: absent
  loop:
    - /tmp/shadowsocks.tar.xz
    - /tmp/ssserver
    - /tmp/sslocal
    - /tmp/ssurl
    - /tmp/ssmanager
    - /tmp/ssservice

- name: Deploy shadowsocks configuration
  ansible.builtin.template:
    src: ss-config.json.j2
    dest: "{{ ss_config_path }}"
    owner: "{{ ss_user }}"
    group: "{{ ss_user }}"
    mode: "0640"
  notify: restart shadowsocks

- name: Deploy shadowsocks systemd unit
  ansible.builtin.template:
    src: shadowsocks.service.j2
    dest: /etc/systemd/system/shadowsocks.service
    owner: root
    group: root
    mode: "0644"
  notify: restart shadowsocks

- name: Enable and start shadowsocks service
  ansible.builtin.systemd:
    name: shadowsocks
    daemon_reload: yes
    enabled: yes
    state: started