- name: load distribution-specific variables
  include_vars: '{{ item }}'
  with_first_found:
  - '{{ ansible_distribution }}.yml'
  - '{{ ansible_os_family }}.yml'
  - defaults.yml
  tags:
  - always
- name: load burp secrets
  include_vars: '{{ item }}'
  with_fileglob: vault/burp/{{ ansible_fqdn }}
  tags:
  - always

- name: ensure burp is installed
  package:
    name={{ burp_client_packages|join(',') }}
    state=present
  tags:
  - install

- name: ensure burp server is configured for client
  template:
    src=server-clientconf.j2
    dest=/etc/burp/clientconfdir/{{ ansible_fqdn }}
    mode=0400
  delegate_to: '{{ burp_server }}'

- name: ensure burp pre-backup script is installed
  copy:
    src=scripts/{{ inventory_hostname }}/{{ burp_backup_script_pre|basename }}
    dest={{ burp_backup_script_pre }}
    mode=0755
  when: burp_backup_script_pre is defined
- name: ensure burp post-backup script is installed
  copy:
    src=scripts/{{ inventory_hostname }}/{{ burp_backup_script_post|basename }}
    dest={{ burp_backup_script_post }}
    mode=0755
  when: burp_backup_script_post is defined
- name: ensure burp client is configured
  template:
    src=burp.conf.j2
    dest=/etc/burp/burp.conf
    mode=0600
- name: ensure burp client certificate is available
  command:
    burp -c /etc/burp/burp.conf -g
    creates=/etc/burp/ssl_cert-client.pem
- name: ensure automatic backup is scheduled
  copy:
    src={{ burp_backup_crontab }}
    dest=/etc/cron.d/burp-backup
    mode=0644