---
- name: Set Cipher Suite
  ansible.builtin.import_tasks: set-cipher-suite.yml

- name: Set Features
  ansible.builtin.import_tasks: set-windows-features.yml

- name: Set DevOps Environment Variables
  ansible.windows.win_environment:
    level: machine
    variables:
      ASPNETCORE_ENVIRONMENT: "{{ devops_env }}"
      DOTNET_ENVIRONMENT: "{{ devops_env }}"

- name: Install Framework 4.8
  ansible.builtin.import_tasks: install-dotnet-framework.yml

- name: Install Latest Microsoft Edge
  chocolatey.chocolatey.win_chocolatey:
    name: microsoft-edge
    state: latest

- name: Create IIS Log Retention Task
  community.windows.win_scheduled_task:
    state: present
    enabled: true
    name: IIS Log Retention
    description: "{{ iis_log_retention_days }}-day retention"
    allow_demand_start: true
    allow_hard_terminate: true
    execution_time_limit: PT1H
    # group: NT AUTHORITY
    username: SYSTEM
    compatibility: 4
    actions:
      - path: C:\Windows\System32\forfiles.exe
        arguments: /P "{{ iis_log_directory }}" /S /M *.log /D -{{ iis_log_retention_days }} /C "cmd /c del @PATH"
    triggers:
      - type: daily
        enabled: true
        start_boundary: "2000-10-10T03:00:00"

- name: Set IIS Header Logging
  ansible.windows.win_powershell:
    script: |
      Add-WebConfigurationProperty `
        -pspath 'MACHINE/WEBROOT/APPHOST' `
        -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
        -name "." `
        -value @{logFieldName='x-forwarded-for';sourceName='x-forwarded-for';sourceType='RequestHeader'}

      Add-WebConfigurationProperty `
        -pspath 'MACHINE/WEBROOT/APPHOST' `
        -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" `
        -name "." `
        -value @{logFieldName='x-correlation-id';sourceName='x-correlation-id';sourceType='RequestHeader'}

- name: Ensure WebPI Is Installed
  ansible.windows.win_package:
    path: https://download.microsoft.com/download/8/4/9/849DBCF2-DFD9-49F5-9A19-9AEE5B29341A/WebPlatformInstaller_x64_en-US.msi
    product_id: 849DBCF2-DFD9-49F5-9A19-9AEE5B29341A
    state: present

- name: Ensure Application Request Routing 3.0 Is Installed
  ansible.windows.win_package:
    path: https://download.microsoft.com/download/E/9/8/E9849D6A-020E-47E4-9FD0-A023E99B54EB/requestRouter_amd64.msi
    product_id: E9849D6A-020E-47E4-9FD0-A023E99B54EB
    state: present

- name: Ensure svc-rmagent Exists
  ansible.windows.win_user:
    name: svc-rmagent
    state: present

- name: Ensure svc-rmagent is in the local Admin Group
  ansible.windows.win_group_membership:
    name: Administrators
    members:
      - svc-rmagent
    state: present