---

- name: install packages
  package:
    name: "{{ item }}"
    state: installed
  with_items:
    - clamav
    - clamav-update
    - clamd

- name: fix socket directory permissions
  copy:
    dest: /etc/tmpfiles.d/clamd.scan.conf
    content: "d /run/clamd.scan 711 clamscan clamscan"
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  notify: refresh clamd socket directory

- name: enable clamd local socket
  lineinfile:
    path: /etc/clamd.d/scan.conf
    regexp: "^#?LocalSocket .*"
    line: "LocalSocket /run/clamd.scan/clamd.sock"
  notify: restart clamd

- name: allow everyone to connect local socket
  lineinfile:
    path: /etc/clamd.d/scan.conf
    regexp: "^#?LocalSocketMode .*"
    line: "LocalSocketMode 666"
  notify: restart clamd

- name: link clamd service
  file:
    dest: /etc/systemd/system/clamd@scan.service
    src: /lib/systemd/system/clamd@.service
    state: link
    owner: root
    group: "{{ ansible_wheel }}"
    follow: false

- name: enable services
  service:
    name: "{{ item }}"
    enabled: true
    state: started
  with_items:
    - clamav-freshclam
    - clamd@scan