---
- name: Install webserver
  package:
    state: latest
    name:
    - nginx
    - dehydrated

- name: acme mail
  copy:
    dest: "/etc/dehydrated/conf.d/mail"
    content: "CONTACT_EMAIL={{ nginx_acme_mail }}"

- name: get let's encrypt account
  command: /usr/bin/dehydrated --register --accept-terms
  args:
    creates: /var/lib/dehydrated/accounts

- name: Install letsencrypt cronjob
  template:
    dest: "/etc/systemd/system/{{ item }}"
    src: "{{ item }}"
  with_items:
  - dehydrated.service
  - dehydrated.timer

- name: Start lets encrypt cronjob
  systemd:
    name: dehydrated.timer
    state: started
    enabled: yes

- name: nginx default config
  notify: reload nginx
  template:
    src: default.nginx
    dest: /etc/nginx/sites-available/default

- name: nginx snippets for acme
  notify: reload nginx
  template:
    src: snippets-tls.nginx
    dest: /etc/nginx/snippets/tls-acme.conf