---
- name: "{{ services_service_name }} : set the user variables"
  ansible.builtin.import_role:
    name: "services/include"
    vars_from: "user"

- block:

    - name: "{{ services_service_name }} : create nginx conf.d"
      ansible.builtin.file:
        path: "{{ services_service_user_home }}/.config/service/nginx-conf.d"
        state: "directory"
        mode: 0755

    - name: "{{ services_service_name }} : generic nginx reverse proxy configuration"
      ansible.builtin.copy:
        src: "./config/nginx.conf"
        dest: "{{ services_service_user_home }}/.config/service/nginx.conf"
        mode: 0644
      register: services_deploy_rproxy_generic_config

    - name: "{{ services_service_name }} : stream nginx reverse proxy configuration"
      ansible.builtin.template:
        src: "{{ services_deploy_rproxy_nginx_stream_config }}"
        dest: "{{ services_service_user_home }}/.config/service/stream.conf"
        mode: 0644
      register: services_deploy_rproxy_stream_config

    - name: "{{ services_service_name }} : subdomain nginx reverse proxy configuration"
      ansible.builtin.template:
        src: "{{ item }}"
        dest: "{{ services_service_user_home }}/.config/service/nginx-conf.d/{{ item | basename }}"
        mode: 0644
      loop: "{{ services_deploy_rproxy_nginx_subdomain_config_files }}"
      register: services_deploy_rproxy_subdomain_config_files

    - name: "{{ services_service_name }} : certbot crontab"
      ansible.builtin.copy:
        src: "./crontabs/root"
        dest: "{{ services_service_user_home }}/.config/service/crontabs-root"
        mode: 0600
      register: services_deploy_rproxy_crontabs_root

    - name: "{{ services_service_name }} : generate diffie hellman ephemeral parameters"
      ansible.builtin.command: >-
        openssl dhparam --out /{{ services_service_user_home }}/.config/service/dhparam.pem 4096
      args:
        creates: "{{ services_service_user_home }}/.config/service/dhparam.pem"
      register: services_deploy_rproxy_dhparam

    - name: "{{ services_service_name }} : configure hosts file"
      ansible.builtin.template:
        src: "./hosts"
        dest: "{{ services_service_user_home }}/.config/service/hosts"
        mode: 0644
      register: services_deploy_rproxy_hosts_file

  become_user: "{{ services_service_user_name }}"

- name: "{{ services_service_name }} : configure systemd service"
  ansible.builtin.include_role:
    name: "services/deploy/pod"
  vars:
    services_deploy_pod_needs_restart: "{{
      services_deploy_rproxy_generic_config.changed or
      services_deploy_rproxy_stream_config.changed or
      services_deploy_rproxy_subdomain_config_files.changed or
      services_deploy_rproxy_crontabs_root.changed or
      services_deploy_rproxy_dhparam.changed or
      services_deploy_rproxy_hosts_file.changed
    }}"