---
# This role install nginx, configures it

- name: Install nginx and certbot
  apt: name={{ item }} state=latest update_cache=yes
  with_items:
     - nginx
     - letsencrypt
- name: Remove default nginx config in sites-enabled
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
- name: Copy Mastodon nginx vhost template to sites-available
  template:
    src: mastodon-nginx.conf
    dest: /etc/nginx/sites-available/{{ LOCAL_DOMAIN }}.conf
- name: Enable Mastodon nginx vhost template
  file:
    src: /etc/nginx/sites-available/{{ LOCAL_DOMAIN }}.conf
    dest: /etc/nginx/sites-enabled/{{ LOCAL_DOMAIN }}.conf
    state: link
- name: Copy and enable Let's Encrypt renew script
  copy:
    src: letsencrypt-renew.sh
    dest: /etc/cron.daily/letsencrypt-renew.sh
    mode: 0700
- name: Make Let's Encrypt configuration directory
  file:
    dest: /root/.config/letsencrypt
    state: directory
- name: Copy Let's Encrypt configuration file
  copy:
    src: cli.ini
    dest: /root/.config/letsencrypt/cli.ini
- name: Run nginx install tasks
  include_tasks: install.yml
  when: install is defined