---
- name: /var/www is present
  file:
    path: /var/www
    state: directory
    mode: "0755"
  when: evolinux_default_www_files | bool

- name: images are copied
  copy:
    src: default_www/img
    dest: /var/www/
    mode: "0644"
    directory_mode: "0755"
    follow: yes
  when: evolinux_default_www_files | bool

- name: index is copied
  template:
    src: default_www/index.html.j2
    dest: /var/www/index.html
    mode: "0644"
    force: no
  when: evolinux_default_www_files | bool

# SSL cert

- name: Default certificate is present
  block:
    - name: Create private key and csr for default site ({{ ansible_fqdn }})
      command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
      args:
        creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"

    - name: Adjust rights on private key
      file:
        path: /etc/ssl/private/{{ ansible_fqdn }}.key
        owner: root
        group: ssl-cert
        mode: "0640"
      when: not ansible_check_mode

    - name: Create certificate for default site
      command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
      args:
        creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
  when: evolinux_default_www_ssl_cert | bool

- meta: flush_handlers