---
- name: Create default site plain http configuration
  become: true
  ansible.builtin.template:
    src: '{{ item }}'
    dest: '/etc/nginx/sites-available/{{ inventory_hostname }}_http'
    owner: root
    group: root
    mode: 'u=rw,g=r,o=r'
  with_first_found:
    - files:
        - 'files/nginx/sites/default_http.conf'
        - 'files/nginx/sites-available/default_http.conf.j2'
  notify:
    - systemctl reload nginx

- name: Create default site tls https configuration
  become: true
  ansible.builtin.template:
  template:
    src: '{{ item }}'
    dest: '/etc/nginx/sites-available/{{ inventory_hostname }}_tls'
    owner: root
    group: root
    mode: 'u=rw,g=r,o=r'
  with_first_found:
    - files:
        - 'files/nginx/sites/default_tls.conf'
        - 'files/nginx/sites-available/default_tls.conf.j2'
  notify:
    - systemctl reload nginx

- name: Enable default site plain http configuration
  become: true
  ansible.builtin.file:
    src: '/etc/nginx/sites-available/{{ inventory_hostname }}_http'
    dest: '/etc/nginx/sites-enabled/{{ inventory_hostname }}_http'
    state: link
  notify:
    - systemctl reload nginx

# Note: Done by acmetool after sucessfully obtaining a suitable certificate
- name: Enable default site configuration
  become: true
  ansible.builtin.file:
    src: '/etc/nginx/sites-available/{{ inventory_hostname }}_tls'
    dest: '/etc/nginx/sites-enabled/{{ inventory_hostname }}_tls'
    state: link
  notify:
    - systemctl reload nginx
  when: nginx__disable_acmetool
  tags:
    - configuration
    - nginx
    - sites