- name: Copy app to server
  ansible.builtin.copy:
    src: inception/
    dest: "{{ dest_dir }}/"
    force: true
  when: not ansible_check_mode

- name: Create .env file
  ansible.builtin.template:
    src: .env.j2
    dest: "{{ dest_dir }}/srcs/.env"
    owner: root
    group: root
    mode: '0644'

- name: Install dummy SSL certificates
  block:
    - name: Create cert dir
      ansible.builtin.file:
        path: "{{ cert_path }}"
        state: directory
        mode: '0755'

    - name: Create private key
      community.crypto.openssl_privatekey:
        path: "{{ cert_path }}/privkey.pem"
        size: 4096

    - name: Create signing certificate
      community.crypto.openssl_csr:
        path: "{{ cert_path }}/cert.csr"
        privatekey_path: "{{ cert_path }}/privkey.pem"

    - name: Create self-signed certificate
      community.crypto.x509_certificate:
        path: "{{ cert_path }}/fullchain.pem"
        privatekey_path: "{{ cert_path }}/privkey.pem"
        csr_path: "{{ cert_path }}/cert.csr"
        provider: selfsigned
        selfsigned_not_after: "+1d"
        state: present
      when: not ansible_check_mode

    - name: Download recommended NGINX conf
      ansible.builtin.get_url:
        url: https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf
        dest: "{{ dest_dir }}/srcs/nginx/certbot/conf/options-ssl-nginx.conf"

    - name: Download recommended TLS parameters
      ansible.builtin.get_url:
        url: https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem
        dest: "{{ dest_dir }}/srcs/nginx/certbot/conf/ssl-dhparams.pem"


- name: Run the app
  ansible.builtin.command: "make -C {{ dest_dir }}"
  when: not ansible_check_mode