---

- name: "[NGINX] - Create local ssl Directory"
  file:
    path: "{{ nginx_ssl_dir }}"
    state: directory
    mode: 0755

- name: "[NGINX] - Generate DH file"
  command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
  args:
    creates: "{{ nginx_dh_path }}"
  when: nginx_gen_dh == 'true'
  notify:
    - reload nginx

- name: "[NGINX] - Deploy DH file from vars"
  copy:
    content: "{{ nginx_dh }}"
    dest: "{{ nginx_dh_path }}"
  when: nginx_dh is defined
  notify:
    - reload nginx

- name: "[NGINX] - Create SSL keys subfolder"
  file:
    path: "{{ nginx_ssl_dir }}/{{ item.ssl_name }}"
    state: directory
    mode: 0755
  with_items: "{{ nginx_vhosts }}"
  when: item.copy_ssl is defined
  notify: reload nginx

- name: "[NGINX] - Deploy SSL keys"
  copy:
    src: "{{ ssl_src_path }}/{{ item.ssl_name }}/privkey.pem"
    dest: "{{ nginx_ssl_dir}}/{{ item.ssl_name }}/privkey.pem"
    mode: 0700
  with_items: "{{ nginx_vhosts }}"
  when: item.copy_ssl is defined
  notify: reload nginx

- name: "[NGINX] - Deploy SSL certs"
  copy:
    src: "{{ ssl_src_path }}/{{ item.ssl_name }}/fullchain.pem"
    dest: "{{ nginx_ssl_dir}}/{{ item.ssl_name }}/fullchain.pem"
    mode: 0644
  with_items: "{{ nginx_vhosts }}"
  when: item.copy_ssl is defined
  notify: reload nginx