---
- name: Include vault variables
  ansible.builtin.include_vars: vault.yml

- name: Deploy letsencrypt certificate
  ansible.builtin.include_role:
    name: deploy_certificate
  vars:
    domain: tunuifranken.info

- name: Create tunuifranken directory
  become: true
  ansible.builtin.file:
    path: "{{ document_root }}"
    owner: "{{ apache2_owner }}"
    group: "{{ apache2_group }}"
    state: directory
    mode: 0775

- name: Copy vHost conf
  become: true
  ansible.builtin.template:
    src: apache2/tunuifranken.info.conf.j2
    dest: /etc/apache2/sites-available/tunuifranken.info.conf
    mode: 0644
  notify: Reload apache2 service

- name: Activate vHost
  become: true
  ansible.builtin.command: a2ensite tunuifranken.info.conf
  register: result
  changed_when: "'already enabled' not in result.stdout"
  notify: Reload apache2 service

- name: Install git
  become: true
  ansible.builtin.apt:
    name: git
    state: present

- name: Create .ssh dir
  ansible.builtin.file:
    path: ~/.ssh
    mode: 0700

- name: Add SSH public key
  ansible.builtin.copy:
    content: "{{ ssh_keys.pub }}"
    dest: ~/.ssh/id_rsa.pub
    mode: 0644

- name: Add SSH private key
  ansible.builtin.copy:
    content: "{{ ssh_keys.priv }}"
    dest: ~/.ssh/id_rsa
    mode: 0600

- name: Make DNS resolution for tunuifranken.info local
  become: true
  ansible.builtin.lineinfile:
    line: "127.0.0.1\ttunuifranken.info"
    path: /etc/hosts

- name: Clone tunuifranken.info repo
  ansible.builtin.git:
    repo: git@tunuifranken.info:flyingscorpio/tunuifranken.info.git
    dest: "{{ document_root }}"
    clone: true
    version: main
    update: false
    accept_newhostkey: true