---

- name: Make sure needed vars are defined
  ansible.builtin.fail:
    msg: "{{ item }} is undefined"
  loop:
    - "{{ add_cert_domain }}"
    - "{{ add_cert_email }}"
    - "{{ add_cert_post_hook }}"
  when: item is undefined

- name: Get local public IP
  ansible.builtin.uri:
    url: "https://ipinfo.io/ip"
    return_content: true
  register: local_public_ip

- name: Get public IP of "{{ add_cert_domain }}"
  ansible.builtin.set_fact:
    target_public_ip: "{{ lookup('community.general.dig', add_cert_domain, '@1.1.1.1') }}"

- name: Deploy letsencrypt certificate (HTTP-01)
  when: local_public_ip.content == target_public_ip
  ansible.builtin.include_role:
    name: add_cert_http_01

- name: Deploy letsencrypt certificate (DNS-01)
  when: local_public_ip.content != target_public_ip
  ansible.builtin.include_role:
    name: add_cert_dns_01