---

- name: install nginx package
  package:
    name: nginx-full
    state: present

- name: create dhparam
  shell: /usr/bin/openssl dhparam -out /etc/nginx/dhparam.pem 2048
  args:
    creates: /etc/nginx/dhparam.pem

- name: put configuration files
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  notify:
    - restart nginx
  loop:
    - {src: nginx.conf.j2, dest: /etc/nginx/nginx.conf}
    - {src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf}
    - {src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params}
    - {src: proxy_params.j2, dest: /etc/nginx/proxy_params}
    - {src: default.j2, dest: /etc/nginx/sites-available/default}

- name: create base dir
  file:
    path: /srv/http
    owner: root
    group: www-data
    mode: 'u+rwx,g+rs,o-rwx'
    state: directory

- name: create letsencrypt dir
  file:
    path: /srv/http/common/letsencrypt
    owner: root
    group: www-data
    mode: 'u+rwx,g+rs,o-rwx'
    state: directory

- include_tasks: vhosts.yml