---

- name: Issue certificate
  ansible.builtin.command:
    cmd: "/etc/x509/acme.sh --issue --domain {{ host.host }} --webroot {{ nginx_letsencrypt_dir }} --reloadcmd \"{{ acme_reload_cmd | default('systemctl reload nginx.service') }}\""
    creates: "/etc/x509/{{ host.host }}*"
  environment:
    LE_WORKING_DIR: "/etc/x509"

- name: Check if ecc dir
  ansible.builtin.stat:
    path: "/etc/x509/{{ host.host }}_ecc"
  register: _nginx_x509_ecc_dir

- name: Move dir if exists
  when: _nginx_x509_ecc_dir.stat.exists
  block:
    - name: Copy ecc dir
      ansible.builtin.copy:
        remote_src: true
        src: "/etc/x509/{{ host.host }}_ecc/"
        dest: "/etc/x509/{{ host.host }}"
        mode: "{{ _nginx_x509_ecc_dir.stat.mode }}"

    - name: Remove ecc dir
      ansible.builtin.file:
        path: "/etc/x509/{{ host.host }}_ecc/"
        state: absent