# SPDX-License-Identifier: MIT
- name: 'Install Nginx web server'
  when: 'ansible_facts[''system''] | lower == ''linux'''
  ansible.builtin.package:
    name:
      - 'nginx'
    state: 'present'
  notify:
    - 'Reload web server'

- name: 'Remove Nginx'' default config file'
  ansible.builtin.file:
    path: '/etc/nginx/sites-enabled/default'
    state: 'absent'
  notify:
    - 'Reload web server'

- name: 'Add Nginx config file for Proxmox web interface on port 443'
  ansible.builtin.template:
    src: 'etc/nginx/sites-available/proxmox.conf.j2'
    dest: '/etc/nginx/sites-available/proxmox.conf'
  notify:
    - 'Reload web server'

- name: 'Activate Nginx config file for Proxmox web interface on port 443'
  ansible.builtin.file:
    src: '../sites-available/proxmox.conf'
    dest: '/etc/nginx/sites-enabled/proxmox.conf'
    state: 'link'
  notify:
    - 'Reload web server'

- name: 'Create systemd override dir for nginx.service'
  ansible.builtin.file:
    path: '/etc/systemd/system/nginx.service.d'
    state: 'directory'
    mode: '0755'
  notify:
    - 'Reload systemd unit configs'
    - 'Reload web server'

- name: 'Make sure nginx.service only starts after its certs dir is available provided by pve-cluster.service'
  loop_control:
    loop_var: 'config'
    index_var: 'i'
    label: 'Set systemd override.conf ''{{ config.key }}={{ config.value }}'' setting'
  loop:
    - { key: 'Requires', value: 'pve-cluster.service' }
    - { key: 'After',    value: 'pve-cluster.service' }
  community.general.ini_file:
    path: '/etc/systemd/system/nginx.service.d/override.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
    no_extra_spaces: true
    section: 'Unit'
    option: '{{ config.key }}'
    value: '{{ config.value }}'
  notify:
    - 'Reload systemd unit configs'
    - 'Reload web server'

- name: 'Flush handlers'
  meta: 'flush_handlers'

- name: 'Start Nginx web server'
  ansible.builtin.service:
    name: 'nginx.service'
    state: 'started'
    enabled: true