---

- name: "Apache | Debian | Site '{{ name }}' | Checking config"
  ansible.builtin.fail:
    msg: "The required site-configuration was not provided!
    Needed: 'domain'"
  when: site.domain is undefined
  tags: [config, sites, certs]

- name: "Apache | Debian | Site '{{ name }}' | Configuring certificates"
  ansible.builtin.import_tasks: add_certs.yml
  when: "site.ssl.mode in ['selfsigned', 'existing', 'ca']"
  tags: [sites, certs]

- name: "Apache | Debian | Site '{{ name }}' | Configuring listen-ports"
  ansible.builtin.blockinfile:
    path: '/etc/apache2/ports.conf'
    block: |
      Listen {{ port }}
    marker: "# {mark} ANSIBLE MANAGED BLOCK - port '{{ port }}'"
    insertafter: '# /etc/apache2/sites-enabled/000-default.conf'
  ignore_errors: true
  when:
    - port != 80
    - port != 443
    - port != '80'
    - port != '443'
  loop_control:
    loop_var: port
  with_items:
    - "{{ site.port_plain }}"
    - "{{ site.port_ssl }}"
  tags: [config, sites]

- name: "Apache | Debian | Site '{{ name }}' | Create root directory"
  ansible.builtin.file:
    path: "{{ site.serve.path }}"
    state: directory
    owner: "{{ APACHE_CONFIG.user }}"
    group: "{{ APACHE_CONFIG.group }}"
    mode: 0755
  when: site.mode == 'serve'
  tags: [sites]

- name: "Apache | Debian | Site '{{ name }}' | Configuring site"
  ansible.builtin.template:
    src: 'templates/etc/apache2/sites-available/site.conf.j2'
    dest: "/etc/apache2/sites-available/site_{{ name }}.conf"
    owner: 'root'
    group: 'root'
    mode: 0644
  tags: [config, sites]

- name: "Apache | Debian | Site '{{ name }}' | Enabling site"
  ansible.builtin.file:
    state: link
    src: "/etc/apache2/sites-available/site_{{ name }}.conf"
    dest: "/etc/apache2/sites-enabled/site_{{ name }}.conf"
    owner: 'root'
    group: 'root'
    mode: 0644
  tags: [sites]