---

- name: Download acme.sh
  become_user: "{{ acme_system_user }}"
  git:
    repo: "{{ acme_source_repository }}"
    version: "{{ acme_source_version }}"
    dest: "{{ acme_source_directory }}"
    update: no

- name: Install acme helper script for user
  template:
    src: acme_user.sh
    dest: "{{ acme_helper_script }}"
    owner: "{{ acme_system_user }}"
    group: "{{ acme_system_user }}"
    mode: "u=rwx,g=rx,o="

- name: Install acme helper script for root
  template:
    src: acme_root.sh
    dest: "{{ acme_root_helper_script }}"
    owner: "root"
    group: "root"
    mode: "u=rwx,g=rx,o="

- name: Configure acme.sh
  become_user: "{{ acme_system_user }}"
  command: >-
    ./acme.sh --install
    --home {{ acme_installation_directory | quote }}
    --config-home {{ acme_configuration_directory | quote }}
    --cert-home {{ acme_internal_certificates_directory | quote }}
    --accountemail {{ acme_account_mail | quote }}
  args:
    chdir: "{{ acme_source_directory }}"
    creates: "{{ acme_installation_directory }}"

- name: Upgrade acme.sh
  become_user: "{{ acme_system_user }}"
  command: >-
    ./acme.sh --upgrade
    --home {{ acme_installation_directory | quote }}
    --config-home {{ acme_configuration_directory | quote }}
  args:
    chdir: "{{ acme_installation_directory }}"
  register: acme_upgrade_results
  changed_when: acme_upgrade_results.rc == 0 and "Upgrade success" in acme_upgrade_results.stdout

- name: Create directory for certificates
  file:
    path: "{{ acme_certificates_directory }}"
    state: directory
    owner: "{{ acme_system_user }}"
    group: "{{ acme_system_user }}"
    mode: "u=rwx,g=,o="