---
- name: Remove default nginx vhost config file (if configured).
  file:
    path: "{{ nginx_default_vhost_path }}"
    state: absent
  when: nginx_remove_default_vhost
  notify: reload nginx

- name: Ensure nginx_vhost_path exists.
  file:
    path: "{{ nginx_vhost_path }}"
    state: directory
  notify: reload nginx

- name: Create self-signed ssl certificates.
  x509_certificate:
    key_path: '/etc/ssl/private/{{vhost.server_name}}.key'
    cert_path: '/etc/ssl/certs/{{vhost.server_name}}.pem'
    common_name: '{{vhost.server_name}}'
  when: vhost.ssl | default(false)
  loop_control:
    loop_var: vhost
  with_items: '{{nginx_vhosts|default([])}}'
  register: vhosts_x509

- name: Add managed vhost config file (if any vhosts are configured).
  template:
    src: vhosts.j2
    dest: "{{ nginx_vhost_path }}/{{ nginx_vhosts_filename }}"
    mode: 0644
  when: nginx_vhosts|length > 0
  notify: reload nginx

- name: Remove managed vhost config file (if no vhosts are configured).
  file:
    path: "{{ nginx_vhost_path }}/{{ nginx_vhosts_filename }}"
    state: absent
  when: nginx_vhosts|length == 0
  notify: reload nginx