---

- name: enable apache2 modules
  community.general.apache2_module:
    name: "{{ item }}"
  loop: "{{ apache2_modules }}"
  notify: restart apache2

- meta: flush_handlers

- name: check for tls keypair existence
  stat:
    path: "{{ item  }}"
    follow: yes
  loop: |
    {%- set files = [] -%}
    {%- for name, site in apache2_sites | dict2items -%}
    {%- if site.https_enabled | default(apache2_vhost_https_enabled) -%}
    {%- endif -%}
    {%- set _x = files.append(site.tls_certfile | default(apache2_tls_certfile)) -%}
    {%- set _x = files.append(site.tls_keytfile | default(apache2_tls_keyfile)) -%}
    {%- endfor -%}
    {{- files | unique | list -}}
  register: apache2_register_stat_tls_keypairs
  
- name: render apache site configs
  template:
    src: etc/apache2/sites-available/site.conf.j2
    dest: "/etc/apache2/sites-available/{{ item.key }}.conf"
    owner: root
    group: root
    mode: 0644
  vars:
    name: "{{ item.key }}"
    site: "{{ item.value }}"
    certfile_exists: "{{ (apache2_register_stat_tls_keypairs.results | selectattr('item', 'equalto', (item.value.tls_certfile | default(apache2_tls_certfile)) )).stat.exists }}"
    keyfile_exists: "{{ (apache2_register_stat_tls_keypairs.results | selectattr('item', 'equalto', (item.value.tls_certfile | default(apache2_tls_keyfile)) )).stat.exists }}"
  loop: "{{ apache2_sites | dict2items }}"
  notify: reload apache2

- name: enable apache2 sites
  file:
    path: "/etc/apache2/sites-enabled/{{ item }}.conf"
    state: link
    src: "../sites-available/{{ item }}.conf"
    owner: root
    group: root
    mode: 0777
  loop: "{{ apache2_sites }}"
  notify: reload apache2