---
# tasks file for traefik

- name: Ensure traefik config directory exists
  file:
    path: "{{ traefik_install_path }}/traefik"
    state: directory
    owner: '{{ traefik_install_user }}'
    group: '{{ traefik_install_user }}'
  tags: config

- name: Ensure traefik rules directory exists
  file:
    path: "{{ traefik_install_path }}/traefik/rules"
    state: directory
    owner: '{{ traefik_install_user }}'
    group: '{{ traefik_install_user }}'
  tags: config

- name: Provide TLS default options
  template:
    src: templates/t2-rules-tls-options.toml.j2
    dest: "{{ traefik_install_path }}/traefik/rules/tls-options.toml"
    owner: "{{ traefik_install_user }}"
    group: "{{ traefik_install_user }}"
    mode: '0644'
  tags: config

- name: Provide docker-compose.yml
  template:
    src: templates/docker-compose.traefik.yml.j2
    dest: "{{ traefik_install_path }}/traefik/docker-compose.yml"
    owner: "{{ traefik_install_user }}"
    group: "{{ traefik_install_user }}"
    mode: '0644'
  tags: config

- name: Provide traefik.toml
  template:
    src: templates/traefik.toml.j2
    dest: "{{ traefik_install_path }}/traefik/traefik.toml"
    owner: "{{ traefik_install_user }}"
    group: "{{ traefik_install_user }}"
    mode: '0644'
  tags: config

- name: Configure SSL
  copy:
    content: ""
    force: no
    dest: "{{ traefik_install_path }}/traefik/acme.json"
    mode: 0600
  tags: config

- name: "docker-compose: Teardown existing Traefik service (only removes the containers)"
  docker_compose:
    project_src: "{{ traefik_install_path }}/traefik/"
    state: absent
  tags: ['never', 'teardown']

- name: "docker-compose: Start Traefik service"
  docker_compose:
    project_src: "{{ traefik_install_path }}/traefik/"
  register: output
  tags: service_start

- debug:
    var: output

- name: "Waiting for Traefik service (443/TLS) to become available"
  become: false
  wait_for:
    host: "{{ ansible_ssh_host }}"
    port: 443
  delegate_to: localhost