---
# This just installs acme.sh for freifunk
- name: Check if acme.sh config files exists
  ansible.builtin.stat:
    path: "/root/.acme.sh"
    get_checksum: false
  become: true
  register: acme_config
- name: Download acme.sh
  ansible.builtin.get_url:
    url: "https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh"
    dest: "/opt/downloaded_acme.sh"
    force: true
    mode: '755'
    owner: root
    group: root
  become: true
  become_method: sudo
  register: download_acme
  when: acme_config.stat.exists == false
- name: Install acme.sh
  ansible.builtin.command:
    cmd: "/bin/bash /opt/downloaded_acme.sh --install --nocron -m freifunk@c3l.lu"
  become: true
  become_method: sudo
  when: download_acme.changed && acme_config.stat.exists == false
- name: Update acme.sh if not newly installed
  ansible.builtin.command:
    cmd: "/bin/bash /root/.acme.sh/acme.sh --upgrade"
  become: true
  when: acme_config.stat.exists
- name: Add cronjob for acme.sh
  ansible.builtin.cron:
    name: "reissue certs if necessary"
    user: root
    job: "/root/.acme.sh/acme.sh --cron --home \"/root/.acme.sh/\" > /dev/null"
    state: "present"
    minute: "0"
    hour: "0"
    day: "*"
    month: "*"
    weekday: "*"
  become: true