---
- name: install package
  ansible.builtin.apt:
    name:
      - haproxy
    default_release: '{{ haproxy_apt_release }}'
  retries: 2
  register: result
  until: result is succeeded
  tags: haproxy

- name: copy ssl certificates
  ansible.builtin.copy:
    content: '{{ item.value }}'
    dest: /etc/haproxy/{{ item.key }}.pem
    owner: root
    group: root
    mode: 0600
  loop: '{{ haproxy_ssl_certificates|dict2items }}'
  no_log: true
  notify: reload haproxy
  tags: haproxy

- name: copy IPs lists
  ansible.builtin.copy:
    content: "{{ item.value|join('\n') }}"
    dest: '/etc/haproxy/{{ item.key }}.list'
    owner: root
    group: root
    mode: 0644
  loop: '{{ haproxy_ips_lists|dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  notify: reload haproxy
  tags: haproxy

- name: create http errors directory
  ansible.builtin.file:
    path: '/etc/haproxy/errors'
    owner: root
    group: root
    mode: 0755
    state: directory
  tags: haproxy

- name: copy http errors file
  ansible.builtin.copy:
    content: '{{ item.value }}'
    dest: '/etc/haproxy/errors/{{ item.key }}.http'
    owner: root
    group: root
    mode: 0644
  loop: '{{ haproxy_http_error_files|dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  tags: haproxy

- name: copy config file
  ansible.builtin.template:
    src: haproxy.cfg.j2
    dest: /etc/haproxy/haproxy.cfg
    owner: root
    group: root
    mode: 0640
    validate: haproxy -c -f %s
  notify: reload haproxy
  tags: haproxy

- name: enable ans start service
  ansible.builtin.service:
    name: haproxy
    enabled: true
    state: started
  tags: haproxy