- name: Check, if a save of a previous `nginx.conf` is present
  ansible.builtin.stat:
    path: /etc/nginx/nginx.conf.ansiblesave
  register: nginx__nginx_conf_ansiblesave_stat

- name: Handle the case, where a custom `nginx.conf` is to be used
  when: nginx__use_custom_nginx_conf
  block:
    - name: When no `nginx.conf.ansiblesave` is present, save the current `nginx.conf`
      when: not nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/nginx.conf.ansiblesave
        mode: "0644"
        owner: root
        group: root
        remote_src: true
        src: /etc/nginx/nginx.conf
      become: true

    - name: Ensure the custom `nginx.conf` is deployed
      ansible.builtin.copy:
        content: "{{ nginx__custom_nginx_conf }}"
        dest: "/etc/nginx/nginx.conf"
        mode: "0644"
        owner: root
        group: root
      become: true
      notify: Restart nginx

- name: Handle the case, where no custom `nginx.conf` is to be used
  when: not nginx__use_custom_nginx_conf
  block:
    - name: When a `nginx.conf.ansiblesave` is present, copy it to `nginx.conf`
      when: nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/nginx.conf
        mode: "0644"
        owner: root
        group: root
        remote_src: true
        src: /etc/nginx/nginx.conf.ansiblesave
      become: true
      notify: Restart nginx

    - name: Ensure no `nginx.conf.ansiblesave` is present
      when: nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.file:
        path: /etc/nginx/nginx.conf.ansiblesave
        state: absent
      become: true

- name: Ensure mozilla dhparam is deployed
  ansible.builtin.get_url:
    force: true
    dest: /etc/nginx-mozilla-dhparam
    mode: "0644"
    url: https://ssl-config.mozilla.org/ffdhe2048.txt
  become: true
  notify: Restart nginx

- name: Set `nginx__config_files_to_exist` fact initially to an empty list
  ansible.builtin.set_fact:
    nginx__config_files_to_exist: [ ]

- name: Handle the case, where tls.conf should be deployed
  when: nginx__deploy_tls_conf
  block:
    - name: Ensure tls.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/tls.conf
        mode: "0644"
        owner: root
        group: root
        src: tls.conf
      become: true
      notify: Restart nginx

    - name: Add tls.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'tls.conf' ] }}"  # noqa: jinja[spacing]

- name: Handle the case, where redirect.conf should be deployed
  when: nginx__deploy_redirect_conf
  block:
    - name: Ensure redirect.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/redirect.conf
        mode: "0644"
        owner: root
        group: root
        src: redirect.conf
      become: true
      notify: Restart nginx

    - name: Add redirect.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'redirect.conf' ] }}"  # noqa: jinja[spacing]

- name: Handle the case, where logging.conf should be deployed
  when: nginx__deploy_logging_conf
  block:
    - name: Ensure logging.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/logging.conf
        mode: "0644"
        owner: root
        group: root
        src: logging.conf
      become: true
      notify: Restart nginx

    - name: Add logging.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'logging.conf' ] }}"  # noqa: jinja[spacing]

- name: Ensure all given configuration files are deployed
  ansible.builtin.copy:
    content: "{{ item.content }}"
    dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
    mode: "0644"
    owner: root
    group: root
  become: true
  loop: "{{ nginx__configurations }}"
  loop_control:
    label: "{{ item.name }}"
  notify: Restart nginx

- name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact
  ansible.builtin.set_fact:
    nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}"  # noqa: jinja[spacing]
  loop: "{{ nginx__configurations }}"
  loop_control:
    label: "{{ item.name }}"

- name: Find configuration files to remove
  ansible.builtin.find:
    paths: /etc/nginx/conf.d/
    recurse: false
    excludes: "{{ nginx__config_files_to_exist }}"
  register: nginx__config_files_to_remove

- name: Remove all configuration file, which should be removed
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  become: true
  loop: "{{ nginx__config_files_to_remove.files }}"
  loop_control:
    label: "{{ item.path | ansible.builtin.basename }}"
  notify: Restart nginx