---
# nginx is the proxy server
# nginx-light contains less modules
# but also reduces the surface of attack
- name: Install NGINX server
  apt:
    name: nginx-light
    update_cache: true
  register: apt_result
  retries: 3
  until: apt_result is succeeded

# Install proxy snippets
- name: Configure NGINX proxy snippets
  template:
    src: "nginx/snippets/{{ item }}.j2"
    dest: "/etc/nginx/snippets/{{ item }}"
    mode: 0644
  loop:
    - proxy-common.conf
    - proxy-common-ssl.conf
  notify: Reload NGINX service

# Install sites
- name: Configure NGINX sites
  template:
    src: nginx/nginx-sites-available.j2
    dest: "/etc/nginx/sites-available/{{ item.name }}"
    mode: 0644
  loop: "{{ reversed_proxy_subdomains }}"
  notify: Reload NGINX service

# Desactive useless nginx sites
- name: Deactivate the default NGINX site
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
  notify: Reload NGINX service

# Activate sites
- name: Activate sites
  file:
    src: "/etc/nginx/sites-available/{{ item.name }}"
    dest: "/etc/nginx/sites-enabled/{{ item.name }}"
    state: link
  loop: "{{ reversed_proxy_subdomains }}"
  notify: Reload NGINX service

# Install main site
- name: Configure NGINX main site
  template:
    src: nginx/nginx-sites-available-main.j2
    dest: /etc/nginx/sites-available/main
    mode: 0644
  notify: Reload NGINX service

# Activate main site
- name: Activate main site
  file:
    src: /etc/nginx/sites-available/main
    dest: /etc/nginx/sites-enabled/main
    state: link
  notify: Reload NGINX service