---
- name: Create acme home directory
  file:
    path: "{{ acme_home }}"
    state: "directory"

- name: Get nsupdate.key 
  shell: "pdnsutil list-tsig-keys | grep '^acme-{{ inventory_hostname }}. {{ acme_nsupdate_keyalgo }}'"
  register: "pdns_nsupdate_key"
  failed_when: "False"
  changed_when: "False"
  delegate_to: "{{ acme_nsupdate_server }}"

- name: Generate nsupdate.key
  shell: "pdnsutil generate-tsig-key 'acme-{{ inventory_hostname }}.' '{{ acme_nsupdate_keyalgo }}'"
  register: "pdns_nsupdate_genkey"
  when: "pdns_nsupdate_key is defined and pdns_nsupdate_key.rc != 0"
  delegate_to: "{{ acme_nsupdate_server }}"
  
- name: Get nsupdate.key again
  shell: "pdnsutil list-tsig-keys | grep '^acme-{{ inventory_hostname }}. {{ acme_nsupdate_keyalgo }}'"
  register: "pdns_nsupdate_key"
  when: "pdns_nsupdate_genkey is defined"
  changed_when: "False"
  delegate_to: "{{ acme_nsupdate_server }}"

- name: Write nsupdate.key to file
  template:
      src: "nsupdate.key.j2"
      dest: "{{ acme_nsupdate_key }}"
  when: "pdns_nsupdate_key is defined"

- name: Check acme.sh exists
  stat:
    path: "{{ acme_home }}/acme.sh"
  register: "stat_acme_sh"

- name: Fetch acme.sh
  get_url:
    url: "{{ acme_sh_url }}"
    dest: "/tmp/acme.sh"
    mode: "0755"
  register: "fetch_acme_sh"
  when: "not stat_acme_sh.stat.exists"

- name: Install acme.sh
  shell: "./acme.sh --home '{{ acme_home }}' --install"
  args:
    chdir: "/tmp"
    creates: "{{ acme_home }}/acme.sh"
  when: "fetch_acme_sh is defined"

- name: Create acme dnsapi directory
  file:
    path: "{{ acme_home }}/dnsapi"
    state: "directory"

- name: Fetch acme.sh dns_nsupdate
  get_url:
    url: "{{ acme_dns_nsupdate_url }}"
    dest: "{{ acme_home }}/dnsapi/"
    mode: "0755"

- name: Create acme certificate directory
  file:
    path: "{{ acme_home }}/{{ inventory_hostname }}"
    state: "directory"

- name: Copy reload.sh
  copy:
    src: "reload.sh"
    dest: "{{ acme_home }}/{{ inventory_hostname }}/reload.sh"
    mode: "0755"

- name: Issue certificate
  shell: "{{ lookup('template','acme.sh.request.j2').replace('\n',' ') }}"
  args:
    chdir: "{{ acme_home }}"
    creates: "{{ acme_home }}/{{ inventory_hostname }}/{{ inventory_hostname }}.key"