- name: Check if ssl dir exist
  file: 
    name: "{{ haproxy_ssl_path }}"
    state: directory
  when: haproxy_ssl

- name: Add predefined ssl cert for HAProxy
  copy:
    src: "{{ haproxy_cert_name }}"
    dest: "{{ haproxy_ssl_path }}/{{ haproxy_cert_name }}"
  notify: Reload HAProxy
  when: haproxy_cert is defined

- block:
  - name: Check if temp ssl dir exist
    file: 
      name: "{{ haproxy_self_signed_cert_gen_path }}"
      state: directory

  - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
    community.crypto.openssl_privatekey:
      path: "{{ haproxy_self_signed_cert_gen_path }}/key.pem"
    when: haproxy_cert is not defined
    register: haproxy_key_gen
  
  - name: Generate a Self Signed OpenSSL certificate
    community.crypto.x509_certificate:
      path: "{{ haproxy_self_signed_cert_gen_path }}/cert.crt"
      privatekey_path: "{{ haproxy_self_signed_cert_gen_path }}/key.pem"
      provider: selfsigned
    when: haproxy_cert is not defined
    register: haproxy_cert_gen
  
  - name: Cat cert and key to single file for HAProxy
    ansible.builtin.shell: |
      cat {{ haproxy_self_signed_cert_gen_path }}/cert.crt > {{ haproxy_ssl_path }}/{{ haproxy_cert_name }}
      cat {{ haproxy_self_signed_cert_gen_path }}/key.pem >> {{ haproxy_ssl_path }}/{{ haproxy_cert_name }}
    when: haproxy_cert_gen.changed or haproxy_key_gen.changed
    notify: Reload HAProxy
  when: haproxy_self_signed_cert