---
# file: roles/haproxy/tasks/pullcerts.yml

- name: Find out active proxy
  set_fact:
    proxy_active_host: '{{ item }}'
  with_items: '{{ groups.proxyserver|default([]) }}'
  when: hostvars[item].proxy_active|default(true)

- name: Set directory permissions to current user
  file:
    path: '{{ item }}'
    owner: '{{ ansible_env.SUDO_USER|default("root") }}'
    recurse: yes
    follow: no
  with_items:
    - /etc/letsencrypt
    - /etc/haproxy/certs

- name: Sync files
  shell: 'rsync -rulp "{{ proxy_active_host }}:{{ item }}/" "{{ item }}"'
  delegate_to: '{{ inventory_hostname }}'
  become: no
  with_items:
    - /etc/letsencrypt
    - /etc/haproxy/certs
  ignore_errors: yes
  # We ignore errors as they may happen if we run the script without the other proxy

- name: Set directory permissions to root
  file:
    path: '{{ item }}'
    owner: root
    recurse: yes
    follow: no
  with_items:
    - /etc/letsencrypt
    - /etc/haproxy/certs