---
# file: roles/haproxy/tasks/pullcerts.yml

- name: "Find out active proxy"
  set_fact: proxy_active_host={{ item }}
  with_items: '{{ groups.proxyserver }}'
  when: hostvars[item].proxy_active|default(true)

- name: "Set directory permissions to current user"
  file:
    path: '{{ item }}'
    owner: '{{ ansible_env.SUDO_USER }}'
    recurse: yes
  with_items:
    - '/etc/letsencrypt'
    - '/etc/haproxy/certs'

- name: "Sync files"
  shell: rsync -rulp '{{ proxy_active_host }}:{{ item }}/' '{{ item }}'
  delegate_to: "{{ inventory_hostname }}"
  become: no
  with_items:
    - '/etc/letsencrypt'
    - '/etc/haproxy/certs'

- name: "Set directory permissions to root"
  file:
    path: '{{ item }}'
    owner: 'root'
    recurse: yes
  with_items:
    - '/etc/letsencrypt'
    - '/etc/haproxy/certs'