- name: Create directory hierarchyes for certs
  ansible.builtin.file:
    mode: "755"
    path: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc"
    state: directory
  loop: "{{ acme_sh_domains }}"

- name: Copy pre_hooks
  ansible.builtin.copy:
    content: "{{ item['pre_hook'] | default('') }}"
    dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/pre_hook.sh"
    mode: "750"
  loop: "{{ acme_sh_domains }}"

- name: Copy post_hooks
  ansible.builtin.copy:
    content: "{{ item['post_hook'] | default('')}}"
    dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/post_hook.sh"
    mode: "750"
  loop: "{{ acme_sh_domains }}"

- name: Copy update_hooks
  ansible.builtin.copy:
    content: "{{ item['renew_hook'] | default('')}}"
    dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/renew_hook.sh"
    mode: "750"
  loop: "{{ acme_sh_domains }}"


- name: Issue certs
  ansible.builtin.command:
    chdir: "{{ acme_sh_home }}"
    cmd: |
      /bin/sh acme.sh
      --config-home {{ acme_sh_config_home | quote }}
      --issue
      --dns {{ item['dns_provider'] | default('dns_cf') }}
      -d {{ item['domains'] | join(' -d ') }}
      --pre-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/pre_hook.sh
      --post-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/post_hook.sh
      --renew-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/update_hook.sh
    creates: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/fullchain.cer"
  environment: "{{ item['acme_sh_issue_env_vars'] }}"
  loop: "{{ acme_sh_domains }}"