---
- name: ensure ssl related packages are installed (yum)
  package: 
    state: present
    name:
      - mod_ssl
  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'

- name: ensure ssl related packages are installed (dnf)
  dnf: name={{ item }} state=present
  with_items:
      - mod_ssl
  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined

- name: ensure ssl related packages are installed (dnf)
  dnf: name={{ item }} state=present
  with_items:
      - mod_ssl
  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined

#- name: copy ssl key
#  copy: src={{ private }}/files/taskotron/certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key dest=/etc/pki/tls/private/{{ inventory_hostname }}.key
#
#- name: copy ssl cert
#  copy: src={{ private }}/files/taskotron/certs/{{ inventory_hostname }}/{{ inventory_hostname }}.crt dest=/etc/pki/tls/certs/{{ inventory_hostname }}.crt

- name: redirect letsencrypt to fedora proxies so certgetter can get this cert. 
  copy: src=certgetter.conf dest=/etc/httpd/conf.d/certgetter.conf owner=root group=root mode=0644
  tags:
  - httpd
  notify:
  - reload httpd

- name: generate rhel httpd ssl config
  template: src=ssl.conf.rhel.j2 dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644
  when: is_rhel is defined
  tags:
  - httpd
  notify:
  - reload httpd

- name: generate fedora httpd ssl config
  template: src=ssl.conf.j2 dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644
  when: is_fedora is defined
  tags:
  - httpd
  notify:
  - reload httpd