---
- name: Generate keys and certificates
  hosts:
    - localhost
  gather_facts: false
  handlers:
    - name: Restart Nginx on host01
      delegate_to: host01
      command: docker restart web-proxy_proxy_1

    - name: Restart Nginx on ns4
      delegate_to: ns4
      command: docker restart web-proxy_proxy_1

    - name: Restart Nginx on kodi
      delegate_to: kodi
      command: docker restart web-proxy_proxy_1

    - name: Reload Exim
      delegate_to: host01
      command: docker kill --signal SIGHUP mail_smtp_1

    - name: Reload Dovecot
      delegate_to: host01
      command: docker kill --signal SIGHUP mail_imap_1

  tasks:
    - name: Issue certificate for ns4
      include_tasks: '{{ playbook_dir }}/tasks/renew-cert.yaml'
      vars:
        handlers:
          - Restart Nginx on ns4
        host: ns4
        subject_alt_name: |-
          DNS:ns4.shore.co.il,DNS:autoconfig.shore.co.il,DNS:registry.shore.co.il,DNS:www.shore.co.il,DNS:shore.co.il,DNS:myip.shore.co.il
      tags:
        - ns4

    - name: Issue certificate for host01
      include_tasks: '{{ playbook_dir }}/tasks/renew-cert.yaml'
      vars:
        handlers:
          - Restart Nginx on host01
        host: host01
        subject_alt_name: |-
          DNS:ns1.shore.co.il,DNS:lam.shore.co.il,DNS:nextcloud.shore.co.il,DNS:git.shore.co.il,DNS:code.shore.co.il
      tags:
        - host01

    - name: Issue certificate for smtp
      include_tasks: '{{ playbook_dir }}/tasks/renew-cert.yaml'
      vars:
        delegate_host: host01
        filename: mail
        handlers:
          - Reload Dovecot
          - Reload Exim
          - Restart Nginx on host01
        host: mail
        subject_alt_name: |-
            DNS:smtp.shore.co.il,DNS:imap.shore.co.il,DNS:mta-sts.shore.co.il
      tags:
        - smtp