- name: Gather package facts
  ansible.builtin.package_facts:
    manager: auto  # Automatically detects the package manager (apt, yum, dnf, etc.)

- name: Debug if NGINX is installed
  ansible.builtin.debug:
    msg: "NGINX is installed (version: {{ ansible_facts.packages['nginx'][0].version }})"
  when: "'nginx' in ansible_facts.packages" # Checks if 'nginx' key exists in the gathered facts

- name: Debug if NGINX is NOT installed
  ansible.builtin.debug:
    msg: "NGINX is not installed"
  when: "'nginx' not in ansible_facts.packages"

- name: Stop nginx to generate initial lego cert
  service:
    name: nginx
    state: stopped
  when: "'nginx' in ansible_facts.packages" # Checks if 'nginx' key exists in the gathered facts

- name: Generate initial cert
  command:
    cmd: /usr/local/bin/lego -a --email="{{ letsencrypt_email }}" --domains="{{ inventory_hostname | default(cert_domain) }}" --key-type {{ cert_key_type | default('rsa4096') }} --http run
    chdir: /root
    creates: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.crt"
  when: "'nginx' in ansible_facts.packages" # Checks if 'nginx' key exists in the gathered facts

- name: Start nginx after generating initial lego cert
  service:
    name: nginx
    state: started
  when: "'nginx' in ansible_facts.packages" # Checks if 'nginx' key exists in the gathered facts