---
- name: "Configuration | Generate DH Parameters"
  community.crypto.openssl_dhparam:
    path: "{{ dhparam_path }}"
    size: "{{ dhparam_size | default(4096) }}"
  when: nginx_type == 'gateway' or nginx_type == 'standalone'

- name: "Configuration | Get bad user agents"
  ansible.builtin.shell: "curl {{ bad_user_agents_url }}"
  register: bad_user_agents

- name: "Configuration | Copy main configuration"
  ansible.builtin.template:
    src: nginx.conf.j2
    dest: /etc/nginx/nginx.conf
    mode: "0644"
  notify: reload nginx

- name: "Configuration | Copy configuration snippets"
  ansible.builtin.copy:
    src: "{{ item }}"
    dest: "/etc/nginx/snippets/{{ item }}"
    mode: "0644"
  loop:
    - add_headers.conf
    - letsencrypt.conf
  notify: reload nginx

- name: "Configuration | Copy configuration templates"
  ansible.builtin.template:
    src: "{{ item }}.j2"
    dest: "/etc/nginx/conf.d/{{ item }}"
    mode: "0644"
  loop:
    - bad_clients.conf
    - bad_bots.conf
    - reverse_proxy.conf
    - ssl.conf
  notify: reload nginx
  when: nginx_type == 'gateway' or nginx_type == 'standalone'

- name: "Configuration | Copy request limit configuration"
  ansible.builtin.copy:
    src: request_limits.conf
    dest: /etc/nginx/conf.d/
    mode: "0644"
  notify: reload nginx
  when: nginx_type == 'gateway' or nginx_type == 'standalone'

- name: "Configuration | Create systemd override directory"
  ansible.builtin.file:
    path: /etc/systemd/system/nginx.service.d
    state: directory
    mode: "0755"

- name: "Configuration | Copy systemd override configuration"
  ansible.builtin.copy:
    src: systemd/override.conf
    dest: /etc/systemd/system/nginx.service.d/override.conf
    mode: "0644"
  notify:
    - Reload systemd
    - reload nginx