- name: create configuration directories
  become: yes
  file:
    path: '{{ item }}'
    state: directory
    owner: openvpn
    group: openvpn
    mode: '0750'
  loop:
    - '/etc/openvpn/client'
    - '/etc/openvpn/client/zeus'
    - '/etc/openvpn/server'

- name: copy configuration
  become: yes
  template:
    src: 'templates/{{ platform }}/openvpn.j2'
    dest: '/etc/openvpn/client/zeus.conf'
    owner: openvpn
    group: openvpn
    mode: '0644'

- name: copy desktop credentials
  become: yes
  copy:
    src: '{{ item.src }}'
    dest: '{{ item.dest }}'
    owner: openvpn
    group: openvpn
    mode: '0600'
  loop:
    - {
        src: 'files/{{ platform }}/openvpn/ca.crt',
        dest: '/etc/openvpn/client/zeus/ca.crt',
      }
    - {
        src: 'files/{{ platform }}/openvpn/desktop.crt',
        dest: '/etc/openvpn/client/zeus/desktop.crt',
      }
    - {
        src: 'files/{{ platform }}/openvpn/desktop.key',
        dest: '/etc/openvpn/client/zeus/desktop.key',
      }
    - {
        src: 'files/{{ platform }}/openvpn/ta.key',
        dest: '/etc/openvpn/client/zeus/ta.key',
      }
  when: platform == "desktop"

- name: copy laptop credentials
  become: yes
  copy:
    src: '{{ item.src }}'
    dest: '{{ item.dest }}'
    owner: openvpn
    group: openvpn
    mode: '0600'
  loop:
    - {
        src: 'files/{{ platform }}/openvpn/ca.crt',
        dest: '/etc/openvpn/client/zeus/ca.crt',
      }
    - {
        src: 'files/{{ platform }}/openvpn/laptop.crt',
        dest: '/etc/openvpn/client/zeus/laptop.crt',
      }
    - {
        src: 'files/{{ platform }}/openvpn/laptop.key',
        dest: '/etc/openvpn/client/zeus/laptop.key',
      }
    - {
        src: 'files/{{ platform }}/openvpn/ta.key',
        dest: '/etc/openvpn/client/zeus/ta.key',
      }
  when: platform == "laptop"

- name: restart vpn
  become: true
  systemd:
    name: openvpn-client@zeus
    state: restarted
    enabled: true