- name: install SSL packages
  apt:
    name: '{{ ssl_packages }}'
    state: present

- name: create ssl directory
  file:
    path: '/etc/ssl/{{ app_name }}'
    state: directory
    owner: '{{ app_user }}'
    group: '{{ app_user }}'
    mode: 0750

- name: generate an OpenSSL private key with the default values (4096 bits, RSA)
  become_user: '{{ app_user }}'
  openssl_privatekey:
    path: '/etc/ssl/{{ app_name }}/local.pem'

- name: generate an OpenSSL certificate signing request
  become_user: '{{ app_user }}'
  openssl_csr:
    path: '/etc/ssl/{{ app_name }}/local.csr'
    privatekey_path: '/etc/ssl/{{ app_name }}/local.pem'
    common_name: fudiggity.nl

- name: generate a self signed OpenSSL certificate
  become_user: '{{ app_user }}'
  openssl_certificate:
    force: true
    path: '/etc/ssl/{{ app_name }}/{{ app_name }}.crt'
    privatekey_path: '/etc/ssl/{{ app_name }}/local.pem'
    csr_path: '/etc/ssl/{{ app_name }}/local.csr'
    provider: selfsigned