- name: install SSL packages
  apt:
    name:
      - python3-openssl
      - python3-crypto
      - python3-cryptography
      - python-openssl
      - python-crypto
      - python-cryptography
    state: present

- name: create ssl directory
  file:
    path: "/etc/ssl/{{ app_name }}"
    state: directory
    owner: "{{ app_user }}"
    group: "{{ app_user }}"
    mode: 0750

- name: generate an OpenSSL private key with the default values (4096 bits, RSA)
  become_user: "{{ app_user }}"
  openssl_privatekey:
    path: "/etc/ssl/{{ app_name }}/local.pem"

- name: generate an OpenSSL certificate signing request
  become_user: "{{ app_user }}"
  openssl_csr:
    path: "/etc/ssl/{{ app_name }}/local.csr"
    privatekey_path: "/etc/ssl/{{ app_name }}/local.pem"
    common_name: fudiggity.nl

- name: generate a self signed OpenSSL certificate
  become_user: "{{ app_user }}"
  openssl_certificate:
    force: yes
    path: "/etc/ssl/{{ app_name }}/{{ app_name }}.crt"
    privatekey_path: "/etc/ssl/{{ app_name }}/local.pem"
    csr_path: "/etc/ssl/{{ app_name }}/local.csr"
    provider: selfsigned