---
- block:
    - name: Create tls folder structure
      file:
        path: "{{ item }}"
        state: directory
        owner: "{{ matrix_user }}"
        group: "{{ matrix_group }}"
        recurse: True
      loop:
        - "{{ matrix_tls_dhparam_path | dirname }}"
        - "{{ matrix_tls_cert_path | dirname }}"
        - "{{ matrix_tls_key_path | dirname }}"
  become: True
  become_user: root

- block:
    - name: Copy certs and private key
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
      loop:
        - { src: "{{ matrix_tls_key_source }}", dest: '{{ matrix_tls_key_path }}', mode: '0600' }
        - { src: "{{ matrix_tls_cert_source }}", dest: '{{ matrix_tls_cert_path }}', mode: '0650' }
      loop_control:
        label: "{{ item.dest }}"
      notify: __matrix_restart

    - name: Create Diffie-Hellman Parameter
      openssl_dhparam:
        path: "{{ matrix_tls_dhparam_path }}"
        size: "{{ matrix_tls_dhparam_size }}"
      when: matrix_tls_dhparam_path is defined
      notify: __matrix_restart
  become: True
  become_user: "{{ matrix_user }}"