---
- name: Enable nginx service
  service:
    name: nginx
    enabled: yes
    state: started

- name: Prepare directories
  file:
    path: '{{ item }}'
    state: directory
    owner: nginx
    group: nginx
    mode: 0750
  with_items:
    - /var/www/vhosts
    - /var/www/vhosts/default

- name: Add default page
  template:
    src: 'var/www/vhosts/default/index.html.j2'
    dest: '/var/www/vhosts/default/index.html'
    owner: nginx
    group: nginx
    mode: 0750

- name: Update nginx.conf
  template:
    src: 'etc/nginx/nginx.conf.j2'
    dest: '/etc/nginx/nginx.conf'
    owner: root
    group: root
    mode: 0640
  notify:
    - nginx_restart

- name: Update conf.d files
  template:
    src: 'etc/nginx/conf.d/{{ item }}.j2'
    dest: '/etc/nginx/conf.d/{{ item }}'
    owner: root
    group: root
    mode: 0640
  with_items:
    - default.conf
    - header.conf
  notify:
    - nginx_restart

- name: Open ports in iptables
  iptables_raw:
    name: allow_nginx_ports
    state: present
    rules: '-A INPUT -p tcp -m multiport --dports {{ nginx_open_ports|join(",") }} -j ACCEPT'
  tags: iptables