---
- block:
  - name: Create pki folder structure
    file:
      path: "{{ item }}"
      state: directory
      recurse: True
    with_items:
      - /etc/pki/tls/certs
      - /etc/pki/tls/private

  - name: Copy certs and private key (file)
    copy:
      src: "{{ item.0.source }}"
      dest: "{{ item.0.path }}/{{ item.0.name }}"
      mode: "{{ item.0.mode }}"
    with_subelements:
      - "{{ __pve_certificates }}"
      - nodes
    loop_control:
      label: "{{ item.0.path }}/{{ item.0.name }}"
    register: __pve_copy_cert
    when: pve_tls_source_use_files

  - name: Copy certs and private key (content)
    copy:
      content: "{{ item.0.source }}"
      dest: "{{ item.0.path }}/{{ item.0.name }}"
      mode: "{{ item.0.mode }}"
    with_subelements:
      - "{{ __pve_certificates }}"
      - nodes
    loop_control:
      label: "{{ item.0.path }}/{{ item.0.name }}"
    register: __pve_copy_cert
    when: pve_tls_source_use_content

  - debug:
    msg: __pve_copy_cert

  # - name: Copy cert/key to pve filesystem
  #   command: "/bin/cp -rf {{ item.0.path }}/{{ item.0.name }} /etc/pve/nodes/{{ item.1 }}/{{ item.0.name }}"
  #   with_subelements:
  #     - "{{ __pve_certificates }}"
  #     - nodes
  #   when: __pve_copy_cert.changed
  #   changed_when: __pve_copy_cert.changed
  #   notify: __pveproxy_restart
  become: True
  become_user: root