---
- name: Install Apache2
  apt:
    name: apache2
    state: present
    update_cache: yes

- name: Install Certbot and Apache plugin
  apt:
    name:
      - certbot
      - python3-certbot-apache
    state: present

- name: Ensure site root exists
  file:
    path: "{{ site_root }}"
    state: directory
    owner: www-data
    group: www-data
    mode: '0755'

- name: Create index.html
  template:
    src: index.html.j2
    dest: "{{ site_root }}/index.html"
    owner: www-data
    group: www-data
    mode: '0644'

- name: Create Apache virtual host config
  template:
    src: vhost.conf.j2
    dest: /etc/apache2/sites-available/{{ site_name }}.conf
  notify: Reload Apache

- name: Enable site
  command: a2ensite {{ site_name }}
  notify: Reload Apache

- name: Enable SSL module
  command: a2enmod ssl
  notify: Reload Apache

- name: Ensure Apache is running and enabled
  service:
    name: apache2
    state: started
    enabled: yes

- name: Obtain Let's Encrypt certificate using certbot
  command: >
    certbot --apache -n --agree-tos --redirect
    -d {{ site_name }}
    --email your-email@example.com
  args:
    creates: /etc/letsencrypt/live/{{ site_name }}/fullchain.pem

- import_tasks: php.yml