---

- name: COMMAND | Start ngrok
  ansible.builtin.command: daemonize -l /tmp/ngrok.lock {{ ngrok_path }} http 80 --scheme http
  failed_when: false
  changed_when: ngrok.stderr.find("Can't lock the lock file") == -1
  register: ngrok

- name: WAIT_FOR | ngrok started  # noqa: no-handler
  ansible.builtin.wait_for:
    delay: 2
    port: 4040
  when: ngrok.changed

- name: SHELL | Get ngrok public address
  ansible.builtin.shell: set -o pipefail && curl 'http://127.0.0.1:4040/api/tunnels/command_line' 2> /dev/null | jq -r '.public_url' | cut -d '/' -f 3
  args:
    executable: /bin/bash
  register: ngrok
  changed_when: false

- name: FILE | Create an internal SSL dir
  ansible.builtin.file:
    path: "{{ int_ansible_ssl_dir }}"
    state: directory
    mode: 0750
    owner: root
    group: root

- name: COPY | Deploy test cert/key
  ansible.builtin.copy:
    src: "file/{{ item }}"
    dest: "{{ int_ansible_ssl_dir }}/{{ item }}"
    mode: 0640
    owner: root
    group: root
  loop:
    - 'test.key'
    - 'test.crt'

- name: COPY | Add all hosts in /etc/hosts
  ansible.builtin.copy:
    content: |
      127.0.0.1 localhost
      {% for s in nginx_sites %}
      {% if s.name is string %}
      127.0.0.1 {{ s.name }}
      {% else %}
      127.0.0.1 {% for n in s.name %}{{ n }} {% endfor %}
      {% endif %}
      {% if s.redirect_from is defined %}
      127.0.0.1 {% for rf in s.redirect_from %}{{ rf }} {% endfor %}
      {% endif %}
      {% endfor %}
    dest: "/etc/hosts"
    mode: 0644
    owner: root
    group: root
    unsafe_writes: true