- hosts: 
  - "{{ proxy_server_hostname }}"
    #    - "{{ proxy_server_hostname }}"-defaultport
  become: 'yes'
  vars:
    ansible_become_method: doas
  tasks:
    - name: Temporarily disable doas pass prompt as doas persist does not work within scripts
      replace:
        path: /etc/doas.conf
        regexp: 'persist'
        replace: 'nopass'

          # Haproxy is now handled globally again
          #- name: Copy haproxy reverse proxy configuration to proxy 
          #  ansible.builtin.template:
          #    src: "proxy_resources/etc/haproxy/haproxy.cfg"
          #    dest: "/etc/haproxy/haproxy.cfg"
          #    owner: root
          #    group: root
    - name: Enable HAProxy
      ansible.builtin.systemd:
        name: haproxy
        state: started

    - name: Fetch SSL certificates
      become: yes
      synchronize:
        src: /etc/letsencrypt/
        dest: "data/certbot/certs"
        mode: pull
        rsync_path: doas rsync

    - name: Switch back to doas persist 
      replace:
        path: /etc/doas.conf
        regexp: 'nopass'
        replace: 'persist'

    - name: Debug Finish message
      debug:
        msg: Ansible playbook has finished!