---
- hosts: all
  gather_facts: false
  tasks:
    - name: Load variables
      include_vars:
        dir: "{{ dokku_lib_root }}/data/ansible/keycloak/vars/"
        extensions:
          - yml

    - name: Set HTTP 80 port proxy
      dokku_ports:
        app: keycloak
        mappings:
          - "http:80:{{ http_port }}"
        state: present

    - name: Setup LE certificates
      shell: dokku letsencrypt keycloak
      args:
        creates: /home/dokku/keycloak/letsencrypt/certs

    - name: Setup LE certificates renew cron job
      shell: dokku letsencrypt:cron-job --add
      args:
        creates: /home/dokku/keycloak/letsencrypt/cron-job

    - name: Specify certificate docker volume mounts
      dokku_storage:
        app: keycloak
        mounts:
          - /home/dokku/keycloak/letsencrypt/certs/current/key.pem:/etc/x509/https/tls.key
          - /home/dokku/keycloak/letsencrypt/certs/current/cert.pem:/etc/x509/https/tls.crt

    - name: Remove automatically configured ports
      dokku_ports:
        app: keycloak
        mappings:
          - "http:{{ http_port }}:{{ http_port }}"
        state: absent

    - name: Set HTTP 443 port
      dokku_ports:
        app: keycloak
        mappings:
          - "https:443:{{ https_port }}"
        state: present