---
- hosts: webserver
  tasks:

  # Create the Container for the new Webserver
  - name: Create Webserver for {{ domain }}
  	lxc_container:
  		name: webserver
  		state: sopped
  		backing_store: overlayfs
  		clone_name: {{ domain }}
  		clone_snapshot: true
  		container_config:
  			- "lxc.mount.entry =/var/lib/nginx.revproxy/rootfs/etc/letsencrypt/archive/{{ domain }} etc/letsencrypt/archive/{{ domain }} none bind 0 0"
  			- "lxc.mount.entry =/var/lib/nginx.revproxy/rootfs/etc/letsencrypt/live/{ domain } etc/letsencrypt/live/{{ domain }} none bind 0 0"

  - name: Set default Nginx
  	template:
  		src: template/80nginx.j2
  		dest: /var/lib/lxc/nginx.revproxy/delta0/etc/nginx/site-available/{{ domain }}.conf

  - name: Setup Letsencrypt for {{ domain }}
  	lxc_container:
  		name: rev.proxy
  		state: started
  		container_command: |
  			ln -s /etc/nginx/site-available/{{ domain }}.conf /etc/nginx/site-enabled/{{ domain }}.conf
  			systemctl reload nginx
  			certbot certonly -d {{ domain }} -d www.{{ domain }}

  - name: Setup secure Nginx with LetsEncrypt
  	template:
  		src: template/443nginx.j2
  		dest: /var/lib/lxc/nginx.revproxy/delta0/etc/nginx/site-available/{{ domain }}.conf

  - name: Restart Reverse.Proxy
  	lxc_container:
  		name: rev.proxy
  		state: started
  		container_command: |
  			systemctl reload nginx