---
- name: Copy the system service
  ansible.builtin.template:
    src: lego@.service.j2
    dest: /etc/systemd/system/lego@.service
    mode: "0644"
  become: true
- name: Copy the system timer
  ansible.builtin.copy:
    src: lego@.timer
    dest: /etc/systemd/system/lego@.timer
    mode: "0644"
  become: true

- name: Get all lego timers
  ansible.builtin.shell:
    executable: /usr/bin/bash
    cmd: "set -o pipefail && systemctl list-timers 'lego@*' --all --output=json | jq -r '.[].unit'"
  register: systemd_timers_result
  changed_when: false

- name: Generate systemd timer names
  ansible.builtin.set_fact:
    lego_systemd_timers: "{{ lego_host_certificates | list_prefix_suffix('lego@', '.timer') }}"

- name: Disable unused system timers
  ansible.builtin.systemd_service:
    name: "{{ item }}"
    state: stopped
    enabled: false
  loop: "{{ systemd_timers_result.stdout_lines | difference(lego_systemd_timers) }}"
  become: true

- name: Enable the system timers
  ansible.builtin.systemd_service:
    name: "{{ item }}"
    state: started
    enabled: true
    daemon_reload: true
  loop: "{{ lego_systemd_timers }}"
  become: true