- name: "Rebuild images"
  ansible.builtin.shell: "/usr/local/sbin/update_images {{ vars[vars['inventory_hostname']]['general']['tls_server'] }} do_not_start"
  register: ret
  failed_when: ret.rc != 0

- name: "Stop machine TLS"
  machinectl:
    state: stopped
    machines: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"
  when: vars[vars['inventory_hostname']]['general']['tls_server'] in machines_changed

- name: "Remove TLS files directory"
  file:
    path: "/var/lib/risotto/configurations/{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"
    state: absent
  when: vars[vars['inventory_hostname']]['general']['tls_server'] in machines_changed

- name: "Copy TLS configuration"
  unarchive:
    src: /tmp/new_configurations/machines.tar
    dest: "/var/lib/risotto/configurations/"
    include: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"
    owner: root
    group: root
  when: vars[vars['inventory_hostname']]['general']['tls_server'] in machines_changed

- name: "Start machine TLS"
  machinectl:
    state: started
    machines: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"
  when: vars[vars['inventory_hostname']]['general']['tls_server'] in machines_changed

- name: "Stop machines with new configuration {{ machines_changed }}"
  machinectl:
    state: stopped
    machines: "{{ machines_changed }}"
    tls_machine: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"

- name: "Remove files directory"
  file:
    path: "/var/lib/risotto/configurations/{{ item }}"
    state: absent
  loop: "{{ machines_changed }}"

- name: "Copy configuration"
  unarchive:
    src: /tmp/new_configurations/machines.tar
    dest: /var/lib/risotto/configurations/
    owner: root
    group: root
  when: machines_changed

- name: "Enable machines"
  machinectl:
    state: enabled
    machines: "{{ vars | machineslist(only_name=True) }}"
    tls_machine: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"

- name: "Start machines"
  machinectl:
    state: started
    machines: "{{ vars | machineslist(only_name=True) }}"
    tls_machine: "{{ vars[vars['inventory_hostname']]['general']['tls_server'] }}"

- name: "Remove compressed files directory"
  local_action:
    module: file
    path: /tmp/new_configurations
    state: absent